EUY Data Protection Policy.Version 1.1 Effective Date: 19 April 2018
Your personal data is controlled and processed by the European Union of Yoga, YFN vzw, Kattestraat 120, B9400 Okegem-Ninove, Belgium. If you have any concern about providing information to us or having such information used in any manner permitted in this Data Protection Policy, you should not visit our websites or otherwise use our Services. By using our website, you expressly accept and give your unambiguous consent that your Personal Information gained with registration on this site may be transferred across international borders to server locations supporting the site (including but not limited to transfers from those locations back to the country of your registration) for operating and developing the site, or for the purposes of storing the data in the relevant databases.
Content:1. Information we collect about you
2. Where we store data
3. How we use your information
4. Disclosure of your information
5. Updating or correcting your personal data
6. Cancelling your account or deleting your personal data
7. Lawful Bases for Processing
8. Information Retention
9. Data Security
11. Direct Marketing
13. How do you contact us with questions?
1. INFORMATION WE COLLECT ABOUT YOU
We collect and process your personal data when you register for Congress, create an account, or register as a Teacher or School. Your personal data includes name and address, contact details, age, gender and Yoga affiliation. Your event data includes payment method and details. Your data will be used in the context you have so consented to, to process event organisation and reporting, and in communication processes as required.
No information may be submitted to the EUY via the site by persons who are minors under their applicable local legislation. In the event you are a minor in your country, you will need consent from your parent(s) or other legal guardian(s) before submitting any information.
2. WHERE WE STORE DATA
By submitting your personal data, you agree to the transfer, storing and processing of your data by the EUY on the EUY web server currently located in Ireland. We will take reasonable steps to ensure that your data is treated securely and in accordance with this Data Protection Policy and EU GDPR directives.
3. HOW WE USE YOUR INFORMATION
We use information held about you in the following ways:
• As an entry as participant to the congress
• To record your payments for congress or other services
• We do not record any payment account information except your PayPal email
• To summarise total numbers registered for events
• To provide EUY management with data analytics concerning event attendance
• To communicate with you concerning your registration and current events
• As a listed publishing member of the EUY Register for contact and communication
4. DISCLOSURE OF YOUR INFORMATION
We do not share, sell, trade, rent or disclose your data to any external entities or Third Parties. We gather, store and process your data internally on the EUY servers only, and your data is only visible to our internal Data Processing personnel. All analytics and reports are depersonalised and access is restricted to internal EUY Governance authority.
We will only disclose personal data in the following circumstances:
i) if it is required by law enforcement or judicial authorities, or to cooperate with a law enforcement investigation
ii) to protect our rights, reputation, property or the safety of us or others
iii) to defend or enforce our rights or your obligations
iv) for the purposes of fraud protection
5. UPDATING OR CORRECTING YOUR PERSONAL DATA
• You may request access to all your data whenever you wish, and you can view and print all your personal data we keep in your address book.
• You can ask us to erase or delete all or some of your personal data.
• You can edit most of your personal data through your account. You can also ask us to amend your data particularly if it is inaccurate.
• You can ask us to stop using all or some of your personal data.
• You can ask us for a copy of your personal data and can ask for a copy of personal data you provided in machine readable form.
6. CANCELING YOUR ACCOUNT OR DELETING YOUR PERSONAL DATA
You may choose to cease all participation in EUY events, in which case we will retain your information for a reasonable period in case you choose to re-engage. You may choose to close your account in which case we will delete your information within 60 days of your request.
However, we may retain your personal data even after you have closed your account if reasonably necessary to comply with our legal obligations (including law enforcement requests), comply with contractual obligations, meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, and finalise communications. We will retain de-personalized information after your account has been closed. You can close your account on your Address Book tab or in writing to the EUY.
7. LAWFUL BASES FOR PROCESSING
We will only collect and process personal data about you where we have lawful bases. The basis for the EUY of processing personal data is i) direct consent from the individual and ii) the legitimate interests of the organisation. Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object.
8. INFORMATION RETENTION
We act as a data processor under applicable laws. We will retain and use your personal data as necessary to comply with our organisational functioning, legal obligations, resolve disputes, and fulfil our obligations.
9. DATA SECURITY
Please note that while there are always risks associated with providing Personal Information, whether in person, by phone or over the Internet or any other media or terminal, and no system of technology is completely safe, "tamper" or "hacker-proof", we have endeavoured to take appropriate measures to prevent and minimize risks of unauthorized access to, improper use and the inaccuracy of your Personal Information.
Access by you to your account is available through a password and unique user Id selected by you. This password is encrypted. We recommend that you do not divulge your password to anyone, that you change your password often using a combination of letters and numbers, and that you ensure you use a secure web browser. We cannot be held accountable for activity that results from your own neglect to safeguard the secrecy of your password and username. If you share a computer with anyone, you should always log out of your account after you are finished to prevent access to your information from subsequent users of that computer. Please notify Customer Support as soon as possible if your username or password is compromised.
In addition, the EUY has implemented various other security measures to protect your data. These include a secure website with a SSL certificate from our ISP (https), secure and complex passwords for accessing the system and databases, safe and secure programming practices and principles, regular backups and training of our Data processing personnel.
Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your personal data, you acknowledge that: (a) there are security and privacy limitations of the Internet which are beyond our control; (b) the security, integrity and privacy of any and all information and data exchanged between you and us through this Website cannot be guaranteed and we shall have no liability to you or any third party for loss, misuse, disclosure or alteration of such information; and (c) any such information and data may be viewed or tampered with in transit by a third party.
In the unlikely event that we believe that the security of your personal data in our control may have been compromised, we will try to notify you. To the extent you have provided us with your email address, we may notify you by email and you agree to our use of email as a means of such notification. If you prefer for us to use another method to notify you in this situation, please contact us with the alternative contact information you wish to be used.
• Provide secure log-in
• Remember your log-in details
• Enable core site functionality
11. DIRECT MARKETING
We do not share your personal data with third parties for direct marketing purposes.
It is our policy to post any changes we make to our Data Protection Policy on this page (with a notice that the Data Protection Policy has been updated on the Websites). The date the Data Protection Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Websites and this Data Protection Policy to check for any changes.
Your continued use of the Services after such modifications will constitute your agreement to the updated terms of the modified Data Protection Policy.
13. HOW DO YOU CONTACT US WITH QUESTIONS?
If you have questions or complaints regarding this Data Protection Policy, please Contact us online or by email. You can also reach us by physical mail at the addresses below.
If contacting us does not resolve your complaint you can contact the Data Processing Officer.