Welcome to PagansGather! This site is under construction. Please be patient while we work on improving it.

Privacy Policy

Updated September 26, 2025

PagansGather is committed to protecting the privacy of our community. This Privacy Policy explains what information we collect, how we use it, and the choices you have regarding your personal data. PagansGather, run by a global volunteer collective primarily based in the United States, acts as the data controller for all processing described below. You can reach our Data Protection Officer (DPO) at dpo@pagansgather.com, and our distributed team handles privacy correspondence electronically so requests reach the right person quickly.

Purposes and Legal Bases

We only process personal data when we have a lawful basis under the EU General Data Protection Regulation (GDPR).

  • Operating the service (contractual necessity): Creating and managing accounts, publishing directory listings, providing profile tools, and maintaining member communications all rely on the contract formed when you join PagansGather.
  • Security and abuse prevention (legitimate interests): We monitor access logs, apply rate limits, and investigate abuse reports to keep the platform safe for members and staff.
  • Legal compliance (legal obligation): We retain records needed to meet applicable United States and international legal requirements, including GDPR duties tied to our EU-hosted infrastructure, and we may disclose data when required by law or court order.
  • Community updates (legitimate interests): We send service announcements and critical updates so you can stay informed about availability, security, and policy changes. You can manage non-essential notifications from your profile page.

Information We Collect

We collect information that you provide directly to us when you:

  • Create or update your PagansGather account and profile.
  • Submit, edit, or manage directory listings.
  • Contact our support team or participate in community moderation.
  • Use site features that require authentication, including secure sign-in options and recovery links.

We may also collect limited technical details, such as IP addresses and browser metadata, to secure the platform, prevent abuse, and maintain reliable service operation.

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the PagansGather directory and supporting services.
  • Authenticate members and secure accounts across our services.
  • Communicate important updates, security alerts, and service notifications.
  • Respond to support requests and moderate reports that keep our community safe.

Sharing and Selling of Data

PagansGather does not sell user data to any third party. We only share personal information with:

  • Infrastructure processors: Hosting, e-mail, and monitoring providers that supply secure infrastructure in Finland and other locations and are bound by data-processing agreements and international-transfer safeguards.
  • Operational partners: Contractors and volunteers who maintain PagansGather systems and are subject to confidentiality obligations.
  • Public authorities: When we are legally required to respond to valid requests from law enforcement or regulatory bodies.

Every recipient only receives the minimum data needed to fulfill their role, and we never permit secondary use of your information.

Cookies and Similar Technologies

We use cookies and similar technologies to maintain your session, remember preferences, and secure authenticated actions. You can control cookies through your browser settings; however, disabling essential cookies may impact your ability to use certain features of the site.

Data Retention

We retain personal data for as long as your account is active or as needed to provide services, comply with our legal obligations, resolve disputes, and enforce our agreements. Profile and listing content remains available until you edit or delete it. If you close your account, we delete or anonymize personal data within 30 days, except where we must keep limited records for legal compliance. Security logs are retained for up to 12 months to investigate abuse and ensure the integrity of the service.

International Transfers

Our production infrastructure is primarily hosted in Finland within the European Economic Area (EEA). Members of our volunteer collective—including privacy and engineering staff based in the United States and other countries—may access personal data remotely to operate the service. We apply the European Commission’s Standard Contractual Clauses, maintain transfer impact assessments, and limit remote access to the minimum necessary so GDPR safeguards continue to protect your information.

Security

We take reasonable technical and organizational measures to protect your information, including encrypted connections, access controls, and continuous monitoring of our infrastructure. Despite these safeguards, no online service can guarantee absolute security, so we encourage members to use strong, unique credentials and enable passkeys when available.

Automated Decision-Making

We do not perform automated decision-making or profiling that produces legal or similarly significant effects on members. Any moderation or account decisions involve human review.

Your GDPR Rights

You have the following rights under the GDPR. You can start most requests from your profile page or by contacting our DPO. When you contact us, please include the e-mail address tied to your account so we can verify your identity safely.

  • Right of access: Request a copy of the personal data we hold about you by e-mailing dpo@pagansgather.com with the subject line “Access Request”.
  • Right to rectification: Update most details in your profile. Contact us if you need support changing information you cannot edit yourself.
  • Right to erasure: Delete your account from the profile page, or e-mail us for assistance if you cannot sign in.
  • Right to restriction: Ask us to pause processing—for example while we review contested data—by contacting the DPO.
  • Right to data portability: Request an export of your listings, messages, and profile data by writing to dpo@pagansgather.com.
  • Right to object: Object to processing based on legitimate interests, including service updates, and we will assess the request and honour it where required by law.

We respond to all validated requests within one month. If a request is complex or numerous, we may extend the response period by two additional months but will notify you promptly.

Contact Us

For privacy inquiries or requests, reach out to our team at privacy@pagansgather.com or contact our DPO at dpo@pagansgather.com. Because our organisers are a global volunteer collective, we coordinate responses digitally rather than from a single mailing address.

Supervisory Authority

You also have the right to lodge a complaint with a supervisory authority. EU and EEA residents can contact their local data protection authority or the Finnish Data Protection Ombudsman, who supervises our Finland-hosted infrastructure, via tietosuoja.fi.

Changes to This Policy

We may update this policy from time to time to reflect new features, legal requirements, or operational changes. When we make material updates, we will post a notice on the site or notify you through other appropriate channels. Your continued use of PagansGather after a change takes effect means you agree to the updated policy.