1. General Provisions
This privacy notice (“Privacy Notice”) applies to personal data we process about you as a natural person.
In the sections below you will find information concerning the personal data we collect, why we collect it, how long we keep it, what your privacy rights are, and how you can exercise them.
International Post Corporation SCRL, is registered at avenue du Bourget 44, 1130 Haren (Brussels), Belgium, VAT BE 0436.501.681 RPR/RPM Brussels ("IPC", "we", "us", or "our"), as data controller.
1.2. How to contact us
If you have any questions or concerns regarding this Privacy Notice, or if you wish to exercise any of the rights listed under section "Your rights" below, evidence of your identity must be provided and a written request sent to our above address, or to email@example.com.
Any communication from us in relation to your rights as detailed bellow will be provided free of charge. However, in case of requests that are unfounded or excessive, in particular because of their repetitive character, IPC may charge a reasonable fee considering the administrative costs of such actions (e.g.: providing the information, the communications, or executing the action requested), or could refuse to act on the request.
You also have the right to lodge a complaint with the competent authority, in particular in the Member State of your habitual residence or place of work, with an alleged infringement of the GDPR.
1.3. Updates to this Privacy Notice
We regularly review our Privacy Notice and we will update it as necessary. The latest version is always available on our website with the date of publication clearly denoted.
2. Processing of Personal Data
2.1. Personal data we collect, lawfulness of processing, how we collect your personal data and the purpose of processing
IPC collects the following types of personal data that is deemed necessary for the organisation of the IPC annual conference:
- Full name
- Company name
- Job title
- Telephone number
- Partner’s full name (if applicable)
- Travel details – in- and outbound
- Arrival flight number
- Arrival date / time
- Location to transfer from/to
- Accommodation date(s)
- Attendance – which sessions of the event to attend
- Dietary requirements
- PA’s / Secretary’s email address (if making a registration for a someone)
During the event, photos and video recordings will be taken. If you did not give consent to be videoed or photographed, we will ensure that photos or recordings where you are recognisable will not be used, or, alternatively, we will ensure that you are made unrecognisable.
18.104.22.168. Lawfulness of processing
The processing is necessary for the organisation of the IPC Annual Conference. (Article 6, 1, (b) of the GDPR)
22.214.171.124. How we collect your personal data
We collect your personal data from you via the “IPC Annual Conference registration form” where attendees to the event are able to confirm their attendance. Your data is recorded in our database.
126.96.36.199. Processing data by or on behalf of IPC
IPC only stores and uses your data for the needs of the organisation of the conference.
Your data is disclosed to the chosen hotel to arrange your booking, and to accommodate your dietary requirements (if any). Your travel-related data may also be shared with any related transport companies if you have requested a transfer.
IPC does not disclose your data to any internal or external parties that is not directly involved in organisation of the conference.
2.1.3. Automated decision making
This processing does not involve automated decision-making.
2.1.4. Users of IPC's websites
The IPC website does not use any cookies or similar technologies that would make collection of further personal data by, or on behalf of IPC possible.
Please refer to our Cookie Notice.
2.2. Which 3rd countries we share your Personal Data with
If IPC were to engage a service provider based outside of the European Economic Area for which country the EU does not have Adequacy Decision, IPC will sign the Standard Contractual Clauses adopted by the European Commission and will put in place measures to safeguard the personal data being accessed by the service provider.
2.3. How we protect your Personal Data
IPC has a certified Information Security Management System (ISO27001), and within that framework, designed controls are in place to protect data with measures proportionate to its sensitivity.
IPC also requires that any third-party service providers and/or processors processing personal data on behalf of, or under the instructions of IPC, takes appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, accidental loss, misuse, unauthorised access, disclosure, alteration or destruction, and against any other unlawful form of processing of information as defined by applicable Data Protection Laws.
DISCLAIMER – “Absolute” security
Please note that information processing (the electronic transmission or storage of information) is never 100% secure. Therefore, despite the security measures that IPC and its (sub-)processors have put in place to protect your personal data, we cannot ensure absolute security to prevent loss, misuse, or unauthorised alteration of data.
2.4. How long we keep your Personal Data
Your personal data except for possible photos and/or recordings will be kept for a maximum of 90 calendar days after the event has taken place. IPC may decide to keep aggregated statistical information for future events of the same kind to facilitate forecast demands. If such data is to be kept for a longer period, we will ensure that it does not contain your personal data.
The photos and video recordings will be kept indefinitely in IPC’s archives.
3. Your Rights
You, as an individual whose personal data is processed as described in this Privacy Notice, have a number of rights which are summarised in broad terms in the following list. Please note that exercising these rights is subject to certain requirements and conditions as set forth by applicable laws. If you wish to access personal data about you or exercise any of the rights listed below, you should request so in writing through the contact details provided in section “1.2. How to Contact Us”.
3.1. Right of access
You have the right to obtain from us confirmation as to whether we have processed your personal data, and where that is the case, you have the right to obtain a free copy of the processed data. We will also provide you information including the following details:
- The purposes of processing
- The categories of personal data that are processed
- The persons or the categories of persons to whom your personal data have been or will be disclosed
- For how long your personal data will be stored
- The existence of your privacy rights, as explained further below
- All available information we have about the origin of the data if they were not collected from you
- The existence of automated decision making
- We can request a reasonable fee to cover our administrative costs for every additional copy that you request.
3.2. Right to rectification
You have the right to have your personal data held by us rectified or made complete.
3.3. Right to erasure ('right to be forgotten')
You have the right to erasure of your personal data if one of the following grounds applies:
- Your personal data are no longer necessary in relation to the purposes for which they were collected or processed
- You withdraw your prior consent for the processing and there is no other legal basis that we can rely on for (further) processing
- You have objected to the processing for direct communications
- You have objected to the processing which is based on our legitimate interest and there are no more serious, justified grounds for our (further) processing.
We are not obliged to comply with your request for erasure when the processing is necessary for the establishment, exercise, or defence of legal claims.
3.4. Right to restriction of processing
You have the right to obtain restriction of the processing:
- If you contest the accuracy of your personal data, we can restrict the contested processing for the period that we need to verify the accuracy of your personal data
- If we no longer need your personal data, but you require them for the establishment, exercise or defence of legal claims
- If you have objected to the processing based on our legitimate interests, we can restrict the objected processing for the period that we need to verify whether your legitimate grounds are valid.
3.5. Right to data portability
You have the right to seek the portability of your personal data processed by automated means, which you have communicated to us. This is only possible if the processing is based on your consent or contract performance. In all other cases you cannot exercise this right (for example when the processing of your data is performed on the basis of a legal obligation).
3.6. Right to object
You have the right to object to any processing based on our legitimate interest. However, we will continue the processing of your personal data if we can show that we have stronger legitimate grounds.
You have the right to object to any processing for direct marketing.
You have the right to withdraw your consent for the processing of personal data, to the extent that the processing of your personal data was initially based upon your consent.
3.7. Right to lodge (file) a complaint
You also have the right to lodge a complaint with the supervisory authority in the European member state of your habitual residence, place of work or of the alleged infringement of applicable data protection legislation:
In Belgium, the supervisory authority is:
Autorité de protection des données
Rue de la presse 35, 1000 Brussels