Privacy Policy – Petition

1. What information do we collect?

When you sign the petition, we collect:

• Name
• Email address
• Any comment or message you provide
• Timestamp of signature
• IP address (for security and verification)

2. Purpose and legal basis

We process your personal data solely based on your consent according to Article 6.1(a) of GDPR to:

• Display your name and any comments on the website
• Send updates about the petition’s progress
• Verify that signatures are genuine
• Preserve petition data for as long as you allow

3. Retention periods

Your data is stored as long as you do not withdraw your consent. You may request complete deletion of all your data at any time.

When the petition reaches its goal or is concluded, we will contact all signatories to ask if they want their data preserved for historical documentation or deleted.

4. Where is the data stored?

Data is stored on secure servers within the EU/EEA via Google Cloud Platform (data centers within the EU). No transfer occurs outside the EU/EEA.

5. Security

• Encryption for all data transmission
• Regular security backups
• Limited access only for authorized personnel

6. Data sharing

Public display: Names and comments are displayed publicly on the website.

Third parties: We never sell your data. Sharing occurs only with:

• Authorities upon legal request
• Technical providers with data processing agreements

7. Your rights under GDPR

You have full right to:

• ✅ Access your data
• ✅ Correct incorrect data
• ✅ Have all your data deleted
• ✅ Restrict processing
• ✅ Data portability
• ✅ Withdraw consent at any time

Contact: [email protected] - Response within 30 days.

8. Complaints

Swedish Authority for Privacy Protection (IMY) - www.imy.se

9. Changes

Latest version: www.gad-petition.com/en/privacy