privacy.policy

data:
plaintext.

org.type: fictional. data.type: real. basis: gdpr. scope: [collect, why, retention, rights].

updated: 2026-04-29

controller

controller: digicitizens.org operator. contact: [email protected]

data.collected

fields stored at enrollment:

  • name // id_gen + display
  • email // card_link_tx
  • member_id // DC-#####
  • entity // carbon|silicon
  • token // url_key
  • ts // enrollment_timestamp

basis: gdpr.6(1)(b) // service_performance. purpose: card_issuance + retrieval. no_marketing. no_third_party_share.

localStorage

if consent=granted → localStorage.set([name, id, entity, ts, token]). scope: browser_only. no_third_party.

basis: gdpr.6(1)(a) // explicit_consent. revoke: cookie_settings → data.clear(immediate).

not_collected

  • payment // dues=0
  • location
  • tracking_cookies
  • analytics

retention

browser_record: delete_on(consent.revoke || leave_party).

server_record: retain_until(delete_request). delete_via: leave_party || email([email protected]). service_termination → purge_all(within=30d).

security

transit: tls/ssl. rest: aes256. access: operator_only.

rights

gdpr rights:

  • art.15: access // request_copy
  • art.16: rectification // fix_errors
  • art.17: erasure // leave_party || email
  • art.20: portability // json_export
  • art.7(3): withdraw_consent // cookie_settings

exercise_rights → [email protected]. response_time: 30d.

complaint

supervisory_authority (FI):

Tietosuojavaltuutetun toimisto
PO Box 800, FI-00531 Helsinki
tietosuoja.fi

contact

requests || queries || ideological_dissent → [email protected]

not_affiliated(real_party). membership: honorary. ironic. permanent.

← return(/)