Note: The text in English is based on the Spanish language data protection declaration. This translation is made for convenience purposes only. As a legally registered association in Spain the sole legal binding document is the Spanish version. For original documentation or for any queries, kindly contact firstname.lastname@example.org.
1. About this Policy
This policy explains when and why we collect personal information about our members, partners and contacts, how we use it and how we keep it secure and your rights in relation to it.
We use the term “You” for the “User” and “We” for the “Administrator”. The term “GDPR” means General Data Protection Regulation (GDPR), which is the law created by the European Parliament and Council (EU) 2016/679 dated April 27th 2016, regarding the protection of natural persons under the processing of personal data. We will always comply with the GDPR when dealing with your personal data. For the purposes of the GDPR, we will be the “controller” of all personal data we hold about you.
2. Who are we?
We are the International Association of Science Parks and Areas of Innovation (IASP), an association with its headquarters at PTA, C/ Maria Curie 35 - Sede Social, 29590 Campanillas, Malaga, Spain.
Tel. +34 95 2028303 Fax: +34 95 2020464
3. What information do we collect and why?
When you access and browse the Site, including when you submit personal information to us through data entry fields, we may collect personally identifiable information from or about you, including but not limited to: Member business name, address, email, telephone, website, social links, business logo, business sector interests and descriptive profile, photograph.
We hold your name and email address, for the purpose of sending you the IASP newsletter.
We do not hold any sensitive or protected classes of personal data.
When you access and browse the app, including when you submit personal information to us through data entry fields, we may collect personally identifiable information from or about you, including but not limited to: Member business name, address, email, telephone, website, social links, business logo, business sector interests and descriptive profile, photograph.
4. Why do we process this information?
We use the data we collect to:
- To provide and maintain our Service;
- To notify you about changes to our Service;
- To allow you to participate in interactive features of our Service when you choose to do so;
- To provide member support;
- To gather analysis or valuable information so that we can improve our Service;
- To monitor the usage of our Service;
- To better understand patterns relating to Site usage, through Cookies, so that we may further improve upon or products, services and Site offering (see the Cookies section below);
- To detect, prevent and address technical issues;
- To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about, unless you have opted not to receive such information.
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us.
We may also use your Personal Data for the administration of IASP membership in general, to contact you with statutory information regarding your organisation’s membership of IASP, for example, invitation to the General Assembly, Calls for the Board of Directors, links to the general and ad hoc surveys, etc. You will continue to receive this information while you are a member of IASP.
5. Our legal basis for processing this information
With your consent, we may process your personal electronic contact data, i.e. your e-mail address to provide you with news, special offers and general information about other opportunities, services and events, unless you have opted not to receive such information. You can withdraw your consent at any time.
5.2 Performance of contract
We process your personal information for the performance of IASP’s contract with its members. This includes providing and maintaining our service; notifying you about changes to our service; allowing you to participate in interactive features of the Website; and providing customer support. As an IASP Member we may process your personal information for the administration of the members of IASP and communications for formal meetings.
5.3 Legitimate Interest
We process your personal information in order to pursue IASP’s legitimate interests to conduct our business and to improve our products and services.
5.4 Legal obligation
We may process your personal when necessary to comply with a legal obligation, in particular for elections and voting procedures that follow from the IASP Constitution.
6. How we protect your personal data
We will not transfer your personal data outside the EU without your consent.
We have implemented generally accepted standards of technology and operational security in order to protect personal data from loss, misuse, or unauthorised alteration or destruction. Please note however that where you are transmitting information to us over the internet this can never be guaranteed to be 100% secure. For any payments which we take from you online we will use a recognised online secure payment system.
We will notify you promptly in the event of any breach of your personal data which might expose you to serious risk.
7. Who else has access to the information you provide us?
We will never sell your personal data. We will not share your personal data with any third parties without your prior consent (which you are free to withhold) except where we are required to do so by law.
We may pass your personal data to third parties who are service providers, agents and subcontractors to us for the purposes of completing tasks and providing services to you on our behalf. We do this for the purpose of our legitimate interests in running IASP and for performing our contract with you. However, we disclose only the personal data that is necessary for the third party to deliver the service and we have a contract in place (in accordance with Art. 46 of the GDPR) that requires them to keep your information secure and not to use it for their own purposes. It is possible that third parties may themselves engage others (subprocessors) to process your data. Where this is the case third parties will be required to have contractual arrangements with their sub-processor(s) that ensure your information is kept secure and not used for their own purposes. If you wish to know the location of any of these third parties, please contact email@example.com.
We may also share minimal personal data with other IASP members (who may or may not be located within the EU) for the purpose of contacting you regarding official IASP events which they are hosting, such as our World Conferences. We will disclose only the personal data that is necessary for this purpose and will have a contract in place that require the member to keep your information secure and not to use it for other purposes.
8. How long do we keep your information?
We will hold your personal data on our systems for as long as you are a member of the IASP and for at least 5 years after our last contact with you, or for as long as is necessary to comply with our legal obligations arising from your membership. If you are a newsletter subscriber, we will delete your information once you unsubscribe. Once we stop processing your personal data we will retain it in an archived form in order to be able to comply with any future legal obligations e.g. compliance with tax requirements and exemptions, and the establishment, exercise or defence of legal claims.
10. Your rights
You have rights under the GDPR:
(a) to access your personal data
(b) to be provided with information about how your personal data is processed
(c) to have your personal data corrected
(d) to have your personal data erased in certain circumstances
(e) to object to or restrict how your personal data is processed
(f) to have your personal data transferred to yourself or to another business in certain circumstances.
You have the right to take any complaints about how we process your personal data to the Spanish Data Protection Agency (Agencia Española de Protección de Datos).
For more details, please address any questions, comments and requests regarding our data processing practices to firstname.lastname@example.org