According to the General Data Protection Regulation of the European Union (the EU GDPR), the European Pellet Council (EPC, a Bioenergy Europe network) acts as data controller of all information they collect.
EPC is committed to the highest data privacy standards and to protecting the personal data it collects and processes. To this end, EPC uses a secured cloud CRM technology to prevent data breaches and unlawful use. As a data controller, our responsibility notably implies that we provide you with the right to consult, correct or remove any of your personal data.
- Should you wish to consult, complete, rectify or remove any of the information that we hold about you or your organisation, please contact us at: firstname.lastname@example.org
- To know more about your data protection and privacy rights please consult the Belgian Commission for protection of privacy.
Personal data collected by EPC
As a member of EPC or as an external stakeholder, you may provide us with personal data when using our website, interacting with us on social media or during events, when registering to our events, newsletters, webinars and other activities. The data we collect is gathered on our CRM. It includes your organisation name, title (or gender), job title, first name, family name, function, telephone number, mailing address, e-mail, social media account(s) as well as – where applicable, a classification of your interest in our activities and your organisation key business.
Some of this data is considered as personal data under the EU GDPR. In most instances, we collect personal data directly from the data subjects, but we may sometimes obtain personal data from third parties such as directories or EU institutions’ websites.
Use of personal data collected by EPC
The information that you provide us with will be used for the purpose of contacting you, fulfilling your online requests or facilitating your access to members-only content and or providing you with relevant and updated information about our organisation, its activities, its positions and publications.
For membership management and general administration: EPC has legitimate interests in the processing of personal data of the contact persons across its membership for administering or informing its membership or for the governance of the association (such as the organisation of general assemblies and board meetings). EPC also processes the personal data of representatives and contact persons of entities with which EPC contracts, such as consortiums, services providers or consultancies.
For projects (technical), publication and advocacy purposes: EPC processes contact details of journalists, Members of European Parliament, officials from the European Commission and from EU Member States, academics, consultants and industry experts and European affairs stakeholders for the purposes of carrying out its research and advocacy activities.
For events organisation: EPC processes identification details of individuals who register to participate to events and conferences it organises for the purpose of managing the registration, invoicing and participation to such events under the general terms and conditions that are expressly accepted by the individuals and or based on consent for certain personal data.
For websites security and content access: EPC processes identification data from individuals who register themselves on websites managed by EPC and give their express consent to receive newsletters or information from EPC. EPC also processes identification data from members or content subscribers to facilitate their personal access to the meeting documents of their working groups or subscribed content.
Data sharing and explicit consent, retention and right of consultation & modification
As a non-profit organisation EPC does not share or sell any personal data to third parties for any commercial purposes. Your personal data will not be shared with any other third parties unless we would be required to do so by law or to comply with a court order served upon us in connection with our website(s), social media, the implementation of the EU GDPR or to protect and defend our legal rights and interests and those of our members.
Personal data may be shared with EPC members for the same legitimate interest and purpose EPC uses them. Your personal data may be processed outside the European Union. In such case, the transfer of data is governed by a data processing agreement to provide adequate safeguards as defined by the EU GDPR.
Your prior informed, explicit, consent for the use and processing of your personal data will be requested for registering to EPC mass communication such as newsletters or event participation.
Your personal data will be kept if you are a designated person of your organisation in relation with EPC or its members and, otherwise provided by law, for the time that is strictly necessary to achieve the purpose(s) for which they were collected.
- Should you wish to withdraw your prior informed consent, consult, complete, rectify or remove any of the information that we hold about you or your organisation, please contact us at: email@example.com;
Our website(s), social media channels and electronic communication tools may also contain links to websites or social media channels of third parties. These links are provided for your information and convenience only. EPC does not endorse, approve or take any responsibility for the websites or social media channels which we provide links to. We also does not endorse, approve or take any responsibility for their availability, performance, content or for the use of such websites or social media channels or any information contained therein.
Policy update and notification
EPC may update this policy at any time by posting changes online. Any such changes will be notified to registered contacts and to website visitors to be read and accepted.
Brussels, 23 May 2018