Private Policy

The Leadership Summer School (LSS) Privacy PolicyAccordingly to the EU GDPR
‍
Effective Date: February 2026 | Version 1.1 (Purpose-Based Edition)

‍1. Introduction

‍The Leadership Summer School (LSS) Supervisory Board and its organizer, Zero Generation Foundation (Marathonweg 67-2, 1076 TD Amsterdam, The Netherlands), are committed to safeguarding your personal data and ensuring compliance with the European General Data Protection Regulation (GDPR).This policy explains how LSS collects, uses, and protects personal data of participants, trainers, and contributors. It applies to all activities of the LSS program.

‍2. Data Controller and Processor Roles

‍Data Controller: Zero Generation Foundation
Data Processor: Leadership Summer School (LSS) Supervisory Board processes data on behalf of LSS for administrative and organizational purposes under a data processing agreement.

‍3. Purposes of Processing, Data Categories, and Legal Bases

A. Event Application and Selection:
‍Purpose: To manage applications, evaluate eligibility, and communicate with candidates.
Data Processed: Name, email address, phone number, country of residenceCV, educational background, professional information, motivation letter
Legal Basis: Processing necessary to take steps before entering into a contract (Art. 6(1)(b) GDPR)

‍B. Event Participation and Logistics
‍Purpose: To manage participation, accommodation, meals, and other logistics.
Data Processed:Name, gender, dietary preferences or restrictions, T-shirt size, emergency contact details
Legal Basis:Contract performance (Art. 6(1)(b) GDPR)Compliance with health and safety obligations (Art. 6(1)(c) GDPR)

‍C. Communication and Networking
‍Purpose: To facilitate information exchange during and after the event, create digital platforms for collaboration, and maintain an alumni network.
Data Processed:Contact details (email, phone, social media profiles), professional role, affiliation, photographs used for directories (if applicable)
Legal Basis:LSS’s legitimate interest in maintaining and improving its educational and nonprofit network (Art. 6(1)(f) GDPR)

‍D. Documentation and Promotion of LSS Activities
‍Purpose: To document and share LSS events and outcomes via websites, reports, and social media, strictly for educational or informational purposes and never for commercial sale.
Data Processed:Photos, videos, testimonials, quotes voluntarily provided by participants or trainers
Legal Basis:Consent of the data subject (Art. 6(1)(a) and, where applicable, Art. 9(2)(a) GDPR)
Additional Information:You may withdraw consent at any time by contacting LSS, without affecting prior lawful processing.

‍E. Program Evaluation and Improvement
‍Purpose: To assess feedback, course satisfaction, and learning outcomes to develop future LSS editions and ensure quality improvement.
Data Processed:Feedback forms, evaluation surveys, anonymized or pseudonymized participation statistics
Legal Basis:LSS’s legitimate interest in evaluating and enhancing training programs (Art. 6(1)(f) GDPR)

‍F. Administrative Record Keeping and Legal Compliance
‍Purpose: To fulfill obligations under financial, reporting, and regulatory frameworks applicable to nonprofit organizations.
Data Processed:Identification details, attendance confirmations, and documentation required for audits or funding reports
Legal Basis:Compliance with legal obligations (Art. 6(1)(c) GDPR)LSS’s legitimate interest in maintaining records and transparency (Art. 6(1)(f) GDPR)

‍4. Data Retention

‍LSS securely stores personal data only for as long as necessary to achieve each processing purpose. Unless otherwise required by law or funding obligations, data are deleted no later than three years after the event.

‍5. Data Sharing and International Transfers

‍LSS shares data only when necessary for organizational, logistical, or educational purposes.Data may be shared with event partners, trainers, or volunteers under confidentiality and GDPR-compliant agreements.
Digital data are hosted by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, ensuring compliance with EU data transfer standards.
LSS does not sell or disclose data for commercial purposes.

‍6. Data Security

‍LSS applies appropriate technical and organizational security measures—including restricted access, encryption, and procedural safeguards—to protect personal data against unauthorized access, alteration, or disclosure.

‍7. Data Subject Rights

‍All participants, trainers, and contributors have the following rights under Chapter III of the GDPR:Right of access to personal dataRight to rectification of inaccurate dataRight to erasure (“right to be forgotten”) Right to restriction of processingRight to data portability Right to object to processing for legitimate interest purposes Right to withdraw consent at any timeRight to lodge a complaint with a supervisory authorityRequests to exercise these rights can be sent to the contact below.

‍8. Data Breach Notification

‍LSS maintains clear procedures to identify, assess, and mitigate any potential personal data breaches. Affected individuals and the relevant authorities will be notified in accordance with Articles 33 and 34 GDPR.

‍9. Contact Information

‍LSS Supervisory Board – Data Protection Contact gdpr@leadershipsummerschool.org If you wish to lodge a complaint, you may also contact your national data protection authority or the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):
https://autoriteitpersoonsgegevens.nl/en

‍10. Policy Updates

‍This Privacy Policy may be updated periodically to reflect changes in law or LSS operations. Significant updates will be communicated via email. Participants are encouraged to review this document regularly for the latest version.

GET IN TOUCH

FACEBOOKLINKEDINInstagramE-Mail

LEGAL

Data privacyIMPRESSUM

The project is coordinated by Zero Generation partnering with several international youth organisations.