LAST UPDATED: 20 August 2020
1. General statement
The European Petrochemical Association, a nonprofit (AISBL) incorporated under Belgian law, registered with the Belgian Commercial Register (BCE) under n°0408.299.922, with registered address at 270 avenue de Tervueren, 1150 Brussels, Belgium, and with email address email@example.com (hereafter referred to as “EPCA” or "we"), acting as a data processing controller, is committed to protecting the privacy of the individuals we encounter in conducting our business.
“Personal Data” is information that identifies- and relates to you. Personal Data includes, but is not limited to, your name, home and business mailing addresses, telephone number, email address, credit card or other billing information, certain data about your professional activities, and other information that you submit to us.
2. Personal Data that we collect and process
Personal Data collected about you may include:
General identification and contact information
- Your title;
- First name;
- Last name;
- Job title;
- Your e-mail and telephone details;
- Address of the company;
- Company general email and phone number
- Website and logo of the company;
- Tax identification number of the company;
- Password for the access to the member section.
For meeting registration purposes
- Your spouse/companion first and last name.
- Address of your accommodation during specific events (if booked via EPCA)
Following information is requested (not disclosed to third parties) only if a VISA is needed:
- Your title; first name; last name; nationality; place of birth; date of birth.
- Your passport number; place of issue; date of issue; date of expiry.
- Credit card information: Holder's name; number; expiry. (data is encrypted)
Personal data related to the use of the EPCA Mobile Application (if you use it)
For registered users (EPCA Delegates):
- General identification and contact information (see above);
- Login and password;
- Pictures of you;
- In-app grade and trophies;
- Number of Annual Meeting attended;
- Number of registered activities;
- Information and picture from LinkedIn profile (if you decide to link your EPCA and LinkedIn profile);
- Number of new contacts added in the EPCA Mobile Application;
- Interest or attendance to specific events;
- Role in specific events;
- Company’s success stories (if you decide to share them).
For users not yet registered(Users not yet approved by EPCA):
- Information collected via the contact request form (first name; last name; e-mail and telephone details; company; country)
Personal data related to the attendance to online webinars and/or videoconferences (if you attend such online events)
- General identification and contact information (see above);
- Login and password;
- Image (if your webcam is turned on);
- Voice and other sounds (if your microphone is turned on);
- Chat messages/questions asked during Q&A (if you use these functions);
The data that we collect and process are originating from different sources:
- Data that you provided us with during the attendance of webinars or other videoconferences, any interaction with our Mobile Application, our website and/or our services, including by registering to one of our events;
- Data that your employer or collaborators have provided us;
- Data that is publicly available on the internet;
- Data provided by our partners or other members of the EPCA.
3. How and for which purposes we use your personal data
We may use your Personal Data to:
- Communicate with you and others as part of our business activities.
- Allow you to communicate and exchange information with other members of our network.
- Introduce you to other members of our network.
- Allow you to participate actively in our network, including discussions, seminars, meetings and other events. Some of these activities have additional terms and conditions, which could contain additional information about how we use and disclose your Personal Data, so we suggest that you read these carefully.
- Send you important information regarding changes to our policies, terms and conditions, the EPCA Mobile Application, our website and other administrative information.
- Make decisions about whether to provide you services.
The processing of your data under 1-6 are necessary for the performance of your contract with us (including your membership to EPCA) or in order to take steps at your request prior to entering into a contract (article 6.1.b GDPR). It would be impossible for EPCA to provide you with our services without such processing.
- Provide improved quality, including by monitoring the use of our website, and by monitoring the efficiency of our emailing campaigns.
- Personalize your experience on the EPCA Mobile Application and the EPCA website by presenting information tailored to you.
- Manage our infrastructure and business operations, and comply with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document and print management.
- Send you messages, mail and emails in relation with our activities or other information that can be of interest for our members; you have the right to oppose to the sending of such emails to you, by using the “unsubscribe” link included in our emails.
- Resolve complaints.
The processing of your personal data under 7-11 are necessary for our legitimate interests and more particularly we have a legitimate interest to improve our services quality (including personalizing the experience on our Mobile Application and website to allow a more user-friendly use of the Mobile Application and website and informing you on a more tailored way), to inform our members about EPCA’s activities and to use internal policies for running our activities (article 6.1.f GDPR).
- Comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to handling of requests for data access or correction, to anti-money laundering and anti-terrorism; comply with legal process; and respond to requests from public and governmental authorities (including those outside your country of residence). This may be necessary to comply with legal obligations (article 6.1.c GDPR).
Should we have to further process the Personal Data for other purposes than those set forth in the present section, we will provide you with information on that other purpose and with any relevant further information prior to any such further processing.
4. Transfers and sharing of Personal Data
EPCA may make Personal Data available to:
Other members of our network
The EPCA Mobile Application and the EPCA website are indeed used to keep contact and to generate interactions with the members of our network.
Your contact details will be included in the Meeting attendance list (if you accept to be on that list) and are available in the section of our website reserved to members for a limited time, as well as in the EPCA Mobile Application.
When using our Mobile Application, your name and affiliations are visible to other users of the Mobile Application. You can choose to exchange additional information with other users of the Mobile Application, in which case that information will be transferred to these users.
External third-party service providers, such as accommodation service providers (when provided by the delegate).
Due to the global nature of our business, for the purposes set out above we may give access to business contact details to parties located in other countries even outside the European Economic Area (including the United States and other countries that have a different data protection regime than is found in the country where you are based and which have not been validated by the European Commission as countries offering the same level of protection for your Personal Data). In that case, the transfer will be done only if (i) the third-party service provider has entered into an agreement with EPCA that is in accordance with the Standard Contractual Clauses established by the European Commission or, (ii) the provision of the services requested from EPCA (e.g. hotel registration as part of the registration to an EPCA event) require such data transfer.
Use of social media and video
Our Website and our Mobile Application contain social media buttons, allowing the user to share content with third parties. When using such buttons, some of your information (e.g. browser information, IP address) may be automatically accessed by the social media operator. EPCA does not control which information is accessed by the social media and how that information is processed by such operators. Please see the privacy policies of these social media to check how they will use your information.
EPCA will take appropriate technical, physical, legal and organizational measures, which are consistent with applicable privacy and data security laws. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any Personal Data you might have with us has been compromised), please immediately notify us. (See the “Who to Contact About Your Personal Data” section below.)
When EPCA provides Personal Data to a service provider, the service provider will be selected carefully and required to use appropriate measures to protect the confidentiality and security of the Personal Data.
6. Retention of Personal Data
Videorecordings of webinars and other online members meetings will be available for members on the website of EPCA or other dedicated channel after the webinar/online meeting takes place.
One of our purposes when processing your Personal Data is to gather information on the members of our network and to keep our network alive and active. When becoming a member of our network, your data will therefore be kept until you decide to unsubscribe to our services and accordingly to quit being part of our network
7. Personal Data of other individuals
8. Your rights as a data subject
Data protection laws grant you some rights on certain grounds and conditions, including the rights to access, correct, object to the use of, or request deletion or suppression of Personal Data, as well as to ask a restriction of processing. You also have a right to data portability and a right to withdraw your consent at any time, being understood that such a withdrawal will not affect the lawfulness of the processing that was based on such consent. Please contact us as set out in the “Who to Contact About Your Personal Data” section below with any requests or if you have any questions or concerns about how we process Personal Data. Please note that some Personal Data may be exempt from some of the above rights in accordance with local privacy and data protection laws or any other law.
9. Other information we collect through the Website and the Mobile Application
“Other Information” is any information that does not reveal your specific identity, such as:
- Browser information;
- Information collected through cookies (please refer to our EPCA cookies policy available on this website);
- Demographic information and other information provided by you; and
- Aggregated information
Please note that we may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Data under applicable law, then, we may use and disclose Other Information for all the purposes for which we use and disclose Personal Data.
11. Who to contact about your Personal Data
If you have any questions about our use of your Personal Data you can send an e-mail to this address: firstname.lastname@example.org, or write to:
EPCA – The European Petrochemical Association A.I.S.B.L./I.V.Z.W.
Avenue de Tervueren 270
If you are not happy with our processing of your Personal Data and if you feel that contacting us could not solve the issue, the applicable data protection law provides you with a right to lodge a complaint with the competent supervisory authority.