European Women Lawyers Association
EWLA values the privacy of those who provide personal data to us. This privacy notice (the “Policy”) describes how and why we collect, store and use personal data, and provides information about individual’s rights. This Policy applies to both personal data supplied to us either by an individual or by organisations. We may use personal data supplied to us for any of the purposes as set out in this Policy, or as otherwise disclosed at the point of collection.
For further information about GDPR (General Data Protection Regulation), please click this link to access 2018 reform of EU data protection rules in the European Comission.
In this Policy, we use the terms:
- “we”, “us”, and “our” (and other similar terms) to refer to European Women Lawyers Association (EWLA)
- “personal data” to refer to any information relating to an identified or identifiable natural person (i.e. one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors); and
- “you” and “your” (and other similar terms) to refer to our associates, suscribers, individuals or companies, contacts, suppliers, job applicants, staff and visitors to the website https://ewla.org.
- other terms have the meanings set out in the applicable data protection laws (in particular the General Data Protection Regulation (EU) 2016/679).
2. Who is responsible for your personal data?
or, you can use postal service:
European Women Lawyers Association
28 Rue de l'Association
3. What personal data do we collect and process?
We collect and process the following personal data from you:
- Identity and Contact Data, including your name, address, telephone number, date of birth, language, marital status, passport number or similar, employment history, educational or professional background, tax status, employee number, job title and function, seniority and other personal data concerning your preferences relevant to our services;
- Financial and Payment Data, including your bank account and other data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
- Business Information, including information provided in the course of the contractual relationship between you or your organisation and us, or otherwise voluntarily provided by you or your organisation;
- Profile and Usage Data, we do not collect any information to create profiles or usage data for this website;
- Technical Data, including information collected during your visits to our website, the Internet Protocol (IP) address, login data, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform;
- Physical Access Data, relating to details of your visits to our premises or 3rd party premises because of our events;
- Sensitive Personal Data: in the course of our associates services, and other people who are not, we may represent you and/or your organisation in legal or organization matters that require us to collect and use sensitive personal data relating to you.
4. How do we collect your personal data?
In the majority of circumstances we will collect personal data (1) from our clients or from third parties acting on behalf of our clients or (2) if you sign up to attend any of our events and/or to receive our communications. In some circumstances (3) we may collect personal data from third parties. The circumstances in which we can collect personal data about you are the following:
- when you seek advice from us;
- when you use any of our services;
- when you offer to provide, or provides, services to us;
- when you correspond with us by phone, email or other electronic means, or in writing, or when you provide other information directly to us, including in conversation with staff or external providers;
- when you browse, complete a form or make an enquiry or otherwise interact on our website or other online platforms;
- when you attend our seminars, training or other events or sign up to receive information from us;
- by making enquiries from your organisation or other organisations with whom you have dealings such as former employers and educational institutions;
- by making enquiries from third party sources such as government agencies, credit reporting agency, database and information service providers, from publicly available records or non-public records (such as National Register).
5. How will we use your personal data and on what basis?
- The processing is necessary for the performance of a contract you are party to or in order to take steps at your request prior to you entering into a contract with us.
- The processing is necessary in order for us to comply with our legal obligations.
- Where you have given consent to the processing of your personal data
- The processing is necessary for the pursuit of our legitimate interests
6. Who else may have access to your personal data?
On occasion, we may need to share your personal data with third parties. We will only share personal data where we are legally permitted to do so.
Where you provide us with personal data, we will assume, unless you instruct us otherwise in writing, that we can disclose your personal data in such manner as we believe is reasonably necessary to provide our services (including as described in this Policy), or as is required under applicable law.
We share your personal data:
- With our service providers. Our arrangements with external service providers currently cover the provision of support services including IT, money laundering and terrorist financing checks, events management, document production, secretarial services, and facilities management;
- with courts, law enforcement authorities, regulators, government officials if we are legally required to do so or when disclosures are required by law or regulation;
7. International transfers of Information.
We can transfer or host your personal data inside the European Union because of the agreements between third service companies and EWLA, and always under a General Data Protection Regulation contract to keep your data safe.
8. Security of your personal data.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We put in place strict confidentiality agreements (including data protection obligations) with our third party service providers.
We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
9. Your rights.
You have various rights with respect to our use of your personal data:
- Access: The right of access gives you the right to obtain a copy of your personal data. It helps you to understand how and why we are using your data, and check we are doing it lawfully. There are exceptions to this right, so that access may be denied if, for example, making the information available to you would reveal personal data about another person, or if we are legally prevented from disclosing such information.
- Rectification: You have the right to have inaccurate personal data rectified and to have incomplete personal data completed. We encourage you to contact us using the contact details provided below (nº 15) to let us know if any of your personal data is not accurate or has changed, so that we can keep your personal data up-to-date. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
- Erasure: You have the right to have your personal data erased. This right is not absolute (for example, we may retain your personal data for a longer period because of our legal obligations) and only applies in certain circumstances (for example if your personal data is no longer necessary for the purposes for which it was collected, or when your personal data have been unlawfully processed).
- Restriction: You have the right to restrict the processing of your personal data in certain circumstances. This means that you can limit the way that we use your personal data where you have a particular reason for wanting the restriction. This may be because you have issues with the content of the information we hold or how we have processed your data.
- Portability: You have the right to request that some of your personal data is provided to you, or to another data controller, in a structured commonly used, machine-readable format. This right to data portability only applies when our lawful basis for processing this information is consent or for the performance of a contract and we are carrying out the processing by automated means (i.e. excluding paper files).
- Objecting: You have the absolute right to object to the processing of your personal data if it is for direct marketing purposes. In others specific circumstances, you also have the right to object to processing of your personal data and to ask us to block, erase and restrict your personal data.
- Automated individual decision-making: You shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. The right is not absolute and only applies in certain circumstances. You will be specifically informed if we make such automated individual decision.
- Complaints: We are committed to working with you to obtain a fair resolution of any complaint or concerns about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint with a supervisory authority, in the Member State of your habitual residence, of your place of work or of an alleged infringement of the data protection laws. You also have the right to seek a remedy through the courts.
You may, at any time, exercise any of the above rights, by contacting us using the contact details provided below (nº 15). If we have doubt about your identity, we may request you to provide us with a proof of your identity, i.e. a copy of your ID card, or passport, or any other valid identifying document.
10. Withdrawal of consent.
When personal data is processed on the basis of your consent, you may withdraw consent at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another legal ground for the processing.
In the event that you no longer want to receive any marketing communications from us, please use the unsubscribe option (which is in all of our marketing emails to you), or contact us using the contact details provided below (nº 15). Withdrawal of consent to receive marketing communications will not affect the processing of personal data for the provision of our services.
11. How long do we keep your personal data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for us to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled.
Our general retention period, for the personal data which processing is necessary for the performance of a contract, is 5 years starting from the end of the contract or closing of the file. In some instances there are legal and regulatory exceptions which may require personal data to be held for longer or shorter periods. If you require further information please contact us using the contact details provided below (nº 15).
Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.
13. Links to other websites.
Our website(s) and social media pages may link to other, unaffiliated third party websites and/or social media pages. Please note that we are not, and cannot, control or be responsible for the content or privacy and confidentiality practices of any third party websites. You must always carefully review the privacy and confidentiality policy of any third party website that you may visit in order to understand how the operators of that website may collect, store and use your personal data.
We reserve the right to update and change this Policy from time to time in order to reflect any changes to the way in which we process your personal data or changing legal requirements. Any changes we may make to our Policy in the future will be posted on this page and, where appropriate, notified to you by email.
This Policy was last updated in June 2018. Please check back regularly to keep informed of updates to this Policy.
15. Contact Details.
Please, contact digitally through our e-mail address: email@example.com
or, you can use postal service:
European Women Lawyers Association
28 Rue de l'Association