Privacy policy

1. Controller

The project management is responsible for processing personal data in connection with this website and the European Fruit Dove Project:

2. General principles

We process personal data only where this is necessary to operate the website, handle enquiries, administer project membership and conduct project activities. The relevant legal bases include Article 6(1)(a) GDPR (consent), Article 6(1)(b) GDPR (pre-contractual and contractual measures), Article 6(1)(c) GDPR (legal obligations) and Article 6(1)(f) GDPR (legitimate interests in secure and functional project operations).

3. Hosting, server logs and technical security

The website is hosted by ALL-INKL.COM. The technical service provider is Neue Medien Münnich GmbH, Hauptstraße 68, 02742 Friedersdorf, Germany. When the website is accessed, technically necessary server logs may be processed, including the IP address, date and time, requested address, amount of data transferred, referrer, browser and operating system. This processing serves secure delivery, error analysis and the prevention of abusive access.

Cloudflare may be used to protect and accelerate delivery of the website. Connection and log data may be processed through Cloudflare’s network. The legal basis is our legitimate interest in security, resilience and stable delivery under Article 6(1)(f) GDPR. Where required, data processing agreements and appropriate safeguards for international data transfers are in place.

4. Contact and membership applications

When you contact us or submit a membership application, we process the information you provide. This may include first and last name, email address, telephone and mobile numbers, postal address, town, country, organisation or zoo, association membership, information about bird keeping, species held, experience and your message. The data is used to review the application, ask follow-up questions, prepare a membership decision and, where appropriate, create a user account.

The legal bases are Article 6(1)(b) GDPR for pre-contractual measures and Article 6(1)(a) GDPR where you have expressly consented. Applications that are not accepted are deleted once they are no longer required for review and documentation and no statutory retention duty applies.

5. User account and protected members area

For approved members, access credentials and a user profile are processed. This includes, in particular, name, email address, username, encrypted password, membership status, project role, specialist functions, contact and address details, profile image, organisation and technical login and security information. This data is used for authentication, rights management, internal communication and administration of project membership.

Internal contact details are accessible only to appropriately authorised members and project officers. They are displayed publicly only where a separate approval or another legal basis exists.

6. Stock and breeding data

Members may report stock and breeding data as part of project activities. This can include species kept, numbers and sex of animals, changes in stock, offspring, reporting year, origin and breeding information, notes, visibility settings and assignment to the reporting member. The data supports stock overviews, breeding planning, genetic diversity, breeding statistics and specialist coordination within the project.

Stock and breeding data is generally processed in the protected project area. Publication or disclosure takes place only in accordance with the selected visibility, consent, a project-related agreement or another valid legal basis. Personal attribution is limited to what is necessary.

7. Breeding facility data

Facility profiles may contain information about the operator, region, type and structure of the facility, indoor and outdoor aviaries, shelters, planting, equipment, husbandry experience, photographs and image descriptions. Drafts and internal information initially remain in the protected area. Public publication takes place only after review and approval.

Private addresses, telephone numbers and other contact details are not automatically shown in a public facility profile. Only information expressly intended and approved for publication is displayed publicly.

8. Messages, groups, downloads and project contributions

When messages, groups, downloads or internal project contributions are used, we process sender, recipient, subject, message text, timestamps, attachments, group memberships, read status and technical assignments. This processing supports internal project communication and cooperation. Content may be viewed only by authorised persons.

9. Email delivery

System and notification emails are sent through the website’s technical mail infrastructure or a configured SMTP service. Recipient and sender addresses, subject, content and technical delivery data are processed. This processing is necessary to deliver enquiries, approvals, password resets and internal notifications.

10. Cookies and local storage

WordPress and the members area use technically necessary cookies, particularly for login, session management, security and storage of the selected language. Non-essential cookies or external tracking services are used only where valid consent has been obtained. You can delete or restrict cookies in your browser settings; this may affect necessary functions.

11. Backups, restoration and deletion periods

Regular backups are created to safeguard project operations. They may also contain personal data and are used exclusively for restoration, error analysis and system security. Data is deleted or anonymised once the processing purpose no longer applies and there are no statutory, contractual or legitimate grounds for retention. Backup copies are overwritten or deleted according to the defined backup cycles.

12. Recipients and processors

Data is received only by persons and service providers who need it for the stated purposes. This may include project management, authorised members, technical administrators and hosting, security, backup and email service providers. Where service providers process data on our behalf, the statutory requirements for commissioned processing and data security are observed.

13. Your rights

• Access to personal data processed about you
• Rectification of inaccurate or incomplete data
• Erasure or restriction of processing where the legal requirements are met
• Data portability where the legal requirements are met
• Objection to processing based on legitimate interests
• Withdrawal of consent with effect for the future
• Complaint to a competent data protection supervisory authority

To exercise your rights, please contact the controller named above.

14. Version and changes

Version: June 2026. This privacy policy will be updated if functions, services used or legal requirements change.