FPA data protection policy

The FreeCAD project association AISBL (FPA) does, to perform its activities, collect and store specific personal data from a series of specific categories of people, who are listed below. No data, personal or not, is ever collected or stored outside what is described in this page.

General principles

The FPA will only gather and store personal data when those are absolutely needed to perform its activities, or when it is required by law. The FPA will always do its best to inform you clearly of what data we are collecting from you, and why. Any other private data we might have access to but we don’t need, will always be discarded.

The FPA will also always allow you to know what data we have on you, change that data, or delete the data we have on you, except in the cases where we legally need to keep that data (see below). For any inquiry, contact the DPO, indicated below.

Who keeps your personal data

Collected data is kept and secured by the FPA, an international non-profit association seated Rue Docteur Kuborn 31/46, in Anderlecht, Belgium.

To make donations or participate to the FreeCAD project, you might also have created accounts on third-parties platforms, such as GitHub, OpenCollective or PayPal. These platforms are fully responsible for the treatment of the data they collect from you, and the FPA is not responsible for them.

How is the data stored, who has access

All personal data kept by the FPA is encrypted. Only the FPA administrators have access to the data. Nobody else has access to the data, and it will never be shared with anybody else, inside or outside the FPA, unless required by law, of course.

Request, modify or delete your personal data

The current Data Protection Officer (DPO) appointed by the FPA is Yorik van Havre, reachable at yorik@freecad.org

The personal data the FPA keeps on you can at any time be requested, modified or deleted by you (unless we are required by law to keep that data), simply by sending a request to the DPO.

What personal data do we collect

The FPA collects and keeps the following personal data:

• From FPA members: Full name, street address, and email address. This is a legal requirement for all members of a non-profit association in Belgium.

• From people awarded FPA grants or under contract with the FPA: Full name, email address, bank details, and, for people outside the European Union, street address. This data is required by our bank to successfully transfer money.

• From people making donations: The FPA itself does keep personal data from people making donations. This is a legal requirement, as we need at all times to be able to demonstrate where its revenues come from. This data is collected from the donation platforms and bank accounts, and usually consists of a name and an identifier (bank account number or email address). To do proper accounting, we also keep track of how much that specific identifier has donated to FreeCAD and when. The FPA is legally required to keep that data during 10 years.

• From users of the FreeCAD forum and wiki: The FreeCAD forum and the FreeCAD wiki use phpBB and mediawiki, respectively. Those applications keep the data that you filled in your user profile in databases, kept securely and managed by the FPA. At minimum, an email address and a password are required to create a user account. Passwords are kept encrypted in the databases. Email addresses are not visible to the public or to other users. Any other personal information you add to these user profiles is publicly visible.

• The FPA also maintains a telemetry add-on for FreeCAD, that allows users to contribute usage data to the project. The telemetry add-on has its own privacy policy, that you should consult if you are using the add-on. Data gathered by the telemetry add-on is anonymized and kept public.

In case things go wrong

Although all security precautions are taken, sensitive data is always encrypted databases are inaccessible to the outside and everything is managed by technically skilled people, accidents can always happen. Should a security breach happen, the FPA will always do its best to treat the case with maximum transparency and information, to make sure you know what happened.

Last update

This data protection policy was last updated on 19 March 2025.