Privacy & cookies
Last Updated May 2020
Your privacy is important to us so we want to you know exactly what kind of information we collect about you and how to use it.
Introduction / About us
What Personal Data do we collect?
ELPA knows how much data security matters to its members, partners and stakeholders. With this in mind, we will treat your data with the utmost care and take all appropriate steps to protect it.
You may provide us with the following types of personal data when you interact with us:
Identity – first name, family name, gender, date of birth, ID/passport details
Contact – email address, home address, phone number, social media accounts/names
Financial – bank details
Health – medical information and dietary needs
How do we use your Personal Data?
To provide you with products and services. ELPA uses the information collected from you for purposes including the following:
To process payments.
For internal administration and record keeping.
To answer your enquiries which may involve contacting you by post, e-mail or phone.
To manage compliance/ regulatory issues.
To verify identity (to, amongst others, detect and prevent fraud).
To give you the opportunity to provide us with feedback through reviews, questionnaires and surveys.
To process job applications.
To register for external and internal events.
We use your personal data on the following bases:
To perform a contract, such as providing products and services to you.
To comply with legal and regulatory obligations.
For legitimate business purposes.
In other cases, if necessary, with your consent.
We will only use your Personal Data when the applicable laws allow us to.
Who do we share your Personal Data with?
Do we send your Personal Data outside the EEA?
If there is a time where our service providers are based outside of the EEA, we will make sure that your Personal Data is still treated fairly and lawfully in all respects (including making sure we have a legal ground for sending your data outside the EEA and putting in place necessary safeguards for such arrangement).
What is our Personal Information retention policy?
To make sure ELPA meets its legal data protection and privacy obligations we only hold on to your information for as long as we actually need it for the purposes it was acquired in the first place.
After that, we will either delete it or anonymise it so it cannot be linked back to you.
Your rights as a data subject
Your duty to inform us of changes:
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes by keeping your details up to date.
Your rights in connection with personal data we hold
Under certain circumstances, by law you have the right to:
Rights of access – You have the right to request a copy of the Personal data that we hold about you.
Right of correction – You have the right to correct Personal Data that we hold about you that is inaccurate or incomplete.
Right to erase – You have the right to ask ELPA to delete or remove Personal Data from our records.
Right to restrict – You have the right to restrict the processing of your Personal Data.
Right to transfer – You have the right to have the Personal Data we hold about you transferred to another organisation.
Right to object – You have the right to object to certain types of processing such as direct marketing, as well as processing we undertake based on our legitimate interests.
If you want to exercise these rights, please contact firstname.lastname@example.org
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee or refuse to comply with your request if it is unfounded, repetitive or excessive.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
Time limit to respond: ELPA will try to respond to all legitimate requests within one month. Occasionally it may take longer than a month if a request is particularly complex or a number of requests have been made. In this case, ELPA will notify you and keep you updated.
Data Security / Protection
ELPA adopts industry standard processes to ensure your data is kept safe and secure and to prevent unauthorised access or use or loss of your data.
You have the right to make a complaint at any time to the Belgian Data Protection Authority (in Dutch: ‘Gegevensbeschermingsautoriteit’, in French: ‘L’Autorité de protection des données’).