(Last updated: 22 November 2018)
- General statement
The European Petrochemical Association, a nonprofit (AISBL) incorporated under Belgian law, registered with the Belgian Commercial Register (BCE) under n°0408.299.922, with registered address at 270 avenue de Tervueren, 1150 Brussels, Belgium, and with email address firstname.lastname@example.org (hereafter referred to as “EPCA” or "we"), acting as a data processing controller, is committed to protecting the privacy of the individuals we encounter in conducting our business.
“Personal Data” is information that identifies- and relates to you. Personal Data includes, but is not limited to, your name, home and business mailing addresses, telephone number, email address, credit card or other billing information, certain data about your professional activities, and other information that you submit to us.
- Personal Data that we collect
Personal Data collected about you may include:
- General identification and contact information
Your title; first name; last name; job title; e-mail and telephone details; company; address of the company; tax identification number of the company.
- For meeting registration purposes
Your spouse/companion first and last name.
Following information is requested (not disclosed to third parties) only if a VISA is needed:
Your title; first name; last name; nationality; place of birth; date of birth.
Your passport number; place of issue; date of issue; date of expiry.
- Financial information
Credit card information: Holder's name; number; expiry. (data is encrypted)
The data that we collect and process are originating from different sources:
- Data that you provided us with during any interaction with our website and/or our services, including by registering to one of our events
- Data that your employer or collaborators have provided us
- Data that is publicly available on the internet
- Data provided by our partners or other members of the EPCA
- How and for which purposes we use your personal data
We may use your Personal Data to:
- Communicate with you and others as part of our business activities.
- Allow you to communicate and exchange information with other members of our network.
- Introduce you to other members of our network.
- Allow you to participate actively in our network, including discussions, seminars, meetings and other events. Some of these activities have additional terms and conditions, which could contain additional information about how we use and disclose your Personal Data, so we suggest that you read these carefully.
- Send you important information regarding changes to our policies, terms and conditions, this website and other administrative information.
- Make decisions about whether to provide you services.
These processing of your data are necessary for the performance of your contract with us (including your membership to EPCA) or in order to take steps at your request prior to entering into a contract (article 6.1.b GDPR). It would be impossible for EPCA to provide you with our services without such processing.
- Provide improved quality, including by monitoring the use of our website, and by monitoring the efficiency of our emailing campaigns.
- Personalize your experience on this website by presenting information tailored to you.
- Manage our infrastructure and business operations, and comply with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document and print management.
- Send you mail and emails in relation with our activities or other information that can be of interest for our members; you have the right to oppose to the sending of such emails to you, by using the “unsubscribe” link included in our emails.
- Resolve complaints,
This is necessary for our legitimate interests and more particularly we have a legitimate interest to improve our services quality (including personalizing the experience on our website to allow a more user-friendly use of the website and informing you on a more tailored way), to inform our members about EPCA’s activities and to use internal policies for running our activities (article 6.1.f GDPR).
- Comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to handling of requests for data access or correction, to anti-money laundering and anti-terrorism; comply with legal process; and respond to requests from public and governmental authorities (including those outside your country of residence). This may be necessary to comply with legal obligations (article 6.1.c GDPR).
Should we have to further process the Personal Data for other purposes than those set forth in the present section, we will provide you with information on that other purpose and with any relevant further information prior to any such further processing.
- Transfers and sharing of Personal Data
EPCA may make Personal Data available to:
- Other members of our network
The EPCA website is indeed used to keep contact and to generate interactions with the members of our network. (Meeting attendance list if accepted by the delegate)
- Service providers
External third-party service providers, such as accommodation service providers (when provided by the delegate).
Due to the global nature of our business, for the purposes set out above we may give access to business contact details to parties located in other countries even outside the European Economic Area (including the United States and other countries that have a different data protection regime than is found in the country where you are based and which have not been validated by the European Commission as countries offering the same level of protection for your Personal Data). In that case, the transfer will be done only if (i) the third-party service provider has entered into an agreement with EPCA that is in accordance with the Standard Contractual Clauses established by the European Commission or, (ii) the third-party service provider is part to a specific program such as the US Privacy Shield program, (iii) the provision of the services requested from EPCA (e.g. hotel registration as part of the registration to an EPCA event) require such data transfer.
- Use of social media and video
Our Website contains social media buttons, allowing the user to share content with third parties. When using such buttons, some of your information (e.g. browser information, IP address) may be automatically accessed by the social media operator. EPCA does not control which information is accessed by the social media and how that information is processed by such operators. Please see the privacy policies of these social media to check how they will use your information.
EPCA will take appropriate technical, physical, legal and organizational measures, which are consistent with applicable privacy and data security laws. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any Personal Data you might have with us has been compromised), please immediately notify us. (See the “Who to Contact About Your Personal Data” section below.)
When EPCA provides Personal Data to a service provider, the service provider will be selected carefully and required to use appropriate measures to protect the confidentiality and security of the Personal Data.
- Retention of Personal Data
One of our purposes when processing your Personal Data is to gather information on the members of our network and to keep our network alive and active. When becoming a member of our network, your data will therefore be kept until you decide to unsubscribe to our services and accordingly to quit being part of our network
- Personal Data of other individuals
- Your rights as a data subject
Data protection laws grant you some rights on certain grounds and conditions, including the rights to access, correct, object to the use of, or request deletion or suppression of Personal Data, as well as to ask a restriction of processing. You also have a right to data portability and a right to withdraw your consent at any time, being understood that such a withdrawal will not affect the lawfulness of the processing that was based on such consent. Please contact us as set out in the “Who to Contact About Your Personal Data” section below with any requests or if you have any questions or concerns about how we process Personal Data. Please note that some Personal Data may be exempt from some of the above rights in accordance with local privacy and data protection laws or any other law.
- Other information we collect through the Website
“Other Information” is any information that does not reveal your specific identity, such as:
- Browser information;
- Information collected through cookies (please refer to our EPCA cookies policy available on this website);
- Demographic information and other information provided by you; and
- Aggregated information
Please note that we may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Data under applicable law, then, we may use and disclose Other Information for all the purposes for which we use and disclose Personal Data.
- Who to contact about your Personal Data
If you have any questions about our use of your Personal Data you can send an e-mail to this address: email@example.com, or write to:
EPCA – The European Petrochemical Association A.I.S.B.L./I.V.Z.W.
Avenue de Tervueren 270
If you are not happy with our processing of your Personal Data and if you feel that contacting us could not solve the issue, the applicable data protection law provides you with a right to lodge a complaint with the competent supervisory authority.