In this privacy statement we explain what personal data we collect and use and for what purpose. We recommend reading this statement carefully. ESTD complies with the principles of the Data Protection Bill 2017 in accordance with General Data Protection Regulations (GDPR).
The ESTD is an independent non-profit organisation. Via our website we offer information and several services to members and non-members. In doing so, we process personal data. We therefore work together with other companies. We believe working carefully with personal data is of great importance. Because of this, we carefully process and secure personal data and we adhere to the requirements of the privacy laws. That means that we, for instance:
- Clearly mention for which purposes we process personal data. We do this via this privacy statement;
- Limit gathering personal data to only those personal data necessary for purposes for which they are processed;
- First ask you for explicit consent to process your personal data in cases in which your permission is required;
- Do not provide your data to third parties, unless necessary to deliver the requested service or when we are required by law;
- Make arrangements with third parties, when we share your data, to ensure that these data or not used for other purposes;
- Take appropriate security measures to protect your personal data and also demand this from those parties commissioned by us that process personal data;
- Respect your right to, on request, correct or delete your personal data or offer it for your perusal.
In case you want to contact us in response to this privacy statement, you can do so via undermentioned contact details.
E-mail: via the contact form on our website www.estd.org
Post: ESTD, Postbus 31441, 6503 CK Nijmegen.
Use of personal data
With the use of our memberships, services and the website, you leave behind certain data, which can be personal data. We do not always process all undermentioned data, since this is dependent on which services and functionalities you wish to use. Depending on the services and functionalities that you use, we could process the following personal data:
- Membership number
- Company name and address
- Region and country
- Telephone number(s)
- E-mail address(es)
- Dietary preferences (at conferences, and so forth)
- Information that you fill in yourself in an open field, such as a message in the contact form
- Login details (username and password)
- Details concerning the membership of the ESTD
- Order and invoice details
- E-journal membership (yes/no)
- Bank account numbers
- Participation in meetings (members and guests)
- Admission date
- Termination date (if applicable)
- Correspondence by e-mail or per post
- Technical details of equipment such as the IP address (collected and stored in an anonymised format), cookie identifiers and your surfing behaviour on our website
- Device type (unique identifiers) and screen size
- Geographic location (country only)
- Preferred language used to display the webpage.
Our servers automatically record information which is created using our software. Data includes:
- Referring domain
- Pages visited
- Geographic location (country only)
- Preferred language used to display information
- Data and time when pages were accessed or created.
We process above-mentioned data for one or more of the following purposes (which partly depends on the services and functionalities that you use):
- To process your subscription to our membership, community or other services;
- To process your subscription to an activity and to inform you about the details;
- To process your complaint or response to a complaint or to contact you in regards to your question or complaint;
- To handle orders and for debtor monitoring;
- To learn which subjects are of interest to our members;
- To communicate with you by sending electronic newsletters and/or by post;
- To answer your questions or to handle complaints via social media, e-mail, by post or by telephone;
- To improve our website;
- To validate and confirm your rights to access free and discounted offers with external companies;
- To process Continuous Professional Development certificates
Provision to third parties
Only if necessary for the delivery of the services requested by you, we provide the data provided by you to third parties.
In this way, some of your data can be imported into the financial administration, run on an external platform.
When we provide your data to third parties, we ensure that (with an agreement) your data is not used for other purposes. In addition, we will agree with third parties that your data is deleted when no longer needed.
We will not provide your data to other parties, unless this is required by law or allowed.
Profiling and cookies
A ‘cookie’ is a small text file that is placed on a user’s computer hard drive by a website. There are several types of cookie and the most common are often referred to as ‘session’ cookies. These are used to keep track of information needed by a user as they travel from page to page within a website. These cookies have a short lifetime and expire within a few minutes of the user leaving the site.
Other types of cookies can be used to track internet activity after the user has left a website. These are usually sponsored by organisations external to the website being visited and are generally known as ‘third party’ cookies. These usually have a long lifetime with several months being quite common. They are ‘harvested’ and ‘refreshed’ whenever the user visits a page where the same or a similar cookie is being used.
ESTD uses benign, short lived ‘session’ cookies to tell whether a website user has logged in, where to find details that can be used to pre-fill parts of on-line forms and to personalise the user’s visit to the website.
ESTD cookies do not analyse visits to other website or any searches undertaken whilst on the ANP website.
Internet browsers normally accept cookies by default; however, it is possible to set a browser to reject cookies. If this is done it is important not to exclude the benign and useful session cookies. Choose an option that rejects all third party and long lived cookies.
ESTD uses cookie free technology that uses Internet Protocol (IP) information exchanged during the course of normal web activity combined with data enhancement technology to get detailed analytics information.
Securing and saving
We take appropriate security measures to reduce misuse of and unauthorised access to your personal data. We ensure that only the required persons have access to the data, that the access to the data is protected and that our security measures are being controlled regularly. We do not save data longer than necessary, which means that we save data as long as necessary to provide you the requested services and hereafter to answer your questions. Exceptions are data we are obliged to save for a longer period of time by law. Applications by members to join ESTD are kept on record for up to 3 years. Applicants who have been barred, banned or otherwise excluded from membership are kept on record as long as necessary, to prevent renewed access to ESTD in keeping with the interests of public safety.
Websites of third parties
This statement does not apply to websites of third parties which are only connected to our website via links. We cannot guarantee that other websites process your personal data in a reliable and safe manner, once provided by you. Prior to use, always read the privacy statement of a certain website, for additional information in regards to handling of data.
Modifications of this privacy statement
From time to time we could modify this privacy statement. Modifications will be published on our website. We therefore recommend you to regularly consult this privacy statement, so that you are aware of these modifications.
Perusal and modification of your data
For perusal of your processed data, you can contact the secretariat of the ESTD via the following details:
NL-6503 CK Nijmegen
email@example.com (only members).
A part of the data of the members is saved on the website. Members can check those data on the website by logging in to their account.
For non-members: to prevent misuse we ask you, after a written request for perusal, to adequately identify yourself, by sending a copy of a valid identity card. Do not forget to shield your identity number and your passport photo from the copy.
Autoriteit Persoonsgegevens (Dutch authority for data protection)
In case of complaints in regards to the processing of your personal data, we are of course willing to help. Should you nevertheless not be able to work it out with us, you are also entitled to submit a complaint to the privacy regulator (Autoriteit Persoonsgegevens), based on privacy legislation. You can therefore contact Autoriteit Persoonsgegevens.
This version of the privacy statement was implemented on the 1st of June 2019.