Last updated: June 9th, 2025

1. Responsible Party

The responsible parties for the data processing on this website within the meaning of the General Data Protection Regulation (GDPR) are:

SINE Foundation
Tempelhofer Ufer 23-24
10963 Berlin
Germany
Email: team@ileap.global

2. Types of Data Processed

We process the following categories of personal data:

Usage Data

  • Information about your use of our website (pages visited, time of access, frequency of use)
  • Technical information about your device and browser
  • IP address and location data
  • Referrer URL (website from which you accessed our site)

Communication Data

  • Contact information provided when you reach out to us
  • Content of your communications with us
  • Information provided when joining the iLEAP community
  • Feedback and contributions to our technical specifications

Analytics Data (Plausible)

  • Referrer (source website)
  • Visited pages and time spent
  • Device type, operating system, and browser
  • Country-level location data
  • Visit duration and frequency

3. Purposes and Legal Basis for Processing

We process your personal data for the following purposes and based on the following legal grounds:

Providing Our Online Services

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

We process your data to provide and maintain our website and its functionality.

Communication and Support

Legal basis: Art. 6 para. 1 lit. b GDPR (performance of contract) or Art. 6 para. 1 lit. f GDPR (legitimate interest)

We process your data to respond to your inquiries and provide support for iLEAP community participation.

Security Measures

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

We process data to protect our website against abuse, unauthorized access, and security threats.

Analytics and Improvement

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

We analyze usage patterns to improve our website and services.

4. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data transmission using SSL/TLS technology
  • Regular security updates and monitoring
  • Access controls and authentication procedures
  • Regular backup and recovery procedures
  • Staff training on data protection requirements

However, please note that no method of transmission over the internet or electronic storage is 100% secure.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your data in the following circumstances:

Service Providers

We may share data with trusted service providers who assist us in operating our website and services, subject to appropriate data processing agreements and security measures.

Legal Requirements

We may disclose your data if required by law, court order, or to protect our rights and the rights of others.

Partner Organizations

We may share data with partner organizations involved in the iLEAP project for coordination purposes, subject to appropriate data protection agreements.

Community Participation

With your consent, we may publicly list you as an iLEAP community member or publish your contributions to technical specifications.

6. Data Retention

We retain your personal data only as long as necessary for the purposes for which it was collected or as required by law. Specific retention periods:

  • Analytics data (Plausible): Aggregated data retained for 26 months
  • Community membership data: Retained while you remain an active member
  • Email communications: Retained for 3 years for legitimate business purposes
  • Technical contributions: May be retained indefinitely as part of open standards development
  • Website usage data: Technical data retained for security and performance purposes

7. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

Right of Access (Art. 15 GDPR)

You have the right to request confirmation whether we process your personal data and to receive information about such processing.

Right to Rectification (Art. 16 GDPR)

You have the right to request correction of inaccurate personal data.

Right to Erasure (Art. 17 GDPR)

You have the right to request deletion of your personal data under certain circumstances.

Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request restriction of processing under certain conditions.

Right to Data Portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used format.

Right to Object (Art. 21 GDPR)

You have the right to object to processing based on legitimate interests.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw consent at any time.

How to exercise your rights: Contact us at team@ileap.global. We will respond within one month of receiving your request.

8. Hosting and Technical Infrastructure

Our website is hosted by external service providers. These providers process data on our behalf under appropriate data processing agreements. Technical data is processed for the provision and security of our website.

9. Website Analytics (Plausible.io)

We use Plausible.io, a privacy-friendly analytics service, to understand how our website is used and improve our services. Plausible is designed to be GDPR-compliant and respects user privacy.

Data Collected by Plausible

  • Page views: Which pages you visit and how long you spend on them
  • Referrer information: The website or source that brought you to our site
  • Device information: General device type, operating system, and browser (not device-specific)
  • Location: Country-level location only (not precise location)
  • Visit patterns: Duration and frequency of visits

Privacy Features of Plausible

  • No cookies: Plausible does not use cookies or store data on your device
  • No personal data: No personally identifiable information is collected
  • No cross-site tracking: Your activity is not tracked across different websites
  • EU hosting: All data is stored on servers within the European Union
  • No data sharing: Analytics data is not shared with third parties or used for advertising

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest) - We have a legitimate interest in understanding how our website is used to improve our services while respecting your privacy.

Opt-out: You can view our live analytics dashboard at any time to see what data is collected. If you prefer not to be included in our analytics, you can disable JavaScript in your browser or use browser extensions that block analytics scripts.

10. International Data Transfers

As iLEAP operates internationally, your personal data may be transferred to countries outside the European Economic Area (EEA). We ensure adequate protection through:

  • Adequacy decisions by the European Commission
  • Standard contractual clauses approved by the European Commission
  • Appropriate safeguards as required by the GDPR

11. Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected such data, we will delete it promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Updating the "Last updated" date
  • Providing notice through email or website notification for significant changes

Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

13. Right to Lodge a Complaint

If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with a supervisory authority, particularly in the EU member state where you reside, work, or where the alleged violation occurred.