Your privacy is important to us so we want to you know exactly what kind of information we collect about you and how to use it.
We’ve set out all the details below.
Please take the time to read and understand this policy.
Introduction / About us
For the purposes of the General Data Protection Regulation (GDPR) – and all other laws relating to the use of your data we are the ‘data controller’ of the information you provide to us. This means that we control the way the information is used and processed whilst keeping your personal data safe and only using it for legitimate reasons.
What Personal Data do we collect?
EPF knows how much data security matters to its members, partners and stakeholders. With this in mind, we will treat your data with the utmost care and take all appropriate steps to protect it.
You may provide us with the following types of personal data when you interact with us (when using our digital platform or otherwise):
- Identity – first name, family name, gender, date of birth, ID/passport details
- Contact – email address, home address, phone number, social media accounts/names
- Financial – bank details
- Profile – username, profile image
- Health – medical information, and dietary needs
How do we use your Personal Data?
EPF uses the information collected from you for purposes including the following:
- To provide you with products and services (such as newsletters).
- To process payments.
- For internal administration and record keeping.
- To answer your enquiries which may involve contacting you by post, e-mail or phone.
- To administer our digital platforms.
- To manage compliance/ regulatory issues.
- To verify identity (to, amongst others, detect and prevent fraud).
- To give you the opportunity to provide us with feedback through reviews, questionnaires and surveys.
- To process job applications.
- To register for external and internal events.
We use your personal data on the following bases:
- To perform a contract, such as providing products and services to you.
- To comply with legal and regulatory obligations.
- For legitimate business purposes.
- In other cases, if necessary, with your consent.
We will only use your Personal Data when the applicable laws allow us to.
Who do we share your Personal Data with?
We will not pass on your Personal Data to any third party unless we have obtained your consent.
Do we send your Personal Data outside the EEA?
The European Economic Area or “EEA” is deemed to have good standards when it comes to data privacy. EPF currently works within the EEA, however, if there is a time where our service providers are based outside of the EEA, we will make sure that your Personal Data is still treated fairly and lawfully in all respects (including making sure we have a legal ground for sending your data outside the EEA and putting in place necessary safeguards for such arrangement).
What is our Personal Information retention policy?
To make sure EPF meets its legal data protection and privacy obligations we only hold on to your information for as long as we actually need it for the purposes it was acquired in the first place.
In most cases, this means that we will keep your information for as long as you continue to i) be a member of EPF ii) be a partner in a project that EPF leads iii) subscribe to EPF’s newsletter and other publications.
After that we will either delete it or anonymise it so it cannot be linked back to you.
Your rights as a data subject
Your duty to inform us of changes:
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes by keeping your details up to date.
Your rights in connection with personal data we hold
Under certain circumstances, by law you have the right to:
- Rights of access – You have the right to request a copy of the Personal data that we hold about you.
- Right of correction – You have the right to correct Personal Data that we hold about you that is inaccurate or incomplete.
- Right to erase – You have the right to ask EPF to delete or remove Personal Data from our records.
- Right to restrict – You have the right to restrict the processing of your Personal Data.
- Right to transfer – You have the right to have the Personal Data we hold about you transferred to another organisation.
- Right to object – You have the right to object to certain types of processing such as direct marketing, as well as processing we undertake based on our legitimate interests.
If you want to exercise these rights, please contact email@example.com
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee or refuse to comply with your request if it is unfounded, repetitive or excessive.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
Time limit to respond: EPF will try and respond to all legitimate requests within one month. Occasionally it may take longer than a month if a request is particularly complex or a number of requests have been made. In this case EPF will notify you and keep you updated.
Data Security / Protection
EPF adopts industry standard processes to ensure your data is kept safe and secure and to prevent unauthorised access or use or loss of your data.
You have the right to make a complaint at any time to the Belgian Data Protection Authority (in Dutch: 'Gegevensbeschermingsautoriteit', in French: 'L'Autorité de protection des données').
How to opt-out
To unsubscribe from EPF newsletters you simply need to click on the unsubscribe link at the bottom of the relevant communication that you receive.
For any other direct emails, please contact us at firstname.lastname@example.org to opt-out of these communications.