Eurobitume Website Data Protection Notice
Last modified: 16th February 2021
The European Bitumen Association aics (“Eurobitume”, “we”, “our” or “us”) is committed to protecting your privacy. This notice (the “Notice”) describes the data processing activities in connection with your use of any of the websites available at http://www.eurobitume.eu(the “Websites”) and the services, features or content we offer (the “Services”) both online and offline, whether you are a member of our association or a general website user. Please read this Notice carefully to understand which categories of personal data we process, the purposes for which we process it and your rights with respect to our use of your personal data.
Personal data as used in this Notice means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic mental, economic, cultural or social identify of that natural person (“Personal Data”).
This Notice may change from time to time (for more information see below Section 11).
2. Who is responsible for the data processing?
For the purpose of this Notice, the entity responsible for the processing of your Personal Data is:
European Bitumen Association aics
Boulevard de Souverain 165
– 4th floor –
1160 Brussels, Belgium
Telephone: +32 (0) 2 566 91 40
3. Personal Data we collect about you and how we collect it
The specific categories of personal data we collect about you depend on how you interact with our Websites and Services, as described below.
3.1. Personal Data you provide to us
3.1.1. If you are a general user on the public Websites
When using our Websites and Services you have the possibility of making your Personal Data available to us (i) by subscribing to our newsletter and/or our RSS feed and (ii) by contacting us either electronically, via postal mail, by phone or fax.
In these cases, we process the following categories of Personal Data:
· Contact details you provide us with (such as first and last name, email address, phone number, mailing address);
· Information you include in your original and any follow-up messages;
· The company you work for; and
· Any other information you decide to provide us with
The provision of certain categories of Personal Data is a requirement necessary for us to process your newsletter subscription and queries. The obligatory fields to process online requests submitted via our Websites, including for the newsletter and/or RSS feed subscription, are marked as such.
3.1.2. If you are a member on the non-public Websites (“intranet”)
When visiting our intranet as a member we process the following categories of Personal Data about you:
· First and last name;
· Login credentials (username consisting of the email address and password); and
· Groups memberships;
The provision of your login credentials is a requirement necessary to verify your identity and obtain access to our intranet.
3.2. Personal Data collected automatically
3.2.1. If you are a general user on our public Websites
We use automatic data collection technologies which collect Personal Data about you when you access and navigate through our Websites or when interacting with our Services. This includes information about your device, your browsing activity and log details.
Specifically, we process the following categories of Personal Data:
· Data about your device and internet connection, device’s unique ID, web browser type and version; hardware and software, IP address, operating system, host domain, language settings, web pages you viewed on our Websites and search terms, geolocation, where permitted;
· Referrer URL and web pages you visited prior to ours; and
· Log usage data consisting of traffic and location data, date and time of access and frequency, and technical session and connection information
In addition, when you subscribe to our newsletter and/or our RSS feed, we automatically collect information about your interactions with it to determine if a newsletter message has been opened and which links you have clicked on, as well as technical information such as time of retrieval, your IP address, browser type and operating system of the device used. The Personal Data collected is automatically aggregated and therefore anonymous.
3.2.2. If you are a member on our intranet
The information we automatically collect on our intranet comprises the categories of Personal Data as explained in Section 3.2.1 above. Additionally, we automatically collect data when you download documents from our intranet. This includes:
· The name and type of document downloaded.
3.3. Cookies we use
3.3.1. On our public Websites
Cookies are typically categorized as so-called "session cookies" or “persistent cookies”. Session cookies are stored in a temporary memory and erased when the browser is closed. Persistent cookies, on the other hand, store user preferences for current and successive visits. They remain valid when you restart your browser. Our Websites only use persistent cookies.
Cookies can be further categorized as follows based on their functions: strictly necessary cookies, performance cookies, functional cookies and advertising cookies. Below you will find a detailed list of the cookies used on our Websites categorized by their function:
· Strictly necessary cookies are essential to navigate through are Websites and use our Services. They ensure the functionality of our Websites and can therefore not be deactivated.
We use the following strictly necessary cookies on our Websites:
This cookie is used to remember whether the Google Notice Bar was opted out.
· Performance cookies collect data for statistical purposes on how visitors use our Websites. Information collected through performance cookies helps us understand how visitors use our Websites, therefore enabling us to improve them as well as the user experience. We gather data on the numbers of visitors and visits to our Websites, length of time spent on them, pages clicked on and where visitors have come from. The data collected via performance cookies is aggregated and thus anonymous.
We use the following performance cookies on our Websites:
This Google Analytics cookie is used to generate statistical data on how the visitor uses our Websites.
This Google Analytics cookie is used to generate statistical data on how the visitor uses our Websites.
· Functional cookies are used to customize the user experience by storing language preferences, regions and user names. Our Websites do not use functional cookies.
· Advertising cookies are used to deliver personalized advertisements relevant to you. They are also used to limit the number of times you see an advertisement, as well as to measure the effectiveness of an advertising campaign by tracking user’s clicks. Our Websites do not use advertising cookies.
3.3.2. On our intranet
On our intranet we only the following strictly necessary cookies:
This cookie is used to identify authenticated users and validate access to our intranet.
End of session.
4. How we use your Personal Data
We only process your Personal Data for specific, explicit and legitimate purposes. Eurobitume will not use your Personal Data for any purpose that is incompatible with the original purpose for which it was collected unless you provide your prior explicit consent for such further use.
The following table provides an overview of how Eurobitume uses your Personal Data and the legal bases we rely on:
Purpose of the processing
Management of your newsletter subscription
Statistical analysis of our newsletter campaigns
Our legitimate interests in improving our newsletter campaigns and tailoring them to our reader’s interests
Process and answer your queries, complaints, or any other requests you submit to us
(i) Performance of a contract,
(ii) in order to take steps at your request prior to entering into a contract, and/or
(iii) our legitimate interests in managing our public and communication relations and providing information about our products and services
Verify your identity and authorization as a member
(i) Performance of a contract and (ii) our legitimate interests in preventing fraud and misuse of our intranet
Statistical data on the documents downloaded on our intranet
Our legitimate interests in learning about our members’ interests and improving our offer
Ensure the functionality of our Websites and Services
Our legitimate interests in providing you with fully operative Websites and Services
Statistical analysis of the performance of our Websites (web audience measurement) and customization of our Websites and Services
Our legitimate interests in improving the user experience and tailoring our Websites and Services to the user’s interests and preferences
5. How we share your data
5.1. If you are a general user of our public Websites
Due to the international nature of our organization, your Personal Data can be shared or accessed by our local representations in the European Union, Switzerland and the United Kingdom. You can find a list with the relevant contact details here.
In addition, and subject to applicable law, we share your Personal Data with service providers that help us run our everyday business (e.g., newsletter distribution and analysis, IT hardware and internet and maintenance of our Websites). These providers are external companies that process your Personal Data on our behalf for the purposes listed above in Section 4. They are legally and contractually required to process your Personal Data only in accordance with applicable data protection law, following our instructions and only for the specific tasks they have been entrusted to perform.
For information on data transfers to countries outside of the European Economic Area (“EEA”) (“International data transfers”) please see Section 6 below.
5.2. If you are a member
If you are a member using our intranet your Personal Data will be processed by our internet service provider Econoweb BVBA, whose contact information you can find in Section 5.1 above. This provider is contractually bound to data protection and data security and will only use your Personal Data to provide its services to us.
6. International data transfers
6.1. If you are a general user of our Websites
Our service providers include companies located outside of the EEA. Hence, your Personal Data may be transferred to countries with different standards of data protection than those which apply in the EEA. We will only transfer your Personal Data to countries which have an adequate level of data protection as per the European Commission’s adequacy decisions, including the EU – U.S. Privacy Shield. In the absence of an adequacy decision, international data transfers will be covered by agreements based on EU Standard Contractual Clauses. You can obtain a copy of these data transfer agreements by contacting firstname.lastname@example.org.
6.2. If you are a member
Our members’ Personal Data is not subject to international data transfers.
7. Data retention periods
7.1. If you are a general user of our public Websites
We will not store your Personal Data longer than required to fulfil the purpose for which they were collected, unless statutory retention periods apply. As a general rule, we will delete your Personal Data after 30 days.
7.2. If you are a member
Personal Data about you collected via our intranet will be kept for as long as your authorization as a member of Eurobitume has not been revoked.
Once your membership with Eurobitume has ended or your member authorization has otherwise been revoked, all Personal Data about you collected via the intranet will be deleted after 30 days.
8. Your data protection rights
Under applicable data protection law, you have the following rights:
· Right of access the Personal Data we hold about you;
· Right to rectification;
· Right to erasure;
· Right to restriction of processing;
· Right to data portability where the processing of your Personal Data is based on consent or a contract, and is carried out by automated means;
· Right to withdraw consent where the processing of your Personal Data is based on your consent;
· Right to lodge a complaint with a supervisory authority; and
· Right to object on grounds relating to your particular situation, at any time to the processing your Personal Data. We will no longer process your Personal Data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.
9. Data security
We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk presented by processing your Personal Data, in particular, from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to your Personal Data. These measures include (i) electronic precautions such as access restriction, firewalls and SSL encryption of the data you submit to us via our Websites to monitor access to our servers and protect against hacking; (ii) physical security measures to prevent unauthorized access to database equipment and hard copies of Personal Data; and (iii) organizational security measures to limit access to Personal Data only to those recipients who have a specific purpose for processing the data.
10. Third party websites
Our Websites may contain links to third party websites. Please note that this Notice does not apply to these websites. We therefore encourage you to read the Data Protection or Privacy Policies of linked websites you enter.
We may review this Notice from time to time to reflect changes in applicable laws. Appropriate notice of any changes to this Notice will be posted on our Websites. You can find the date this Notice was last revised at the top of the page.