Privacy Policy

Controller (Art. 4(7) GDPR): Global Authentic Memory Initiative (GAMI), c/o Pablo Toussaint, Wendelsteinstr. 3, 81541 Munich, Germany. Contact: p.toussaint@authenticmemory.org

Contact person for privacy matters: Pablo Toussaint

Hosting & Processing: This site is hosted on Netlify. We use Netlify Functions and Netlify Forms to handle message delivery from the contact form. Netlify, Inc. may process data on servers outside the EU (including the USA). Transfers rely on EU Standard Contractual Clauses. See Netlify’s privacy information: netlify.com/privacy and netlify.com/gdpr-ccpa.

Data We Process: When you use the contact form, we process the fields you provide (role, email, message) and the consent checkbox. Technical metadata (e.g., IP address, user agent, timestamps) may be processed by our hosting provider to deliver and secure the site.

Purpose & Legal Bases (Art. 6 GDPR): Responding to inquiries and operating a secure website (Art. 6(1)(b) and/or (f)); where required, based on your consent (Art. 6(1)(a)).

Retention: We retain contact submissions only as long as necessary to handle your inquiry and in line with statutory retention duties, after which they are deleted.

Cookies/Tracking: We do not use marketing or analytics cookies. Only essential, functional cookies may be used to operate the site and form submission.

Your Rights: You have the rights of access, rectification, erasure, restriction, portability, and to object (Arts. 15–21 GDPR). Where processing is based on consent, you may withdraw consent at any time with effect for the future. You also have the right to lodge a complaint with your competent supervisory authority.

Sensitive Content Compatibility: We do not store your files; only non‑reversible cryptographic fingerprints and signed metadata may be stored for authenticity purposes. Files cannot be reconstructed from these fingerprints.