1.1. The website available at the address https://www.epfsf.org/ (hereafter: the ‘Website’) is operated by and is the property of EPFSF (European Parliamentary Financial Services Forum), with business number 0884.395.322 and with registered office at R-P Schuman 2-4, 1040 Brussels (hereafter: ‘[●]’, ‘we’ or ‘our’).
1.4. We are responsible for processing your personal data. As the Controller, we take all appropriate technical and organisational measures so that the processing is in compliance with Regulation (EU) 2016/679 of 27 April 2016 (hereafter: ‘GDPR’). Our appointees or employees who have access to your personal data are also required to comply with the obligations of the GDPR.
1.7. a We must inform you that you must always have express permission from the relevant people before uploading to or placing information on the Website about these people.
2. Who are we and how can you contact us?
Information and details of EPFSF:
Legal form: ASBL
Company name: EPFSF (European Parliamentary Financial Services Forum)
Trade name: EPFSF
Registered office: Rond Point Schuman 2- 4, 1040 Brussels, Belgium
National number: 0884.395.322
Telephone number: + 32 490 64 60 77
Hyperlink(s) Website: https://www.epfsf.org
4. For which purposes do we process your personal data?
We process your personal data that was shared on or via the Website solely for our activities.
5. What are the legal grounds for processing your personal data?
7. Who receives and/or process your personal data, in addition to the Controller?
Your personal data is also processed on our behalf by, among others, our IT supplier SKINN. This processing is arranged in a controller contract that we have concluded with them.
9. Where, how and for how long do we retain your personal data?
9.1. Your personal data is stored on a secure server.
9.2. We shall not store your personal data for any longer than required to achieve the purposes specified in Article 4. In this context, we could therefore store your personal data for some time.
10. What are your rights?
10.1. You have the right to request:
- a review of your personal data;
- improvement (rectification) or removal (deletion) of your personal data;
- a restriction of the processing that relates to you.
10.2. You have the right to appeal against the processing of your personal data. You can object to the processing of your personal data for direct marketing at all times and at no cost
10.3. You have the right to have your personal data transferred to another controller.
10.4. If the processing of your personal data is based on your permission, you have the right to revoke this permission at all times. However, the revocation of your permission is not retroactive and the lawfulness of the processing based on your permission before the revocation thereof shall remain intact.
10.5. You have the right to submit a complaint to the Privacy Commission/Data Protection Authority.
10.6. The exercise of the aforementioned rights is dependent upon the requirements and conditions as stipulated in the GDPR.
10.7. In order to exercise these rights, you can send a simple request to firstname.lastname@example.org providing adequate proof of your identity.
11 What are our obligations?
11.1. We take all the appropriate measures to guarantee the security level that is aligned with the risks for and during the protection of your personal data.
11.2. We maintain a processing register in which the (category of) processing of your personal data is described.
11.3. [If applicable - We have appointed a Data Protection Officer who informs and advises us concerning our GDPR obligations, who supervises our compliance with the GDPR, and is the point of contact for the authorised privacy authorities.]
11.4. We cooperate with the authorised privacy authorities (at their request).
11.5. Where necessary and/or required, we shall immediately inform the Privacy Commission/National Data Protection Authority within 72 hours after detection of any security incidents or data leaks (including illegal processing, loss, unavailability, destruction, damage, or unauthorised distribution of your personal data).
We will also inform you under the terms and conditions specified in the GDPR if such a violation appears to entail a high risk for your rights.
If you become aware of a violation in relation to your personal data or that of others, you may contact us on the email address email@example.com.
11.6. If we use new technologies or applications in order to process your personal data, which could correspond to high risks in relation to your data protection, we will conduct a so-called ‘Data Protection Impact Assessment’ (DPIA) under the conditions of GDPR and, if necessary, consult the Privacy Commission/Data Protection Authority in advance.
12.1. The Website uses ‘cookies’ with a view to improving the user experience and for the collection of Website visitor statistics. Cookies are small data files that are saved by the browser on your computer when you visit a website and which facilitate the interaction between the visitor and the Website. Cookies do not contain any personal data.
The following types of cookies are used on the Website:
i. Temporary cookies: these cookies are deleted once your browser closes and are vital for enabling you to navigate the Website.
ii. A Permanent cookies: these cookies are used to pass information to the webserver https://policies.google.com/privacy?hl=nl when somebody visits the website and remain stored on your computer. These cookies are activated each time you visit the Website.
iii. Functional cookies: these cookies are used in order to ensure the Website functions effectively.
iv. Non-functional cookies: these cookies can be used for more statistical purposes, among other things.
12.3. You have the right to object to the previously permitted use of the aforementioned cookies upon request and at no charge. You can submit this request at any time to firstname.lastname@example.org.
Questions? Feel free to contact us: email@example.com.