ELSA the Netherlands acts as the Data Controller for the personal data we process. If you have any questions or concerns about our privacy practices, please contact us at firstname.lastname@example.org.
Collection of Personal Data
We collect personal data from members, participants in activities and partners. The personal data we collect may include:
– Email address
– Phone number
– Payment details
– Enrollment in a university
– Membership of a Local or National Group of ELSA
– Company name
– Job description
– Professional certifications
– Emergency contact information
– Special categories of personal information, including but not limited to:
– medical information
– religious or philosophical information
Use of Personal Data
We use personal data to provide our services. The specific purposes for which we use personal data may include:
– Managing membership and partner relationships
– Organisation of our activities
– Processing payments
– Providing educational and professional development resources
– Communicating with members and partners
– Sending newsletters and promotional emails
– In case of emergencies during our activities, providing necessary information to emergency services
– Complying with legal obligations
Legal Basis for Processing
We process personal data on the basis of one or more of the following legal grounds:
– Consent: You have given us explicit consent to process your personal data for a specific purpose.
– Contract: Processing your personal data is necessary for the performance of a contract to which you are a party.
– Legal Obligation: We are required by law to process your personal data.
– Legitimate Interests: We have a legitimate interest in processing your personal data that is not overridden by your rights and freedoms.
We process special categories of personal information only if you have given us explicit consent to do so.
Sharing of Personal Data
We only share information within the organisation on a need to know basis. Unless you have given us explicit consent that we may share personal information outside the organisation.
We may share personal data with third-party service providers who assist us with our activities, such as payment processing and email marketing. We ensure that these third-party service providers are GDPR compliant and have appropriate safeguards in place to protect your personal data.
We may also disclose personal data if required by law or to protect our rights or the rights of others.
Security of Personal Data
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, or destruction. We regularly review and update our security measures to ensure the ongoing confidentiality, integrity, availability, and resilience of personal data.
Retention of Personal Data
We retain personal data for as long as necessary to fulfil the purposes for which it was collected, or as required by law. When personal data is no longer necessary, we securely delete or destroy it.
You have the right to access, rectify, or erase personal data that we hold about you. You also have the right to restrict or object to the processing of your personal data and the right to data portability.
To exercise your rights or to request further information about our privacy practices, please contact us at email@example.com.
Complaint at National Privacy Autorities
You have the right to lodge a complaint with the national privacy authorities of the Netherlands, the Autoriteit Persoonsgegevens (AP), if you believe that your personal information has been processed in a way that does not comply with applicable data protection laws and regulations.
To lodge a complaint you may contact the AP using the following details:
Telephone number: +31(0)70 888 85 00
PO Box 93374
2509 AJ DEN HAAG
You can also use the website of the AP to lodge a complaint using this link (page is in Dutch)
We encourage you to contact us first before making a complaint to the AP, as we would welcome the opportunity to address your concerns and work with you to find a satisfactory resolution.
Last updated: 15 May 2023