Privacy Policy (Version 02/2020)
We as NEC Socitey (former NEC User Group) would like to welcome you on our website and express our delight about your interest in our association and our services. We take the protection of your data very seriously and hope that you feel comfortable during your visit at our website as well as a member and interested party of our association. Our main concern, which we observe thoroughly in our business processes, is your privacy. This Privacy Policy solely affects the processing of personal data, which are collected in the context of providing our website www.nug-society.com and are provided by you voluntarily, e.g. in the context of the application for admission. We process this data according to the applicable data protection law of the General Data Protection Regulation [Directive (EU) 2016/679; page 1f. of Directive EU 4th May 2016 L 119, hereinafter referred to as “GDPR”] and in accordance with the applicable national data protection regulations prevailing to us.
I. Definitions
This Privacy Policy is based on the definitions in Art. 4 GDPR. We would like to inform you about the here used definitions in advance, in order to promote transparency and comprehensibility:
1. „Personal Data“
Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2. „Data Subject“
A data subject is any identified or identifiable natural person, whose personal data is processed by the controller.
3. „Processing“
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
4. „Restriction of Processing“
Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.
5. „Controller“
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
6. „Processor“
Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
7. „Third Party“
Third party means a natural or legal person, public authority, agency or body other than the data subject, Controller, processor and persons who, under the direct authority of the Controller or processor, are authorized to process personal data.
8. „Consent“
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
9. „Profiling“
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
II. Controller
Please address the Controller responsible for your personal data according to Art. 4 para. 7 GDPR in case of enquiries regarding to the processing of your personal data and in order to claim for your rights clarified under Sec. VI. and for claiming your right to object.
III. Processing of Personal Data
1. When visiting our website
If you visit our website, information is automatically sent to the server of our website by the browser used on your end device. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and stored until it is automatically deleted:
-
IP-Address of the accessing computer
-
Date and time of the access
-
website from which our site was accessed (Referrer-URL)
-
Name and URL of the accessed file
-
transferred quantity of data
-
type and version of the browser used
-
the operating system of your computer
The data mentioned above are processed by us for the following purposes:
-
ensuring a smooth connection of the website,
-
ensuring comfortable use of our website,
-
evaluation of system security and stability as well as
-
for further administrative purposes.
2. When using our various services on our website and within the scope of the membership
When using our various services on our website, personal data is only gathered if you consent to this or if you provide us with this information voluntarily.
The use of these services is voluntary for you, but for the performance of these services we require your personal data, which you are requested to provide before each use. The services that we offer in this context on our website are as follows:
-
Contact via the contact details given in sec. II
-
Application for admission to our association
The personal data you provide will be used for the purpose of initiating contact, answering your enquiries, implementing the contract concluded with you or requested and/or, within the framework of your membership of our association, for sending circulars and newsletters, invitations to events and as general correspondence within the framework of the association’s activities.
The personal data such as the name of the managing director or the sole owner as well as the personalized e-mail address we usually receive from you through the application for admission, business cards and direct correspondence by e-mail from you. These data are mentioned in the member directory.
Your personal data will be deleted if and when they are no longer necessary for the initial purposes. Personal data subject to legal storage times are excluded thereof.
We also use cookies when you visit our website. You will find more detailed explanations on this under sec. IX of this privacy policy.
IV. Legal Basis for the Processing of Personal Data
The processing of your personal data is based on the regulations of the GDPR.
If we obtain your consent to the processing of personal data, Art. 6 para. 1 lit. a) GDPR serves as legal basis for the processing.
Processing personal data which is required for the performance of a contract to which you are a party, Art. 6 para. 1 lit. b) GDPR serves as legal basis. This also applies for data processing which are required for the execution of precontractual measures, especially in the initiation and implementation of your membership in our association.
If and when the processing of personal data is required for the compliance of a legal obligation to which our company is subject to, Art. 6 para. 1 lit. c) GDPR serves as legal basis.
If the processing is required for the purposes of a legitimate interest of our company or a third party and if your interests, civil rights and basic freedoms are not overridden by the first mentioned interest, Art. 6 para. 1 lit. f) GDPR serves as the legal basis for the processing.
V. Transmission of your Personal Data
Your personal data will be transmitted to third parties only, if this transmission is based on a legal basis listed under Sec. IV. or processing takes place on our behalf in accordance with Art. 28 GDPR.
VI. Data Subject Rights
In order to assert your data subject rights, please address the controller via contact opportunities mentioned under Sec. II.
1. Right of Access
According to Art. 15 para. 1 GDPR you have the right to access information about your personal data processed by us. Upon request, we notify you in writing as promptly as possible which personal data about you is stored by us. In particular, you can access information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the envisaged retention period, the right to rectification, erasure, restriction of processing or to object, the existence of the right to lodge a complaint, the source of your data, if not collected by us, and the existence of automated decision-making, including profiling and, where appropriate, relevant information on their details.
2. Right to Obtain a Copy
You have the right to request a free copy of all processed personal data concerning your person, according to Art. 15 para. 3 GDPR. Further copies may be reasonably charged. The right to obtain a copy shall not impair the rights of other persons. Commercial secrets and intellectual property rights of third persons may bar the right to obtain a copy.
3. Right to Rectification
According to Art. 16 GDPR you have the right to obtain the rectification of inaccurate personal data or to demand the completion of your personal data stored by us.
4. Right to Erasure
According to Art. 17 GDPR you have the right to obtain the erasure of your personal data stored by us, unless the processing is not required to exercise the right of freedom of expression and information, for reasons of public interest or for assertion, exertion or defense of legal claims.
5. Right to Restriction of Processing
According to Art. 18 GDPR you have the right to demand the restriction of the processing of your personal data, as far as the accuracy of the data is denied by you, the processing is unlawful, but you reject their deletion and we do no longer need the data, but are required by you to assert, exercise or defend legal claims or if you have objected to the processing pursuant to Art. 21 GDPR.
6. Right to Data Portability
According to Art. 20 GDPR, you have the right to receive your personal data provided to us in a structured, commonly used and machine-readable format or to request transmission to another Controller.
7. Right to withdraw the consent
In accordance with Art. 7 para. 3 GDPR, you have the right to withdraw your once given consent at any time. As a result, we are no longer allowed to continue the data processing based on this consent for the future.
8. Right to lodge a complaint with a supervisory authority
According to Art. 77 GDPR you have the right to lodge a complaint with a supervisory authority, if you consider, that the processing of your personal data infringes applicable provisions. You may contact the supervisory authority located at your usual place of residence or work or at the residence of our company headquarter.
VII. Right to Object
If the processing of your personal data is based on legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f. GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct mailing. In the latter case, you have a general right to object, which will be implemented by us without specifying any particular situation.
In order to assert your right to object, please send an email to contact@nug-society.com.