Restor Eco AG (“Restor”) respects the privacy of our visitors and users and recognizes the importance of protecting the information you share with us.
What Data is Collected?
Restor aims to collect information about Organisations engaged in the restoration and conservation of nature at any location around the world using the Restor platform (www.restor.eco), such as (but not limited to):
- User name
- Email address
- Name of Organization
- Geofile (polygon) of the restoration site(s)
- Site status
- Intervention type
- Should site be publicly visible?
- Year established
- User specified site name
- Stakeholder types
- Land tenure
- Number of direct + indirect beneficiaries
- Website URL
- Social media links
- Plain text site description
- Header photo
- Other scientific project site data (e.g. tree inventory data, soil quality data)
- Other miscellaneous data you may want to share with Restor and / or its community of users.
The Restor.eco platform accesses Google User Data for the purposes of authenticating to the platform (using OAuth2), but Restor may look to add other authentication options in the future. This authentication data is stored in Firebase (the email address) and in the Restor database (username and avatar, if available). This data is used to link organizations, collections and sites to a specific authenticated user. Email addresses are not shared outside the platform and the display name (which can be changed by the user) and avatar photo are shared through a public API.
You provide us with these data through your use of the Services. For the purposes of this policy, and in accordance with international standards, we refer only to information that we collect from you which identifies you as “Personal Data”, such as your username and avatar, the name of the organization you work for, your name, your email address, your password and Usage Information about your use of the Services (see below).
We may also collect “Usage Information” through your use of the Services, which includes but is not limited to: browser information, hardware model, operating system, IP address, the time you access the Services, and type of content you view or engage with while using the Services.
Collectively, all Personal Data and Usage Information are referred to as “Information.”
Why We Collect This Information?
We collect information about you to help make the Services more useful to you. This includes:
- Administering and improving the Services
- Personalizing your experience with the Services
- Promoting safety and security of the Services
- Contacting you about the Services
- Generating new scientific insights and refining existing science models
Who We Share Your Information With
We may share your Information as follows:
- Third Party Service Providers. We may share your Information with third party service providers and contractors working on behalf of Restor who assist us in providing the Services. These service providers are only authorized to use your Information to provide services to us and to help us provide the Services to you. We do not sell or otherwise share your Information with such third parties for their direct marketing purposes.
- As Required or Permitted by Law. We may share your Information with courts, government agencies and other third parties as required or permitted by applicable law, to comply with a subpoena or similar legal request, to enforce our policies, or to protect our or others' rights, property, or safety.
- Performance Reporting. We may share aggregated, anonymized Information with our donors and partners to report on the utility and performance of the Services.
- Science. We may share anonymized nformation with the Crowther Lab at ETH Zurich and scientific partners of the Crowther Lab for the purpose of studying and improving restoration science.
- Other Parties In Connection With A Corporate Transaction. We may disclose or share your Information in the event that we purchase, sell, finance, transfer, or acquire all or a portion of a business or assets, such as in connection with a merger, or in the event of a bankruptcy reorganisation or liquidation.
Security of Your Information
We have implemented commercially-reasonable, technical, administrative and physical safeguards to protect your Information. Unfortunately, no data transmission over the internet or data storage system can be guaranteed to be 100% secure. However, if you have reason to believe that your use of the Services is no longer secure (e.g., username and password have been compromised), please contact us immediately at firstname.lastname@example.org.
Uses of data other than Personal Data and Usage Information
All other information other than Personal Data and Usage Information is referred to as “Data”.
As noted above, we do not sell or otherwise share your Personal Data or Usage Information with third parties for their direct marketing purposes.
Use of Online Tracking Technologies
When you use the Services, we, along with our third-party service providers may use Usage Information to more effectively understand how the Services are used and improve the usability of our Services.
International Transfers of Personal Data
The Personal Data we collect from you may be transferred out of the UK or European Economic Area (EEA) to the types of entities described in the 'Who We Share Your Information With' section above.
We want to make sure that the Personal Data we collect from you is stored and transferred in a way which is secure. We will therefore only transfer data outside of the EEA where it is compliant with data protection law and the means of transfer provides adequate safeguards in relation to your data, for example by way of a data transfer agreement with a third party, in each case incorporating the current standard contractual clauses adopted by the UK Information Commissioner's Office or the European Commission.
We encourage you to promptly update your Personal Data if it changes. You may correct, update, amend, remove, or ask to have your Personal Data removed by making the change on your user account settings page, if applicable, or by contacting us as detailed below.
In addition, you exercise any of the following actions at any time:
- You may opt out of receiving Restor communications by using the unsubscribe link within each email.
- You may object to or restrict our processing of the Personal Data that we collect from you, in which case we will stop this processing unless we can demonstrate compelling legitimate grounds which overrides your interests or if the processing is necessary for the establishment, exercise or defence of legal claims.
- You may request information about, access to and a copy of, the Personal Data that we collect from you. However, you should be aware that where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will always tell you the reasons for doing so.
- You may request that we rectify any inaccurate or incomplete Personal Data that we collect from you.
- You may ask questions or make complaints about our privacy and data security practices with regard to your Personal Data using the contact information below. You also have the right to make a complaint to your local supervisory authority. The privacy regulators for the UK and EU Member States are listed (along with contact details) on the following website: ec.europa.eu/justice/article-29/structure/data-protection-authorities/
- You may request that we delete Personal Data that we have collected about you. We would only be entitled to refuse to comply with your request for erasure in limited circumstances and we will always tell you our reason for doing so.
- You may request that we transfer Personal Data that we collect from you to another service provider.
- Where we have obtained your consent to process Personal Data that we collect from you for certain activities, you may withdraw this consent at any time.
To exercise any of these options or for additional information about our privacy practices, contact us at email@example.com.
We will retain your Personal Data for as long as needed to provide you the Services. We will try to comply with requests under this section as soon as reasonably practicable as required by applicable law. However, we may need to retain and use certain information for record-keeping purposes, to complete any prior request, as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, or for other purposes as required or permitted by applicable law.
Lawful Bases for Processing Personal Data
There are a number of different ways that we are lawfully able to process Personal Data that we collect from you. We have set these out below.
- Where using your Personal Data is in our legitimate interests: We are allowed to use the Personal Data we collect from you where it is in our interests to do so, and those interests are not outweighed by any potential prejudice to you. We believe that our use of your Personal Data is within a number of our legitimate interests, including but not limited to the reasons as to why we process your Personal Data as set out above.
- Where processing is necessary for us to carry out our contractual obligations: We are allowed to use Personal Data we collect from you when it necessary to do so for the performance of a contract with you.
- Where processing is necessary for us to carry out our legal obligations: We also have other legal obligations that we need to comply with, and we are allowed to use the Personal Data we collect from you when we need to in order to comply with those other legal obligations.
 Ecological Restoration includes (but is not limited to) Conservation, Sustainable Forest Management, Natural Regeneration, Planted Forests for Conservation, Planted Forests for Harvesting, Agroforestry, Silvopasture, Climate-Smart Agriculture (Source: UN Decade on Ecosystem Restoration).
Last updated: October 27 2022