Privacy Policy

Mekong Data Protection (MDP)
Effective Date: January 1, 2025

1. Introduction

This Privacy Policy explains how the Mekong Data Protection (“MDP”, “we”, “us”, or “our”) collects, uses, discloses, and protects your personal data when you visit https://mekongdataprotection.org (“Website”).

We are committed to complying with the General Data Protection Regulation (EU) 2016/679 (GDPR) and international best practices in data protection.

By using our Website, you consent to the practices described in this Privacy Policy.

2. Data Controller Contact Details

Mekong Data Protection
Website: https://mekongdataprotection.org
Email: hello@mekongdataprotection.org
Address: Phnom Penh, Cambodia.

3. What Personal Data We Collect

A. Data you provide voluntarily

We may collect:

  • Name

  • Email address

  • Organization or affiliation

  • Phone number (if provided)

  • Any information you submit via:

    • Contact forms

    • Newsletter subscription

    • Event registration

    • Resource downloads

    • Membership or partnership requests

B. Data collected automatically

When you browse our Website, we may collect:

  • IP address

  • Device information

  • Browser type/version

  • Pages viewed

  • Time and date of visits

  • Referral URLs

  • Click behavior

  • Technical diagnostics

  • Cookies and similar technologies (see Cookie Notice below)

4. Legal Basis for Processing

We process personal data based on the following legal bases under the GDPR:

PurposeLegal Basis: Responding to your inquiriesLegitimate interest / ConsentSending newsletters or updatesConsentProviding services or resources you requestContract / ConsentWebsite analytics, security, and improvementLegitimate interestComplying with legal obligationsLegal obligation

5. How We Use Your Data

We may use your personal data to:

  • Provide information, resources, and services you request

  • Communicate updates, newsletters, publications, announcements

  • Manage event registrations

  • Maintain and secure our website

  • Analyze website usage and improve user experience

  • Develop research insights and regional data governance knowledge

  • Ensure compliance with applicable laws

We do not sell or rent your personal data.

6. Sharing Your Data

We may share your data only with:

  1. Service providers who support our operations, such as:

    • Website hosting

    • Email delivery (e.g., Mailchimp, Sendy, etc.)

    • Analytics providers

    • Cloud storage

    • Event management tools

  2. Partners or collaborators when:

    • You explicitly consent to sharing

    • Joint publications, events, or initiatives require communication

  3. Authorities, if required by law.

All processors operate under GDPR-compliant agreements.

If data is transferred outside the EU/EEA, we use one of the following safeguards:

  • Adequacy decision

  • Standard Contractual Clauses (SCCs)

  • Other GDPR-approved mechanisms

7. Data Retention

We retain personal data only as long as:

  • Necessary for the purposes described above

  • Required for legal, audit, or reporting obligations

  • Until you withdraw consent (for email subscriptions)

When no longer needed, data is securely deleted or anonymized.

8. Your Rights Under GDPR

If you are in the EU/EEA or your data is otherwise protected by GDPR, you have the right to:

  • Access your personal data

  • Correct inaccurate or incomplete data

  • Request erasure (“right to be forgotten”)

  • Restrict processing

  • Object to processing

  • Withdraw consent at any time

  • Exercise data portability (where applicable)

  • Lodge a complaint with your Data Protection Authority

To exercise any of these rights, contact us at: hello@mekongdataprotection.org

9. Security Measures

We implement appropriate technical and organizational measures, including:

  • HTTPS encryption

  • Access controls

  • Secure servers

  • Data minimization

  • Staff confidentiality commitments

  • Regular security reviews

No method is 100% secure, but we follow recognized best practices.

10. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or significant effects.

If this changes, we will update this policy and provide clear notice.

11. Third-Party Links

Our Website may contain links to external sites.
We are not responsible for the privacy practices of those sites and encourage you to review their policies.

12. Updates to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or applicable laws.
The latest version will always be posted on this page.

Contact Us

For privacy concerns, rights requests, or questions, contact:

Mekong Data Protection
Email: hello@mekongdataprotection.org

Privacy Policy

Terms & Conditions

Copyrights ©MDP 2025