Welcome
The European Advertising Standards Alliance (EASA) is committed to ensuring the protection of your Personal Data and your privacy.
This privacy policy is intended to inform you, in a transparent manner, about the data EASA collects the purpose for collecting it, the way it uses it and the rights you have regarding the processing of such data.
Privacy Policy
Privacy policy for non-EASA members
1. Notice statement
The European Advertising Standards Alliance (EASA) is established Rue des Deux Églises, 26, 1000 Brussels, Belgium (hereafter “EASA ”has prepared this data protection notice (the “Notice”) to describe its practices regarding the collection, use, storage, transfer and other processing of individually identifiable information about you (“Personal Data“). Unless specified otherwise, EASA is the controller responsible for the processing of Personal Data described in this Notice.
2. What personal data EASA collects and how it uses it?
2.1 Legal basis
The processing of your Personal Data described in this policy is based on your consent or on the contractual necessity (which means that the processing of your Personal Data is required for EASA to provide services to you).
When submitting a complaint to EASA’s self-regulatory network via EASA’s complaints form, you agree that EASA collects, stores, processes and transfers your personal data to the relevant self-regulatory organisation if the object of your complaint is deemed to fall within its jurisdiction. To this end, EASA acts as processor on behalf of the self-regulatory organisations part of its self-regulatory network.
Self-regulatory organisations ensure advertising across Europe is legal and respects high advertising standards and to this end they are responsible for complaints handling. Consequently, they handle and share information and advice about your complaint that you have voluntarily submitted. The further processing of your Personal Data by the self-regulatory organisations, acting as controllers, may be based, depending on the circumstances, on your consent, on the contractual necessity and/or on legitimate interests. For further information, you are invited to read the privacy policies of the self-regulatory organisations.
The processing of your Personal Data described in this Policy is based on EASA’s legitimate interests for the following:
2.2 What personal data does EASA collect and use?
The categories of Personal Data that EASA processes are:
2.3 How does EASA use personal data?
Except where restricted by local law, EASA uses the Personal Data listed above for the following purposes;
3. How does EASA store personal data and who can access it?
EASA maintains an automated record of your Personal Data. Additionally, EASA maintains Personal Data in various digital documents, namely event attendee lists, meeting minutes and records.
The persons and entities that can have access to your Personal Data are:
· In the case of complaints submitted to EASA’s self-regulatory network, EASA shall send your complaint to an advertising self-regulatory organisation in the European Union or outside of the European Union if the object of your complaint is deemed to fall within its jurisdiction. In case your complaint to a self-regulatory body outside of the European Union, the country where the self-regulatory body is located is considered to provide an adequate level of protection for personal data or we have implemented appropriate safeguards to protect your personal data. A referral will involve passing on your personal contact details as well as your complaint.
· Third party service providers as our processors to only hold and use personal data on our behalf in order to provide us with a service. We may also disclose personal data to our professional advisors and experts in order to obtain their assistance in carrying out our services and our activities.
Where EASA engages a third-party processor to process Personal Data on its behalf, such as those listed above, EASA will delegate such processing in writing, will choose a processor that provides sufficient guarantees with respect to technical and organisational security measures governing the relevant processing, and will obligate the processor to act on EASA’s behalf and under EASA’s instructions. In addition, EASA will impose in writing appropriate data protection and information security requirements on such third-party processors.
4. Confidentiality and Security
EASA will stores your data safely and, therefore, EASA maintains appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage to Personal Data. To try to prevent unauthorized access, maintain data accuracy and ensure the correct use of information EASA maintains physical, electronic, standard security practices, including encryption, passwords and physical security measures, and managerial procedures to protect the security and confidentiality of Personal Data. Only a limited number of persons within our organisation are authorised to access, delete or modify your data. These measures are aimed at ensuring the on-going integrity and confidentiality of Personal Data. EASA evaluates these measures on a regular basis to ensure the security of the processing. You can obtain more information concerning the confidentiality and security measures in place by contacting EASA at privacy@easa-alliance.org
EASA’s employees or any of EASA’s contractual partners who have access to your data in order to provide services to EASA (e.g. its online domain/website hosting supplier, its database software supplier) are contractually obliged to keep such information in confidence and may not use these data for any other purpose than performing their contractual missions for EASA.
5. Data retention
EASA will retain your Personal Data as follows:
EASA will retain your Personal Data in accordance with applicable legal requirements, and only for as long as necessary for the purposes described in this Notice, as indicated above or as long as required by law or to defend potential legal claims.
If you wish to obtain additional information concerning the duration of the contract between EASA and your EASA Member Organisation please contact: privacy@easa-alliance.org
6. Your rights
You have the right to withdraw your consent to the processing of your Personal Data at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
To the extent required by applicable law and subject to legal limitations, you have the right:
In particular, EASA is committed to working with you to obtain a fair resolution of any complaint or concerns about privacy. If, however, you believe that EASA has not been able to assist with your complaint or concern, you have the right to make a complaint with the competent EU Member State authority.
If you have any questions or wishes in connection with your personal data or you want to exercise your rights, please contact EASA by sending a letter/fax/e-mail or calling at:
EASA European Standards Alliance
Address: Rue des Deux Églises, 26 / Tweerkerkenstraat, 1000 Brussels, Belgium
Telephone: +32 (0)2 513 78 06
Fax: +32 (0)2 513 28 61
Email: privacy@easa-alliance.org
7. Notice updates
In case of any material changes to the way in which EASA collects or uses Personal Data, the type of Personal Data it collects or any other aspect of this Notice, EASA will issue a revised Notice. If EASA makes significant changes to our Privacy Notice, it will use reasonable efforts to contact you to notify you of such changes.
Last updated on May 16, 2018
Privacy policy for EASA Members
1. Notice statement
The European Advertising Standards Alliance (EASA) established rue des Deux Églises, 26, 1000 Brussels, Belgium (hereafter “EASA” or the “Alliance”) has prepared this data protection notice (the “Notice”) to describe its practices regarding the collection, use, storage, transfer and other processing of individually identifiable information about data subjects (representatives, authorized persons, and other contact persons whose personal data is provided by the Member) (“Personal Data“). EASA is the controller responsible for the processing of Personal Data described in this Notice.
2. What personal data EASA collects and how it uses it?
2.1 Legal basis
The processing of your Personal Data described in this Notice is based on your consent or on the contractual necessity (which means that the processing of your Personal Data is required for EASA to provide the services to which EASA Members Organisations are entitled).
The processing of your Personal Data described in this Notice is based on our legitimate interests for the following:
2.2 What personal data EASA collects and uses?
The categories of Personal Data that EASA processes will be those provided by the data subject of the member, they are:
2.3 How EASA uses personal data?
Except where restricted by local law, EASA uses the Personal Data listed above for the following purposes:
3. How does EASA store personal data and who can access it?
EASA maintains an automated record of each Member’s Personal Data. This automated record contains most of the data held in the Member’s file. Additionally, EASA maintains Personal Data in various digital documents, namely event attendee lists and meeting records and minutes.
The persons and entities that can have access to your Personal Data are:
· Third party service providers as our processors to only hold and use personal data on our behalf in order to provide us with a service. We may also disclose personal data to our professional advisors and experts in order to obtain their assistance in carrying out our services and our activities.
Where EASA engages a third-party processor to process Personal Data on its behalf, such as those listed above, EASA will delegate such processing in writing, will choose a processor that provides sufficient guarantees with respect to technical and organisational security measures governing the relevant processing, and will obligate the processor to act on EASA’s behalf and under EASA’s instructions. In addition, EASA will impose in writing appropriate data protection and information security requirements on such third-party processors.
4. Confidentiality and Security
EASA stores your data safely and, therefore, EASA maintains appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage to Personal Data. To try to prevent unauthorized access, maintain data accuracy and ensure the correct use of information EASA maintains physical, electronic, standard security practices, including encryption, passwords and physical security measures, and managerial procedures to protect the security and confidentiality of Personal Data. Only a limited number of persons within our organisation are authorised to access, delete or modify your data. These measures are aimed at ensuring the on-going integrity and confidentiality of Personal Data. EASA evaluates these measures on a regular basis to ensure the security of the processing. You can obtain more information concerning the confidentiality and security measures in place by contacting EASA at privacy@easa-alliance.org
EASA’s employees or any of EASA’s contractual partners who have access to your data in order to provide services to EASA (e.g. its online domain/website hosting supplier, its database software supplier) are contractually obliged to keep such information in confidence and may not use these data for any other purpose than performing their contractual missions for EASA.
5. Data retention
EASA will retain your Personal Data for the duration of the contract with the respective EASA Member Organisation in accordance with applicable legal requirements, and only for as long as necessary for the purposes described in this Notice or as long as required by law or to defend potential legal claims.
If you wish to obtain additional information concerning the duration of the contract between EASA and your EASA Member Organisation please contact: privacy@easa-alliance.org
6. Your rights
To the extent required by applicable law and subject to legal limitations, you have the right:
In particular, EASA is committed to working with you to obtain a fair resolution of any complaint or concerns about privacy. If, however, you believe that EASA has not been able to assist with your complaint or concern, you have the right to make a complaint with the competent EU Member State authority.
If you have any questions or wishes in connection with your personal data or you want to exercise your rights, please contact EASA by sending a letter/fax/e-mail or calling at:
EASA European Standards Alliance
Address: Rue des Deux Églises, 26 / Tweerkerkenstraat, 1000 Brussels, Belgium
Telephone: +32 (0)2 513 78 06
Fax: +32 (0)2 513 28 61
Email: privacy@easa-alliance.org
7. Notice updates
In case of any material changes to the way in which EASA collects or uses Personal Data, the type of Personal Data it collects or any other aspect of this Notice, EASA will issue a revised Notice. If EASA makes significant changes to our Privacy Notice, it will use reasonable efforts to contact you to notify you of such changes.
Click here to read privacy policies of each SRO
Last updated on January 7, 2020