Privacy policy (GDPR)

Version as of

1. Who we are

This website (the “Site”) provides information, resources and a space to share testimonies about organized harassment. We process a limited set of personal data to operate the Site and provide its features.

Data controller: HarcelementRéseau / Organized Harassment. Contact: [email protected].

2. Data we process

  • Testimonies: free‑text you submit (required), optional display name/pseudonym, optional city/country, optional contact field (email or social link), and creation date.
  • Technical data: IP address and basic logs collected by our hosting providers (for security/anti‑abuse, availability, diagnostics).
  • Donations: if you donate via a third‑party provider (e.g., Buy Me a Coffee / PayPal), payment data is handled directly by that provider. We do not receive your full card details. We may receive limited metadata (amount, time) for transparency.

Storage: Testimonies are stored in our database (MongoDB Atlas). Providers may store logs in their own infrastructure. Exact storage regions depend on our deployment configuration.

3. Purposes of processing

  • Publish and display submitted testimonies on the Site.
  • Moderate content to keep the platform safe and lawful.
  • Prevent abuse, ensure availability and secure the infrastructure.
  • Provide transparency on donations and support tool development.

5. Data retention

  • Testimonies: kept while published and as needed for moderation/audit; removal on justified request.
  • Logs: short‑term retention by hosting/security providers for diagnostics and abuse prevention.
  • Donations: records retained as required by accounting and tax rules.

6. Your rights

Where applicable (e.g., EEA/UK), you may have rights of access, rectification, erasure, restriction, objection and data portability. To exercise your rights, contact us at [email protected]. You may also lodge a complaint with a supervisory authority (in France: CNIL).

7. Cookies & third‑party services

We aim to keep cookies to a minimum. Some third‑party services (e.g., payment providers) may set their own cookies when you interact with them. For details, see our Cookie policy.

8. Security

We implement reasonable technical and organizational measures (TLS, access controls, least privilege, basic monitoring). No internet service can be 100% secure.

9. Children

The Site is intended for adults. If content attributed to a minor is published, we may remove it on request. Contact [email protected].

10. Changes to this policy

We may update this policy from time to time. We will indicate the revision date above and, where changes are material, provide a clear notice on the Site.

11. Contact

Questions about this policy or your data? Contact us at [email protected].