PRIVACY POLICY

Last updated: May 2026

We treat your data with the same seriousness we ask of the courts: minimal collection, no surveillance, no sharing.

This site supports a legal-defence campaign for activists criminalised under terrorism charges. We understand that anyone signing or contacting us may face risks from state and non-state actors. We have built this site to collect as little information as possible and to never use that information against the people who trust us with it.

Who we are

CzechElbit10 is an informal solidarity campaign. You can reach us at info@czechelbit10.org (PGP key available on the contact page).

What we collect

When you sign the statement, we collect only what you give us:

  • Your name or organisation name (or "Anonymous" if you choose)
  • Your country
  • An optional organisational affiliation
  • An optional message of solidarity
  • Your email address (kept private — see below)

When you visit the site, your browser sends an IP address to our hosting provider as part of normal web traffic. We do not log, store, or analyse this beyond what is required to serve the page.

What we publish

Your name (or "Anonymous"), country, organisation, and message may be published on this site as part of the public list of signatories. Your email address is never published, never sold, never shared. We use it only to confirm your signature is genuine and, if necessary, to contact you about the campaign.

No tracking, no analytics, no cookies

This site uses no analytics, no advertising, no tracking pixels, and no third-party cookies. Fonts are self-hosted so no third party (including Google) sees your visit. The donation button links out to Donorbox, which has its own privacy policy — we receive no personal data about donors from them.

Legal basis (GDPR)

Under the GDPR, we process your signature data on the basis of your explicit consent, given via the checkbox on the sign form. We process contact-form correspondence on the basis of legitimate interest in responding to people who write to us.

How long we keep it

Signatures are retained for as long as the campaign is active. If the case concludes and the campaign closes, signatures may be preserved as part of the historical record. You can ask us to delete your signature at any time.

Your rights

Under the GDPR, you have the right to:

  • Access the data we hold about you
  • Correct it
  • Delete it (right to erasure) — including removing your name from the public signatory list
  • Withdraw consent at any time
  • Lodge a complaint with a data protection authority

To exercise any of these rights, email info@czechelbit10.org. For sensitive requests, please use our PGP key.

Security & threat model

We recognise that signing a statement of solidarity with people charged under terrorism laws is not a neutral act. We encourage anyone with concerns about their safety to sign anonymously, to use a non-identifying email address, and to consider whether public signatures are appropriate for their context. If you are in a jurisdiction where this campaign could expose you to risk, please prioritise your safety over visibility.

We will resist any legal or extralegal demand to disclose signatory data to the extent we are able. We cannot promise immunity from court orders in jurisdictions where data is stored, which is why we collect as little as possible.

Changes

If we change this policy, we will update the date at the top and, for material changes affecting existing signatories, attempt to notify by email.