YWAM Europe Prayer Network

Who we are

YWAM Europe Prayer Network (YEPN), hereafter the data controller is responsible for the processing of the user’s personal data, and informs the same that this data will be treated in accordance with the provisions set out by the (EU) Regulation 2016/679 of 27 April 2016 (GDPR). Our website address is: https://ywamepn.com.

1. What personal data we collect and why we collect it

Activities related to the development of the activity carried out by YEPN. If the data controller plans to further process the personal data for a purpose other than that for which it was collected, they will provide the data subject, prior to said subsequent treatment, information about the additional purpose and any additional information. The data will not be processed in a manner inconsistent with those purposes; the further processing of personal data for archival purposes in the public interest, for scientific and historical research or statistical purposes shall not be considered incompatible with the initial purpose.

Personal data will not be used for automated processing for profiling nor will they be used to make any decisions based solely on automated processing, including profiling.

Period data will be retained

Data will be retained as long as necessary for the purposes of authorized processing.

Lawful basis

The data subject’s consent and data processing necessary to carry out the requested activity. The legal basis for processing: Art. 9.2.a and Art.6.1 a and b GDPR.


Transfer of data: The data subject’s data will only be transferred by legal obligation or for reasons related to the service offered by YEPN through a service delivery contract with the Data Processor.

Transfer to third countries: The transfer of data to third countries or international organizations is not foreseen. In the event that the Data Controller foresees the transfer of personal data to third countries, the data subject must be informed in advance.


Right to withdraw consent and rights of access, rectification, deletion, limitation, opposition and data portability.

How you may exercise your rights

You can exercise the rights of access, rectification, deletion, limitation, opposition and data portability, by contacting the data controller at ywamepn@gmail.com

Right to withdraw consent

The withdrawal of consent shall not affect the lawfulness of data processing based on consent before its withdrawal.

Right to lodge a complaint with the supervisory authority.

2. Compulsory or optional nature of the information provided by the user

By marking the corresponding boxes and entering data in the fields, marked with an asterisk (*) in the contact form or presented in download forms, Users expressly and freely and unequivocally accept that their data are necessary for the supplier to meet their request; the inclusion of data in the remaining fields being voluntary. Users guarantee that the personal data provided to the data controller are true and are responsible for communicating any modification thereof.

The data controller informs and expressly guarantees Users that their personal data shall not in any case be transferred to third parties, and that whenever they make any kind of transfer of personal data, the express, informed and unequivocal consent of the Users shall be requested in advance. All data requested through the website is mandatory, as they are necessary for the provision of an optimal service to the Users. In case not all the data are provided, it is not guaranteed that the information and services provided will be completely adjusted to your needs.

3. Security measures

That in accordance with the provisions in the regulations in force on personal data protection, the data controller complies with all the provisions of the GDPR regulations for the processing of personal data under its responsibility, and manifestly within the principles described in article 5 of the GDPR, for which they are processed in a lawful, loyal and transparent manner in relation to the data subject and adequate, pertinent and limited to what is necessary in relation to the purposes for which they are processed.

The data controller guarantees that they have implemented appropriate technical and organizational policies to apply the security measures established by the GDPR in order to protect the rights and freedoms of the Users and has communicated the appropriate information so that they can exercise them.

Social media privacy policy

1. Information for the user

Who is the data controller in charge of processing your personal data?

YEPN, hereafter the data controller, informs the User that they have created profiles on social media networks such as Facebook and Instagram, responsible for the processing of the User’s personal data on said networks, and informs the User that the data will be treated in accordance with the provisions set out by the (EU) Regulation 2016/679 of 27 April 2016 (GDPR), the Organic Law 3/2018 of 5 December (LOPDGDD) for which it provides the following information about data processing:

What is the purpose of processing your personal data?

Purpose of processing: to maintain a relationship between the User and the data controller that may include the following operations:

  • To process requests and enquiries submitted to the data controller.
  • To provide information about activities and events organized by the data controller.
  • To provide information about products or services offered by the data controller.
  • To interact through official profiles.

Why do we process your personal data?

Legal basis of the processing: Article 6 of GDPR, the data subject has given consent to the processing of his or her personal data for one or more specific purposes. The User has a profile on the same social network and has decided to join the social network of the data controller thereby showing interest in the information published on it, therefore, when requesting to follow our official profiles, he/she provides us with his/her consent for the processing of those personal data published on his/her profile.

The User may access the privacy policies of the social network in question at any time and set up their profile to ensure that their privacy is protected.

The data controller has access to and processes the User’s public information, especially their contact name. These data are only used within the social network itself and will only be incorporated into a file owned by the data controller when necessary to process the User’s request.

How long is your personal data stored?

Data retention criteria: data will be kept as long as the User does not revoke the consent given as indicated in this privacy policy.

To whom do we give your personal data?

Communication of the data: the information provided by the User through the data controller’s social networks, including their personal data, can be published, always depending on the services that the User accesses, so it may be publicly available to other third-party Users of social networks. From the profile of each social network, the User can configure what information to make public in each case, view the permissions that have been granted, delete or disable them, as with any third-party application that they no longer wish to use.

No communication of personal data to third parties outside the network is foreseen, unless it were necessary for the development and implementation of the aims of the data processing, to our communications service providers with which we have signed contracts of confidentiality and data processing as required by the current privacy legislation.

What are your rights?

User’s rights: these can only be satisfied in relation to the information which is under the control of the data controller.

  • The right to withdraw consent at any time.
  • The right of access, rectification, portability and deletion of your data and the limitation or opposition of its processing.
  • Right to claim a claim with the supervisory authority (aepd.es) if you consider that the data processing does not comply with current regulations.

Contact information for you to exercise your rights:

YEPN: ywamepn@gmail.com

2. Use of the profile

The data controller may carry out the following:

  • Access public profile information.
  • Publication on the User’s profile of all information already published on the data controller’s social network.
  • Send personal and individual messages via the social network’s channels.
  • Update the status of the page, which shall then appear on the User’s profile.

The User may at all times control their connections, remove any content that no longer interests them, and restrict with whom they share connections, for which they must access their privacy settings.

3. Publications

The User, once having joined the data controller’s page, may publish on it comments, links, images or photographs, or any other type of multimedia content supported by the social network. The User must, in every case, be the owner of the published content, have copyright and intellectual property rights, or the consent of the third parties in question.

It is strictly prohibited to post anything, whether in the form of texts, graphics, photographs, videos, etc., that violates, or is likely to violate, standards of morals, ethics, good taste, or decorum; and/or that may infringe on, contravene, or violate intellectual or industrial property rights, image rights, or the law.

In these cases, the data controller reserves the right to immediately withdraw the content, being authorised to request permanent blockage of the User.

The data controller shall not be responsible for the content that a User has freely published.

The User should remember that other users have access to their posts, therefore, they are primarily responsible for their own privacy.

The images that may be published on the social network shall not be stored in any file by the data controller but will remain in the social network.

4. Data of minors or people with special needs

Access and registration to the data controller’s social networks is prohibited to persons under 18 years of age. Therefore, if the User has special needs, the intervention of their legal guardians or their legal representation shall be required by means of valid documentation attesting representation.

The data controller expressly disclaims any liability arising from the use of social networks by minors or people with special needs. The data controller’s social networks do not knowingly collect any personal information from minors, so if the User is a minor, they should not register with or use the data controller’s social networks nor provide any personal information.


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.


If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.