Privacy Policy

Effective date: June 10, 2019

Fishyleaks and Our Fish are initiatives of Funding Fish, a registered charity in England and Wales, charity no 1163785,

Our Fish, (“us”, “we”, or “our”) operates the https://www.fishyleaks.eu/ and https://report.fishyleaks.eu/ websites (the “Service”) – the first is to provide information about Fishyleaks, the second hosts the confidential and/or anonymous messaging system.

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy.

Definitions

  • Service Service is the https://fishyleaks.eu/ and https://report.fishyleaks.eu/ websites,  operated by Our Fish
  • Personal Data Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
  • Usage Data Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
  • Cookies Cookies are small pieces of data stored on your device (computer or mobile device).
  • Data Controller Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed.For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.
  • Data Processors (or Service Providers) Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller.We may use the services of various Service Providers in order to process your data more effectively.
  • Data Subject (or User)Data Subject is any living individual who is using our Service and is the subject of Personal Data.

Information Collection and Use

We collect several different types of information for various purposes to provide and improve our Service to you, unless you choose to remain anonymous

Types of Data Collected

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:

  • Email address

If you wish to send an anonymous report to the Service we will not collect your email address. We also advise that for maximum security, you should use the Tor Browser Bundle https://www.torproject.org/download/. If you choose to not use Tor, your anonymity cannot be ensured.

To further improve your security, we recommend follow the instructions below:

1) In case you want to remain anonymous, do not send any personal data (such as your name or the type of relationship you have with the organisation you are reporting on or any information that, if intercepted, could be used to track you down).

2) Please do not send any data from a computer or network provided by your employer, client or organisation that could trace your activities. Making your report via such a network could jeopardize your anonymity.

 

Usage Data

The Service does not collect the IP address or user agent of any user of the https://fishyleaks.eu/ and https://report.fishyleaks.eu/ website.

We do not collect information on browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other diagnostic data.

Tracking & Cookies Data

https://fishyleaks.eu/ and https://report.fishyleaks.eu/  do not use any form of cookie.

 

Use of Data

Our Fish uses the data provided by users confidentially and or anonymously to investigate reports of  illegal or unethical activities within EU fisheries.

 

We do not collect data for any other purpose.

Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)

If you are from the European Economic Area (EEA), Our Fish’s legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

Our Fish may process your Personal Data because:

  • We need to perform a contract with you
  • You have given us permission to do so
  • The processing is in our legitimate interests and it’s not overridden by your rights
  • To comply with the law

Retention of Data

Any data collected during submissions made to the Service expire automatically within 18.

months.

 

Any data collected on the Service, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

The Service is hosted in Europe (Ireland for https://fishyleaks.eu/ and Netherlands for https://report.fishyleaks.eu/). If you choose to provide information to us, please note that we transfer the data, including Personal Data, to Ireland, where the Our Fish website is hosted, and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Our Fish will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Disclosure of Data

Disclosure for Law Enforcement

Under certain circumstances, Our Fish may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). We try to minimize any collection of data outside the content of the reports submitted to the Service in order to be able to comply with the law and minimize any risk for our sources.

Legal Requirements

If you have reported to Fishyleaks anonymously, we do not possess your Personal Data. If you have reported confidentially, by sharing your Personal Data, then Our Fish may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of Our Fish
  • To prevent or investigate possible wrongdoing in connection with the Service
  • To protect the personal safety of users of the Service or the public
  • To protect against legal liability

 

Security of Data

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. Our Fish aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have about you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where Our Fish relied on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

Service Providers

The Service uses a third party Service Provider – GlobaLeaks – to provide the reporting service at https://report.fishyleaks.eu/ on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Data, only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

 

Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Children’s Privacy

Our Service does not address anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us: