ECTRI (European Conference of Transport Research Institutes)
Rue du Trône 98, B-1050 Brussels
Tel: +32 2 500 56 87/88
ECTRI respects the privacy of visitors to its website and seeks to ensure that any personal data that we collect is processed in a secure, responsible manner. ECTRI only collects personal data that we need in order to provide our services.
This policy explains how we process personal data generated by your use of this website.
This policy was last updated on 31 May 2018.
When you visit this website, a small amount of information concerning your use of it is generated (Cookies). If you only browse the website, ECTRI collects no personal data (i.e. we can not identify you).
Personal data is collected via the website only if you subscribe to one of our services.
This policy sets out how we process data and explains your rights and how to exercise them.
For any questions regarding this policy, please contact firstname.lastname@example.org.
How we process data ?
- Data categories
The data we process are limited to: name, first name, job title, company, address, telephone, email unless you have provided us with additional information.
- Data collection
We collect your data either directly from you, from the website of your organisation or from a private database.
- Processing purpose and legal basis
If you are a member of our working group(s) (Assembly, Board, Thematic Groups or Tasks Forces), we use your data only to inform you about the ECTRI and EU issues that are relevant for the working group(s) that you are a member of. We consider such processing to be necessary for the performance of your organisation’s membership agreement with ECTRI.
If you are not a member of ECTRI, we use your data only to inform you about our position on EU policy issues, invite you to our events and send you our press releases or major news. We consider such processing to be in the legitimate interest of ECTRI as a non profit association whose mission is in a representative democracy with a free press to represent the European research Institutes or Universities active in the field of transport at EU level and to act as an interface between our Members and the EU institutions, the media and other companies and associations that try to influence EU decision-making. We believe our legitimate interest outweighs your right to the protection of your personal data since we process your data only to contact you in your professional capacity and to send you only information that is relevant for your professional activity.
- Data sharing
By using Perceval software for data storage, we share your data with this company only. This company processes your data on servers located in the European Union.
If you are a member of one of our working groups, we share your data with the other members of the group(s) that you are a member of.
We may also disclose your data comply with a reasonable request from competent law enforcements agents, judicial authorities and governmental agencies or bodies including competent data protection authorities.
We do not share your data with any third party in any other way.
- Data transfer outside the EU
We transfer your data to The Rocket Science Group LLC to the extent that we use MailChimp to send you our newsletters or press releases. This company processes your data on servers located in the United States.
The Rocket Science Group LLC adheres to the EU/US Privacy Shield. This mechanism guarantees that your data that this company processes in the United States are protected as adequately as if they were processed in the European Union:
- Automated decision-making
We do not use automated-decision making when we process your data.
- Data storage period
We store your data as long as they are current.
We will send you a notice every two years to verify whether your data are still accurate.
We instruct our staff to inform our database managers whenever they become aware of any changes in your professional situation so that we can update or remove your data as appropriate.
We do our utmost to protect your data against destruction, loss, alteration or unauthorised disclosure.
In terms of organisational measures, we have limited the access to your personal data to specifically appointed employees who have been trained to handle such data properly. To prevent anyone else from accessing your personal data, these employees use protected solutions to access our devices, apps and cloud services.
In terms of technical measures, we use ESET NOD32 ANTIVIRUS to protect, detect, and respond to security incidents. For example, malware gets detected by this Software Protection, shares that information with relevant services, that collectively protect our user identities, apps and data, devices, and infrastructure against advanced persistent threats.
Your rights and how to exercise them ?
- Right to access
You have the right to access your data that we process. To do so, please send an email to email@example.com
By requesting access to your personal data, you will obtain:
- A list of personal data about you held by ECTRI and information about where we got it (if it was not obtained directly from you).
- An explanation of the purpose for which your personal data is being processed and an indication of how long we will continue to use your data.
- Details of anyone to whom your personal data have been disclosed (note: we would normally only disclose your personal information if required to by law).
- Right to rectification
You have the right to ask us to correct your data. To do so, please send an email to firstname.lastname@example.org
- Right to erasure
You have the right to ask us to erase your data. To do so, please send an email to email@example.com
- Right to restrict data processing
You have the right to ask us to restrict the processing of your data where:
- You contest the accuracy of your data, for a period enabling us to verify their accuracy
- Our processing is unlawful and you prefer to restrict the use we make or our data rather than ask for their erasure
- We no longer need to process your data but you need the data for the establishment, exercise or defence of legal claims
- You object to the processing of your data, for a period enabling us to verify whether our legitimate interest for processing your data overrides your rights
To do so, please send an email to firstname.lastname@example.org
- Right to object
Where we process your data on the basis of our legitimate interest, you have the right to object to this processing. To do so, please send an email to email@example.com
- Right to withdraw consent
Where you have given us your explicit consent to process your data, you can withdraw your consent at any time. To do so, please send an email to firstname.lastname@example.org
- Right to data portability
You have the right to ask us to provide you with your data that we process in an electronic format so that you use the data or transmit it to another data controller. To do so, please send an email to email@example.com
- Right to lodge a complaint
You have the right to lodge a complaint about how we process your data with the Belgian data protection authority: Commissie voor de bescherming van de persoonlijke levenssfeer/ Commission de la protection de la vie privée, Drukpersstraat/ Rue de la Presse, 35, B – 1000 Brussel/Bruxelles, firstname.lastname@example.org