PRIVACY POLICY 2018

International Committee for Industrial Construction also known as CICIND, promise to respect the confidentiality of any personal data you share with us, or that we have access to, to keep it safe, and we will always take reasonable efforts to protect your privacy.

We pride ourselves on our honesty and openness and will always be clear how, when and why we collect and process your information; we promise we will never do anything with your details that you wouldn’t reasonably expect.

Developing a better understanding of our members, potential members is crucial, and your personal data allows us to manage your membership and provide the services to which you are entitled.

We collect information in the following ways:

When you give it to us DIRECTLY
There are many ways you may give us your information. For example, when you join as a member, or communicate with us either by phone, in writing, including email or in person. We are responsible for your data at all times.

When you give it to us INDIRECTLY
Your information may be shared with us by independent organisations, for example other trade associations or other such services. These independent third parties will only share your information when you have consented. You should check their Privacy Notice when you provide your information to understand fully how they will process your data.

Via Social Media
Depending on your settings or the privacy notices for social media and messaging services like Facebook, WhatsApp, LinkedIn or Twitter, you might give us permission to access information from those accounts or services.

Via information available publicly
This may include information found in places such as websites and information that has been published in articles/newspapers.

What personal information we collect and how we use it
We aim only to capture the minimum amount of information that we need to in relation to your membership, donation and services we provide to you and we promise to keep your information secure. The personal data we will usually collect is:

  • Your name
  • Your contact details
  • Your date of birth
  • Your bank or credit card details (as relevant to the service provided)
  • Your company and position

Where it is appropriate, we may also ask for additional information.

How we will use your data
We will use your personal data for the legitimate interest of conducting core business activities, these will include to:

  • Administer your membership.
  • Provide you with the services, products or information you asked for.
  • Communicate organisational messages and information to members and potential members.
  • Facilitate conferences, meetings and other special events
  • Understand how we can improve our services, products or information
  • In any other way we may describe when you provide the information

For any other purposes with your consent

Sensitive information
We do not collect any personal information on members classified as ‘sensitive’ under GDPR.

Under 18’s data
We aim not to collect information from under 18’s. Where we receive such information, for example when a young person writes to us directly with an appeal or for technical information, we will ensure that the relevant responsible adult is involved and approves of any data issues involved.

CCTV
We do not ordinarily use CCTV. In some locations where we run activities CCTV may be operated. We may or may not be aware of this. In these cases, the data generated is controlled by the operating person or organisation and not by CICIND.

Recording Telephone Calls
We do not ordinarily record telephone calls. In some cases callers may be able to leave a message on a recording device or system. In these cases the information left will only be used for the purposes requested in the call by the caller or for providing consolidated information such as the number and duration of such messages.

Data Sharing
1) Our service/host providers
In the course of our legitimate business activities, there may be a need for us to share, or give access to, your personal data to third parties that provide us with services or host our applications/software that you may access, for instance:

  • Our IT development, management and support providers
  • Banking organisations – those that provide our banking/payment services

We will ensure that data processing agreements, compliant to GDPR, are in place before sharing with, or giving access to, your data with any of our service/host providers.

2) Sharing with third parties
We will never commercially sell your personal data to anyone else.
We will only ever share your personal data in other circumstances, not listed above, if we have your explicit and informed consent at the time of collection. However, we may need to disclose your details if required to the police, other agencies, regulatory bodies or our legal advisors.

How we keep your information safe and who has access to it
We ensure that there are appropriate physical and technical controls in place to protect your personal details. For example, confidential paper records are securely stored, confidential paper waste is shredded either by members or by secure document disposal contractors.

We undertake regular reviews of who has access to information that we hold to ensure that your personal information is only accessible by appropriate CICIND members or service providers.

We have a duty to report certain types of personal data breaches to the relevant supervisory authority, and where feasible, we will do this within 72 hours of becoming aware of the breach. If a breach is detected and likely to result in a high risk of adversely affecting you, we will inform you without undue delay.

Where we store your information
Your personal information will be hosted securely on our Secretary’s system in Germany

How long we retain your information and how we keep it up to date
We will only keep your information for as long as we need it to assist you with your enquiry, process your membership, donation, conference registration or other services associated to your membership and to be able to respond to subsequent queries that may arise.

If you are a member or take part in an event, we may keep your information indefinitely for the purpose of recording the history of CICIND, such information might for instance be names and times of participants, photographs of events and names and dates when Members held key roles in CICIND.

We publish a magazine twice yearly which may contain photographs of members, their partners, colleagues or friends. These photographs will be published with the names included but the distribution of this document is only within CICIND.

There are statutory timescales on how long we should keep your information. We shall delete your information according to these statutory limits, or according to guidance issued by the Information Commissioner or our own document retention policy according to whichever is the most appropriate.

Where possible, we aim to keep your information accurate and up-to-date.

Your rights
The General Data Protection Regulations (GDPR) gives you certain rights and these are listed below.

  • You have a right to be informed when your personal data is being collected, what is collected and how it will be used or shared.

  • You have a right of access to your personal data: the right of access allows you to be aware of and verify the lawfulness of the processing of your personal data. Members have access to their personal data on the CICIND website in the members area. You can also request a copy of the information which we hold on you. This information will be provided free of charge, unless the request is found to be manifestly unfounded or excessive then a reasonable fee may be charged. The application should be made in writing, by letter or email, and addressed to the Secretary of CICIND, contact details shown below, enclosing two proofs of identification.

    Applicants should be aware that where requests are manifestly unfounded or excessive, in particular because they are repetitive, we can:

    - charge a reasonable fee taking into account the administrative costs of providing the information; or
    - refuse to respond.

  • You have a right in certain circumstances to have inaccurate personal data rectified, blocked (restrict processing), erased (right to be forgotten), or destroyed.

  • You have a right in certain circumstances to object to the processing of your personal data for such reasons as direct marketing, automated decision making, profiling; although we can confirm we make no decisions on you using an automated process.

• You have a right in certain circumstances to data portability.

In certain situations, these rights may not apply, for example if you are a valid member, we will need to communicate with you about your membership and those services afforded to you as part of that membership; you hold a CICIND office and we need to communicate with you in relation to that office, in which case you will not be able to unsubscribe from these communications.

We collect and process your personal data through legitimate interests or because you have provided it to us to enable us to deliver a service to you. We will only process your personal data as you would reasonable expect us to. You can opt out of our general member mailings at any time.

Finally, if you are unhappy with how we have processed your information, you have the right to lodge a complaint to the Secretary

Changes to this privacy notice
We may change this privacy Notice from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on our website www.rotarygbi.org or by notifying you directly.

Our contact details

Hermann Hoffmeister
Secretary CICIND
Carlo-Schmid-Str. 39
47445 Moers
Germany
Mob.: +49 172 200 3306
Web: www.cicind.org
Email: secretary@cicind.org

Complaints
If you are unhappy with how we have processed your personal information, please firstly contact the Secretary, details above.