I. General conditions
ESAMIS performs personal data processing in compliance with the current regulation and standards and in particular with EU Regulation n°2016/679 known as the “GDPR”.
GDPR defines “personal data” as any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (hereinafter “PD”).
The Controller is the ESAMIS, a non-for-profit association with the headquarters in Romania. More information about ESAMIS is available here: https://esamis.org/about-us
Please contact the ESAMIS headquarters for any question relative to your PD and to exercise your rights. e-mail: info@esamis.org with a reference ‘Privacy’.
ESAMIS primarily processes PD of its staff, members, ESAMIS friends, editorial teams, award, fellowship and training program users, online tool users and event participants.
This data primarily includes identification data and data related to personal and professional life (date of birth, profession, employer,…) as well as payment details etc. and location data (IP, logs,…).
ESAMIS collects your PD mostly directly through its website www.esska.org (herein after “ESAMIS’s Website”), through other platforms used in connection with the services and products ESAMIS provides, through registration documents or questionnaires and other methods of communication (telephone, email, letters etc.), but also sometimes indirectly through partners entrusted with collecting your PD for ESAMIS such as event organizers or editorial/publishing partners.
Each PD processing activity by ESAMIS pursues a specific purpose under specific legal basis and implies a specific conservation period as described below under “II. Specific Conditions”.
ESAMIS’s PD processing activities are performed on the basis of the individual’s formal and prior consent insofar as possible or based on the strict necessity of the performance of contracts and/or of compliance with legal obligations.
ESAMIS protects the PD through organisational and technological measures to guarantee their security, confidentiality, integrity and availability and resilience of processing systems and services, in compliance with legal requirements.
The recipients of these PD are ESAMIS and its employees and subordinates and, only if needed to fulfil the relevant processing activity’s purpose, professional partners/providers under contract with ESAMIS, such as but not limited to journal and books publishers, training/teaching teams, award/fellowship teams and juries, digital service providers, event organizers etc.
These recipients guarantee the same level of protection as ESAMIS.
In some cases, those recipients are located outside the European Union and namely in the USA.
ESAMIS chooses third-party agents with care and works to ensure they uphold GDPR compliant privacy and security standards. Third parties located in the USA are compliant with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States.
Within conditions stated by current legislation and GDPR in particular, individuals hold on their PD processed by ESAMIS, the rights to:
To exercise one or more of these rights, ESAMIS must be contacted in writing using the contact details stated above.
Individuals also hold the right to submit a complaint to a supervisory authority, such as the CNPD.
II. Specific conditions to each processing:
A) When you provide ESAMIS with your PD on the page “Contact us” of ESAMIS’s website:
Your data is processed by ESAMIS with your formal consent on the legal basis of GDPR provision 6 §1 a).
The purpose of this processing is to answer your questions and/or requests submitted on this page.
The PD will be retained for the time needed to respond to your questions and/or requests submitted on this page or until you withdraw of your consent whichever comes first.
At any time, you can withdraw your consent regarding this processing by submitting a written request to the ESAMIS Headquarters at info@esamis.org with a reference ‘Privacy’.
The withdrawal of consent will not affect the legality of the processing prior to the withdrawal date.
Please note that the failure to provide the PD required on this page may prevent ESAMIS from fulfilling the above-mentioned purpose and therefore from responding to your question and/or request.
B) When you provide ESAMIS with your PD on ESAMIS’s Website or any other ESAMIS document within the framework of a Membership subscription, Training program/Courses registration, Fellowship or Award application, ESAMIS online services use (Academy, document resources, etc.), questionnaires you may completed etc..
Your data is processed by ESAMIS on the legal basis of GDPR provision 6 §1 b).
The purpose of this processing is to allow ESAMIS to perform the service you have contracted with ESAMIS for (Membership, Academy use, Training or fellowship program, Award application, etc.) or in order to take necessary steps prior to entering into such contracts.
The PD will be retained for the time needed to implement this service and for the duration of the legal statutes of limitation related thereto.
Individual rights applicable to these processing activities are those above mentioned under “General Conditions”.
C) When you provide your PD on the page “Friends of Esska” or you explicitly agree to receive information and direct marketing from ESAMIS on any other page of ESAMIS’s Website or documents :
When on ESAMIS’s website on the page « Friends of ESAMIS » or any other page or any other ESAMIS document you check the box:
☐ I have read the Privacy Policy and grant consent to use my data.
You give formal agreement to ESAMIS to process your PD for direct marketing purposes, including sending you newsletters, event information, commercial offers on subscriptions, trainings, events, etc.
Your data is processed by ESAMIS with your formal consent on the legal basis of GDPR provision 6 §1 a).
The PD will be retained for the entire duration of existence of ESAMIS or until you withdraw of your consent whichever comes first.
At any time, you can withdraw your consent regarding this processing by submitting a written request to the ESAMIS Headquarters at info@esamis.org with a reference ‘Privacy’.
The withdrawal of consent will not affect the legality of the processing prior to the withdrawal date.
Please note that the failure to provide the PD required along with this box may prevent ESAMIS from fulfilling the above-mentioned purpose and therefore from sending you information and offers related to ESAMIS’s activities.
The Privacy and Personal Data Protection Policy may be updated at any time. Such updates will be effective from the date of the uploading of the revised Privacy and Personal Data Protection Policy on the ESAMIS’s website or its communication to you. Please ensure that you regularly read the latest version of the Privacy and Personal Data Protection Policy.