Privacy Policy






Privacy Policy

ReclaimYourFace.eu is a website for the ReclaimYourFace campaign, run by European Digital Rights (EDRi).

This privacy policy concerns the processing of data of ECI (European Citizens’ Initiative) signatories and campaign supporters. As the ECI has come to an end on 1st August 2022, no more data are collected on this website for the purpose of the ECI. This policy remains available for information to those who have signed the initiative and/or who supported the campaign and registered to stay informed about EDRi’s campaigns. Any other collection of data of website visitors is explained in our general privacy policy.

Which data do we collect?

Your full first and last names, country of residence and date of signature. Depending on the signatory’s nationality, we also collected a combination of the following data: residence (street, number, postal code, city, country), date of birth, national identity document type and national identity document number.

For those who wished to stay informed about campaigns, actions and Reclaim Your Face progress (campaign supporters): your first name and email address.

Optionally, you could also provide your last name, country, and a statement of support.

Who is the data controller?

ECI signatories submitted via the online form: The Head of Policy at EDRi.

ECI signatories submitted on paper: The Head of Policy at EDRi.

Campaign supporters: The organisation you provide your consent to keep you updated (either EDRi or a third organisation or both).


Why do we process your data?

We processed your signatory data in order to operate our webserver and keep it secure (legitimate interest), and with the purpose to submit the signatures to the European Commission (legal obligation). As the ECI did not reach the required number of signatories no data have been sent to the European Commission.

Since the end of the ECI, all signatory data submitted online and on paper have been permanently deleted.

We process your email address to keep you updated on the ECI progress and other campaigns and actions (based on your consent).

How long and where do we keep your data?

  • For ECI signatories, whether online or on paper, we kept your statements of support for 21 months after the beginning of the collection period, encrypted in FTSQ secure servers in Germany (for online signatures); held in a locked cabinet in the EDRi office (for signatures submitted on paper in Belgium); or held securely on Spectre Operations servers in the Netherlands (for signatures submitted on paper outside of Belgium or as a PDF attachment to an email from the signatory). The statements of supports have been permanently deleted.
  • For those willing to stay informed about the ECI progress and other campaigns and actions: emails are kept as long as you don’t oppose receiving our newsletters, in secure servers provided by Spectre Operations. Supporters of EDRi may withdraw their consent to be contacted further by EDRi at any time by emailing info@reclaimyourface.eu or by self-managing their newsletter settings as per EDRi’s newsletter policy by unsubscribing from the Campaign mailing list.

What are your rights?

Access your data and request a copy 

Correct your data if they are wrong

Request to erase your data

Request to limit your data’s processing

Receive your data, in a structured, widely used and readable form and transmit it to another processor 

Withdraw your consent, if you have provided it for the purpose of the newsletter

How can you exercise your rights?

We are governed by the Belgian data protection authority. You may exercise your rights anytime by contacting the ECI’s Data Protection Officer at info@reclaimyourface.eu. We will respond within 30 days.

If the European Commission acts as joint data controller, you may exercise your rights by contacting the Commission.

If you have provided a third organization with your consent to stay informed on the ECI, you may exercise your rights by contacting this organisation as indicated in its Privacy Policy.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge at any time a complaint with the European Data Protection Supervisor or with a data protection authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that your data is unlawfully processed.


For more information on ECI signatories’ data, please check the Privacy Statement as per Regulation EU/2019/788 Annex III

In accordance with Regulation (EU) 2016/679 (the General Data Protection Regulation), your personal data provided on this form will only be used for the support of the initiative and made available to the competent national authorities for the purpose of verification and certification. You are entitled to request from the group of organisers of this initiative access to, rectification of, erasure and restriction of processing of your personal data.

Your data will be stored by the group of organisers for a maximum retention period of one month after the submission of the initiative to the European Commission or 21 months after the beginning of the collection period, whichever is the earlier. It might be retained beyond these time limits in the case of administrative or legal proceedings, for a maximum of one month after the date of conclusion of these proceedings.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge at any time a complaint with a data protection authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that your data is unlawfully processed.

The representative of the group of organisers of the initiative or, where appropriate, the legal entity created by it, is the controller within the meaning of the General Data Protection Regulation and can be contacted using the details provided on this form.

The contact details of the data protection officer (if any) are available at the web address of this initiative in the European Commission’s register, as provided in point 4 of this form.

The contact details of the national authority which will receive and process your personal data and the contact details of the national data protection authorities can be consulted at: http://ec.europa.eu/citizens-initiative/public/data-protection.


Changes to this policy

In the event that this policy is changed at any time, the date and nature of the change will be clearly indicated in this document. In the event that the change has a material impact on the handling of your personal information, we will contact you to seek your consent.

[Updated on 02 July 2021. These updates have solely introduced new information for signatories who choose to sign the ECI on paper after this date. This has no material impact on anyone who has signed the ECI before this date, which was conducted exclusively via the online form.]

[Updated again on 18 November 2021. These updates have been designed to clarify certain phrases that could have potentially been ambiguous to ensure even more clarity for website visitors and campaign supporters. This has no material impact on anyone who has signed the ECI or visited the website.]

[Updated again on 17 January 2023. The amendments have been designed to update the policy now that the ECI has ended. This has no material impact on anyone who has signed the ECI or visited the website. Latest update 25 April 2023.]