Privacy Policy & Cookies

The Peace and Conflict Science (PACS) Institute is an independent expert organization dedicated to harmonizing and fortifying global peace efforts. Our goal is to contribute to a world where all people coexist in harmony with liberty, equality, and justice. Protecting privacy and personal data is of utmost importance for us. The nature of our work requires that we deal with a fair amount of personal data from various individuals and this Privacy Policy details our commitment to protecting individuals’ privacy in accordance with the General Data Protection Regulation (GDPR).

We keep our privacy policy under regular review.

1.     Identity and contact details of the controller

This Privacy Policy applies to data processing by:

The PACS Institute
Junohällsvägen 9, 11264, Stockholm, Sweden
pacs.institute@pm.me
+46 (0)73 832 06 23

(hereinafter “We”)

2. Collection and storage of personal data and the type and purpose of their use

2.1    Website

When you visit our website, information is automatically sent by the browser used on your end device to our website servers. The during this process without any action on your part and stored until it is automatically deleted in accordance with applicable data protection regulations:

  • IP address of the requesting computer,

  • Date and time of access,

  • Name and URL of the requested file,

  • Website from which access is obtained (Referrer URL),

  • Browser used and, where applicable, your computer’s operating system and the identity of your access provider.

The specified data are processed by us for the following purposes:

  • Ensuring that the website can establish a connection smoothly,

  • ensuring that our website is easy to use,

  • analysis of system security and stability, as well as

  • for additional administrative purposes.

The legal basis for the data processing is Article 6 (1) (f) of the General Data Protection Regulation (GDPR). Our legitimate interest is based on the data collection purposes listed above to improve the website experience and understand how the website is used by the public. Our interest overrides your possible interest to protect your personal integrity. We do not on any account use the data collected for the purpose of identifying you. The provision of this data is not required by law or contract or to enter into a contract. You are not obliged to provide the personal data. It is, however, difficult or impossible to access the website if the data are not provided.

The data is stored for a period ranging from several hours up to 26 months with an internet service provider subject to a data processing agreement in accordance with Article 28 of the GDPR.

2.2     Newsletter

It is possible to subscribe to a free newsletter on our website, which contains information about the work of The PACS Institute. When you sign up for the newsletter, the data from the input mask will be transmitted to us. In this case, the date and time of registration for the newsletter and the IP address used are also stored. As part of the confirmation of the newsletter registration, the date and time at which you click on the confirmation link for the newsletter registration as well as the IP address used will also be saved.

We use an external newsletter service provider who is subject to a data processing agreement. Your personal data may be processed both within and outside of the EU/EEA depending on what a specific case requires. We will take necessary measures to ensure that the transfer takes place legally and information remains protected by the recipients outside the EU/EEA. The provider uses the EU commissions Standard Clauses in accordance with Art. 28 para 7 GDPR.

When you subscribe to our newsletter we process the following personal data about you: name and contact details, until permission is revoked.

The legal basis for processing the data when registering directly for the newsletter is your consent – Art. 6 para. 1 (a) GDPR: Consent: the individual has given clear consent for you to process their personal data for a specific purpose.

The purpose of storing the e-mail address is the possibility of electronic contact for advertising purposes. The date and IP address of the registration as well as the confirmation of the registration will be recorded in order to document the consent to the newsletter shipment and to prevent misuse.

As far as you have expressly consented to the receipt of the newsletter, we will only delete or block the e-mail address for the advertising mailing, if you revoke your consent. The data confirming the order of the newsletter will be stored for the same amount of time.

You can object to the receipt of the newsletter by clicking on a link provided there with effect for the future. You may also opt-out of advertising for future use by emailing pacs.institute@pm.me.

2.3     Events

As part of our work, we organise various public and private events, such lectures, webinars, and other programmes.

The information we collect from a registration form depends on the event. We collect name, contact details, and preferences for food, if necessary. We only collect information necessary to fulfil our obligations to you, and to ensure proper identification. All information is collected from you upon registration. In the case of repeated events, we may store your information to be able to invite you again. The information is store for 3 years. You may opt-out from future invitations at any time by informing us by email to pacs.institute@pm.me We do not collect personal information from third parties. For registration to some of our events, we use an external event service provider, which is subject to a data processing agreement.

We collect and process personal information for the purposes described in this Privacy Policy with a legal basis in Art. 6 para. 1 (f) GDPR: Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party.

  • Communication in connection with an event;

  • Ensuring proper identification at the event;

  • (only if needed) Making sure dietary preferences or similar requirements can be met;

  • Quality assurance and development of future events; and

  • Archiving for research purposes.

We also use photography, video and audio recording to publicly promote events and to share events remotely with those who are unable to attend in person. This material is also used in our communication efforts and to provide an archive of the events.

2.4   Donations

The Foundation finances its work to a larger degree from private donations. Donations can among others be processed directly through the website. We use external service providers for our online donation portal and for the payment gateway and processor, to process and maintain our online donations. Your personal data may be processed both within and outside of the EU/EEA depending on what a specific case requires. We will take necessary measures to ensure that the transfer takes place legally and information remains protected by the recipients outside the EU/EEA. All providers are subject to a data processing agreement using the EU commissions Standard Clauses in accordance with Art. 28 para 7 GDPR. 

In the case of online donations we process only the information you provide to us, name and address to communicate with you in relation to the donation. The amount of donation is stored to be able to fulfil our legal reporting obligations to the Swedish authorities.

We collect and process personal information to communicate with donors and potential donors about events, developments with the Foundation, news about Laureates, and opportunities to support the Foundation. Donor and potential donor information is securely stored in our CRM database. This information is not publicly available and is password protected. Only relevant information to conduct business and develop professional relationships with current and potential donors is stored. The stored information is reviewed regularly.

The legal basis for processing such data follows Art. 6 para. 1 (c) and (f) GDPR, as it is both our legal obligation to report about donations, and our legitimate interest to be able to fundraise in order to be able to fulfil the statutory purposes of the Foundation. We store the personal data for a period of 3 years.

3. Individuals and Groups

In addition to groups and individuals mentioned in the sections above, the Institute regularly interacts with the following groups and individuals apart of these groups to fulfill its statutory purposes:

3.1     Members of the Board, Advisory Council

Board and advisory council agree to support and serve the Institute in one or more of these capacities. We collect and process the following personal information name, contact details, professional title and position to communicate with these members about internal meetings and events, external events, developments with the Institute, news, and opportunities to support the Institute. We also store their information to fulfil our reporting obligations to the Swedish authorities. The personal information is securely stored in our CRM database for 5 years and is reviewed regularly for relevance.

The legal basis for this information is Art. 6 para. 1 (c) and (f) of GDPR: (c) Legal obligation: the processing is necessary for you to comply with the law and (f) Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party.

3.2     Volunteers

Volunteers sign agreements with the Institute. These agreements and any personal data associated with their employment is stored securely and access is limited to only relevant Human Resources staff members or supervisors when necessary. The Institute uses the information to fulfil its legal obligation to the Swedish authorities. Limited personal details for former volunteers are maintained as a part of the Institute’s broader network to communicate event opportunities and relevant updates about the Foundation or Laureates, which these individuals may be interested in.

The legal basis for this information is Art. 6 para. 1 (b), (c), and (f) GDPR: (b) Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract; (c) Legal obligation: the processing is necessary for you to comply with the law; and (f): Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party.

3.4     Network and Partners

The Institute stores personal information of individuals in the Foundation’s network, partners and suppliers who support our work or the Laureates’ work. These partnerships and network allow us to fulfill our statutory purposes as a Foundation according to Art. 6 para. 1 (f) GDPR: Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.

In some cases, we are also subject to Art. 6 para. 1 (b) GDPR, contract, as the partnership might be manifested in a contract or other form of legal agreement, which requires us to process personal information of the contact person in our partner organization.

With relevant suppliers, we maintain data processing agreements.

The information and contact details for the network and partners is reviewed regularly.

3.6     Job Applicants

The Institute stores personal details (name, contact details, work history) for job applicants applying for open positions. We store the application materials for a period of 2 years with consent from applicants in the event that a similar position opens and allows us to notify them of the position, which may be of interest.

The legal basis for processing the data is your consent – Art. 6 para. 1 (a) GDPR: Consent: the individual has given clear consent for you to process their personal data for a specific purpose.

4. Disclosure of data

We may transfer your data to the following category of recipients:

  • Service providers and suppliers

  • Authorities

  • Cooperation partners

With the exception of the service providers who act on our behalf to provide our website, we do not generally disclosure your personal data to third parties. Exceptions only apply in the following cases if:

  • You have given your express consent to this in accordance with Article 6 (1) (a) GDPR,

  • disclosure in accordance with Article 6 (1) (f) GDPR is necessary for the purposes of pursuing our legitimate interests or the legitimate interests of third party and there is no reason to assume that you have any overriding interest in your data not being disclosed which is worthy of protection,

  • disclosure in accordance with Article 6 (1) (c) GDPR as required by law, and

  • this is permitted by law and required by Article 6 (1) (b) GDPR for the performance of contractual relationships with you.

5. What are your rights as a data subject?

You have the right to request information from us, free of charge, about the personal data we process about you. We will also correct or delete information that is inaccurate and encourage you to notify us if this is the case. You also have the right to object to processing that takes place with support of our legitimate interest and to request that your information is not processed for direct marketing purposes. While we investigate the validity of your request, you have the right to request that we limit the processing. We may then, in principle, only store your information while the issue is investigated. In certain limited cases, you also have the right to receive your personal data in a machine-readable format or, if it is technically possible, to have the information transferred to a third party you indicate. Contact us by using the contact information below if you would like to exercise your rights or if you are dissatisfied with our processing. If you are dissatisfied with our processing, you also have the right submit a complaint to the supervisory authority where you live or work or where you believe that a breach of the General Data Protection Regulation has been committed. In Sweden, you can contact the Swedish Authority for Privacy Protection (www.imy.se)

For any of the above, please contact us via info@rightlivelihood.org. We will consider your request in accordance with applicable laws and will respond to your request without undue delay. Please note that, to protect your privacy and security, we may ask you to verify your identity before complying with the request.

6. Amendments to this Privacy Policy

This Privacy Policy is currently valid. It may be amended due to the development of our website and its offers or due to any changes to statutory or regulatory requirements. You can access and print our Privacy Policy as amended at any time at our website at:

Last modified: 01 July 2022