Privacy Notice


Your privacy is our priority: we (the European Charcot Foundation, ECF) believe that your privacy is important and should be protected, which is why we would like to tell you what we do for you. As part of our legal obligations in relation to the Multiple Sclerosis Data Alliance (MSDA), we collect and process a certain amount of personal data and we do everything we can to protect it. This privacy notice has been prepared in compliance with the GDPR. It defines both the personal data to be processed and the purpose and the legal and technical means of the processing.

Some definitions

Data Controller - Data Processor(s)

The Data Controller is ECF, acting as the lead legal entity of the MSDA, an independent non-for-profit organisation, organised and existing under the laws of Belgium, having its registered office located at Vaartdijk 3, bus 2, 3018 Leuven, Belgium and with company number (RLE Leuven) 0547.995.164. You can reach out via email (

The following service providers may act as a processor of your Personal Data as further defined in this notice:

BMD Software Support the MSDA in maintaining and hosting the MSDA Catalogue and related services. The data of the MSDA Catalogue, including the data provided when registering, is stored under Amazon Web Services. In particular, it is being hosted in AWS Europe in Frankfurt, Germany.
Mailchimp GDPR compliant customer management relation of ECF to manage the mailing list of the Newsletter and Contact Form.
By subscribing to the MSDA newsletter, people acknowledge that their information will be transferred to Mailchimp for processing. More about Mailchimp's privacy practices can be found on

General Principles of Data Processing

Lawfulness and fairness: We pay particular attention to compliance with the general principles applicable to the processing of your data and respect for your privacy. We want to guarantee that the processing will be carried out in a legal and transparent manner.

Limitation to what is necessary and accuracy: We will strictly limit ourselves to collecting data that is necessary for the purposes required. We endeavour to collect accurate data to the extent reasonably possible.

Limiting retention over time: We will limit the retention of data over time by ensuring that it is destroyed or anonymised once the processing is complete or the purposes have been achieved. The cookies installed are specifically time-limited according to their use or type.

Security of your data: We take the security of your data very seriously and do everything in our power to ensure their integrity and confidentiality.

What types of personal data do we process?

Purpose and Lawful Processing Ground

Personal Data Purpose Processing Ground
First Name Catalogue / Contact Form / Newsletter Customer Service informed consent
Last Name Catalogue / Contact Form / Newsletter Customer Service informed consent
Email Address Catalogue / Contact Form / Newsletter needed to: login on Catalogue / answer to people's questions, customer service / sending the newsletter informed consent
Country Catalogue / Newsletter Optimising usefulness of MDSA services to stakeholders Legitimate interest
Organization Catalogue Optimising usefulness of MDSA services to stakeholders Legitimate interest
Stakeholder Group Newsletter Optimising usefulness of MDSA services to stakeholders Legitimate interest

Any of the above details in relation to Metadata Providers can be used for populating the MSDA Catalogue in order to allow MSDA and its users to contact the Metadata Provider.

Your rights

We would like to make you aware of your rights regarding the protection of your personal data:

In the event of a request from you, we undertake to reply within a maximum of one month. You can contact us at In the event that you consider it necessary, you can file a complaint with the Data Protection Authority (see below). Filing a complaint with the Data Protection Authority has no bearing on the intervention of a civil court.

Data Transfers

The MSDA data as described herein are located in Europe, however, it is possible that data may be transferred to countries outside the European Union. As a consequence of Article 44 of the European Regulation 2016/679 of 27 April 2016 on the protection of personal data, any transfer of personal data outside the EU is only possible if an adequate level of protection is guaranteed in the country concerned. The European Commission has been mandated to carry out an assessment of the level of protection in a given country, territory, region or even international organisation. If this level of protection is considered adequate, the data can be transferred. The European Charcot Foundation guarantees that it will not process or store data in countries that do not apply an adequate level of protections or without adopting appropriate safeguards as required by Privacy Legislation.


You can always file a complaint by sending a written request via email to We undertake to comply with your request within one month.

You also have the option of submitting a complaint to the supervisory authority:

Data Protection Authority
Rue de la Presse 35
1000 Brussels, Belgium