Welcome!

Privacy Policy

The European Advertising Standards Alliance (EASA) is committed to ensuring the protection of your Personal Data and your privacy.

This privacy policy is intended to inform you, in a transparent manner, about the data EASA collects the purpose for collecting it, the way it uses it and the rights you have regarding the processing of such data.

Privacy policy for non-EASA members

1. Notice statement

The European Advertising Standards Alliance (EASA) is established Rue des Deux Églises, 26, 1000 Brussels, Belgium (hereafter “EASA ”has prepared this data protection notice (the “Notice”) to describe its practices regarding the collection, use, storage, transfer and other processing of individually identifiable information about you (“Personal Data“). Unless specified otherwise, EASA is the controller responsible for the processing of Personal Data described in this Notice.

2. What personal data EASA collects and how it uses it?

2.1 Legal basis

The processing of your Personal Data described in this policy is based on your consent or on the contractual necessity (which means that the processing of your Personal Data is required for EASA to provide services to you).

When submitting a complaint to EASA’s self-regulatory network via EASA’s complaints form, you agree that EASA collects, stores, processes and transfers your personal data to the relevant self-regulatory organisation if the object of your complaint is deemed to fall within its jurisdiction. To this end, EASA acts as processor on behalf of the self-regulatory organisations part of its self-regulatory network.

Self-regulatory organisations ensure advertising across Europe is legal and respects high advertising standards and to this end they are responsible for complaints handling. Consequently, they handle and share information and advice about your complaint that you have voluntarily submitted. The further processing of your Personal Data by the self-regulatory organisations, acting as controllers, may be based, depending on the circumstances, on your consent, on the contractual necessity and/or on legitimate interests. For further information, you are invited to read the privacy policies of the self-regulatory organisations.

The processing of your Personal Data described in this Policy is based on EASA’s legitimate interests for the following:

Communication to the individuals who were in contact with EASA before 25 May 2018 but who may not have provided a consent fully compliant with the new data protection legislation requirements. Such individuals have the absolute right to object to these communications;
Where the processing of Personal Data is strictly necessary and proportionate for the purposes of ensuring network and information security.

2.2 What personal data does EASA collect and use?

The categories of Personal Data that EASA processes are:

Personal details and contact information: this includes without limitation name, maiden name and surname, e-mail and telephone details, work address, job title, LinkedIn URL, IP addresses and photograph;
Any additional personal data you provide this includes without limitation response or booking, participation and/or attendance details, dietary requirements (where refreshment including lunch is provided), billing details (if appropriate), your requirements about confidentiality, how you prefer EASA to communicate with you, newsletter subscriptions.
IP addresses When visiting this site, visitors’ IP addresses are automatically collected by EASA for system administration and statistical purposes in order to optimise the user experience of this site. Depending on the circumstances, collected IP address data may allow conclusions to be drawn about users’ interaction with this site. However, EASA does not combine IP addresses with other information on the users and cannot relate IP addresses with the identity of the user. EASA solely use IP addresses as such and is not able to identify specific users by way of IP addresses. Your IP address is logged when visiting our site, but our analytic software only uses this information to track how many visitors we have.

2.3 How does EASA use personal data?

Except where restricted by local law, EASA uses the Personal Data listed above for the following purposes;

Submitting a complaint to EASA’s self-regulatory network: administering your complaint you have asked us to channel on your behalf before to the relevant self-regulatory organisation. The legal basis for such processing is defined by the relevant self-regulatory organisation. For further information, you are invited to read the privacy policies of the self-regulatory organisations;
Communications: sending invitations and communications related to EASA events, as well as relevant EASA publications and EASA news, keeping a record of your relationship with EASA including ensuring we know how you prefer to be contacted. The legal basis for such processing is your consent;
Event booking: ensuring the proper organisation of the event with regarding notification of participants and logistics. The legal basis for such processing is the contractual necessity;
Information, enquiries and services: providing you with information and access to services that you have requested from us or which we feel may be of interest to you, where you have consented to be contacted for such purposes. The legal basis for such processing is the contractual necessity yet you may opt-out for some of the communications;
Job applications: to processing applications for a position at EASA. The legal basis for such processing is your consent.

3. How does EASA store personal data and who can access it?

EASA maintains an automated record of your Personal Data. Additionally, EASA maintains Personal Data in various digital documents, namely event attendee lists, meeting minutes and records.

The persons and entities that can have access to your Personal Data are:

All EASA staff based in the offices in Brussels (rue des Deux Églises, 26, 5^th floor);
External professional services, such as IT systems providers (EASA online domain/website hosting supplier, its database software supplier);
In the case of event organisation, co-organiser and event agency for the sole purpose of the organisation of an event you have registered to;

· In the case of complaints submitted to EASA’s self-regulatory network, EASA shall send your complaint to an advertising self-regulatory organisation in the European Union or outside of the European Union if the object of your complaint is deemed to fall within its jurisdiction. In case your complaint to a self-regulatory body outside of the European Union, the country where the self-regulatory body is located is considered to provide an adequate level of protection for personal data or we have implemented appropriate safeguards to protect your personal data. A referral will involve passing on your personal contact details as well as your complaint.

· Third party service providers as our processors to only hold and use personal data on our behalf in order to provide us with a service. We may also disclose personal data to our professional advisors and experts in order to obtain their assistance in carrying out our services and our activities.

· Where EASA engages a third-party processor to process Personal Data on its behalf, such as those listed above, EASA will delegate such processing in writing, will choose a processor that provides sufficient guarantees with respect to technical and organisational security measures governing the relevant processing, and will obligate the processor to act on EASA’s behalf and under EASA’s instructions. In addition, EASA will impose in writing appropriate data protection and information security requirements on such third-party processors.

4. Confidentiality and Security

EASA will stores your data safely and, therefore, EASA maintains appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage to Personal Data. To try to prevent unauthorized access, maintain data accuracy and ensure the correct use of information EASA maintains physical, electronic, standard security practices, including encryption, passwords and physical security measures, and managerial procedures to protect the security and confidentiality of Personal Data. Only a limited number of persons within our organisation are authorised to access, delete or modify your data. These measures are aimed at ensuring the on-going integrity and confidentiality of Personal Data. EASA evaluates these measures on a regular basis to ensure the security of the processing. You can obtain more information concerning the confidentiality and security measures in place by contacting EASA at privacy@easa-alliance.org

EASA’s employees or any of EASA’s contractual partners who have access to your data in order to provide services to EASA (e.g. its online domain/website hosting supplier, its database software supplier) are contractually obliged to keep such information in confidence and may not use these data for any other purpose than performing their contractual missions for EASA.

5. Data retention

EASA will retain your Personal Data as follows:

Submitting a complaint to EASA’s self-regulatory network: for 1 year from the date of the settlement of the complaint;
Communications: Personal Data will be kept for as long as you do not withdraw your consent;
Event booking: for 1 year after the event;
Information, enquiries and services: for 1 year, unless you withdraw your consent to the processing of your Personal Data earlier;
Job applications: for 1 year, unless you withdraw your consent to the processing of your Personal Data earlier.

EASA will retain your Personal Data in accordance with applicable legal requirements, and only for as long as necessary for the purposes described in this Notice, as indicated above or as long as required by law or to defend potential legal claims.

If you wish to obtain additional information concerning the duration of the contract between EASA and your EASA Member Organisation please contact: privacy@easa-alliance.org

6. Your rights

You have the right to withdraw your consent to the processing of your Personal Data at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

To the extent required by applicable law and subject to legal limitations, you have the right:

to have access to your Personal Data;
to have inaccurate data corrected or removed,
to object to the processing of your Personal Data;
to restrict EASA’s use of your Personal Data;
to the erasure of your Personal Data;
to receive your Personal Data in a usable electronic format and transmit it to a third party (right to “data portability”); and
to lodge a complaint with their local data protection authority (www.privacycommission.be)

In particular, EASA is committed to working with you to obtain a fair resolution of any complaint or concerns about privacy. If, however, you believe that EASA has not been able to assist with your complaint or concern, you have the right to make a complaint with the competent EU Member State authority.

If you have any questions or wishes in connection with your personal data or you want to exercise your rights, please contact EASA by sending a letter/fax/e-mail or calling at:

EASA European Standards Alliance
Address: Rue des Deux Églises, 26 / Tweerkerkenstraat, 1000 Brussels, Belgium
Telephone: +32 (0)2 513 78 06
Fax: +32 (0)2 513 28 61
Email: privacy@easa-alliance.org

7. Notice updates

In case of any material changes to the way in which EASA collects or uses Personal Data, the type of Personal Data it collects or any other aspect of this Notice, EASA will issue a revised Notice. If EASA makes significant changes to our Privacy Notice, it will use reasonable efforts to contact you to notify you of such changes.

Last updated on May 16, 2018

Privacy policy for EASA Members

1. Notice statement

The European Advertising Standards Alliance (EASA) established rue des Deux Églises, 26, 1000 Brussels, Belgium (hereafter “EASA” or the “Alliance”) has prepared this data protection notice (the “Notice”) to describe its practices regarding the collection, use, storage, transfer and other processing of individually identifiable information about data subjects (representatives, authorized persons, and other contact persons whose personal data is provided by the Member) (“Personal Data“). EASA is the controller responsible for the processing of Personal Data described in this Notice.

2. What personal data EASA collects and how it uses it?

2.1 Legal basis

The processing of your Personal Data described in this Notice is based on your consent or on the contractual necessity (which means that the processing of your Personal Data is required for EASA to provide the services to which EASA Members Organisations are entitled).

The processing of your Personal Data described in this Notice is based on our legitimate interests for the following:

communication to the individuals who were in contact with EASA before 25 May 2018 but who may not have provided a consent fully compliant with the new data protection legislation requirements. Such individuals have the absolute right to object to these communications;
where the processing of Personal Data is strictly necessary and proportionate for the purposes of ensuring network and information security.

2.2 What personal data EASA collects and uses?

The categories of Personal Data that EASA processes will be those provided by the data subject of the member, they are:

Personal details and contact information: this includes without limitation name, maiden name and surname, e-mail and telephone details, work address, job title, LinkedIn URL, IP addresses and photograph.
Any additional personal data you provide this includes without limitation response or booking, participation and/or attendance details, dietary requirements (where refreshment including lunch is provided), billing details (if appropriate), your requirements about confidentiality, how you prefer us to communicate with you, newsletter subscriptions.
IP addresses When visiting this site, visitors’ IP addresses are automatically collected by EASA for system administration and statistical purposes in order to optimise the user experience of this site. Depending on the circumstances, collected IP address data may allow conclusions to be drawn about users’ interaction with this site. However, EASA does not combine IP addresses with other information on the users and cannot relate IP addresses with the identity of the user. EASA solely use IP addresses as such and is not able to identify specific users by way of IP addresses. Your IP address is logged when visiting our site, but our analytic software only uses this information to track how many visitors we have.

2.3 How EASA uses personal data?

Except where restricted by local law, EASA uses the Personal Data listed above for the following purposes:

Entering into a contract with new EASA Member Organisations: EASA processes the Personal Data of applicant EASA Member Organisations’ contact persons for the purpose of entering into a contract with the respective applicant EASA Member Organisation. The legal basis for such processing is the contractual necessity;
Communications: upon your Organisation or entity joining the EASA’s network and based on your job title, its representatives will be added to different relevant working groups and their contact lists, as well as to the relevant EASA Newsletters. On the basis of this, EASA will be sending invitations to meetings, meeting minutes, requests to fill out surveys and communications related to EASA events, trainings and working groups, as well as EASA publications and the relevant EASA Newsletters (Including without limitation the EASA Newsletter and EASA Policy Newsletter). The legal basis for such processing is the contractual necessity yet you may opt-out for some of the communications.
Other: for cases not described above and which go beyond the strict provisions of the services to which EASA Members Organisations are entitled, EASA will ask for your consent.

3. How does EASA store personal data and who can access it?

EASA maintains an automated record of each Member’s Personal Data. This automated record contains most of the data held in the Member’s file. Additionally, EASA maintains Personal Data in various digital documents, namely event attendee lists and meeting records and minutes.

The persons and entities that can have access to your Personal Data are:

All EASA staff based in the offices in Brussels (rue des Deux Églises, 26, 5^th floor);
External professional services, such as IT systems providers (EASA online domain/website hosting supplier, its database software supplier);
In the case of event organisation, co-organiser and event agency for the sole purpose of the organisation of an event you have registered to;

Third party service providers as our processors to only hold and use personal data on our behalf in order to provide us with a service. We may also disclose personal data to our professional advisors and experts in order to obtain their assistance in carrying out our services and our activities.

Where EASA engages a third-party processor to process Personal Data on its behalf, such as those listed above, EASA will delegate such processing in writing, will choose a processor that provides sufficient guarantees with respect to technical and organisational security measures governing the relevant processing, and will obligate the processor to act on EASA’s behalf and under EASA’s instructions. In addition, EASA will impose in writing appropriate data protection and information security requirements on such third-party processors.

4. Confidentiality and Security

EASA stores your data safely and, therefore, EASA maintains appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage to Personal Data. To try to prevent unauthorized access, maintain data accuracy and ensure the correct use of information EASA maintains physical, electronic, standard security practices, including encryption, passwords and physical security measures, and managerial procedures to protect the security and confidentiality of Personal Data. Only a limited number of persons within our organisation are authorised to access, delete or modify your data. These measures are aimed at ensuring the on-going integrity and confidentiality of Personal Data. EASA evaluates these measures on a regular basis to ensure the security of the processing. You can obtain more information concerning the confidentiality and security measures in place by contacting EASA at privacy@easa-alliance.org

5. Data retention

EASA will retain your Personal Data for the duration of the contract with the respective EASA Member Organisation in accordance with applicable legal requirements, and only for as long as necessary for the purposes described in this Notice or as long as required by law or to defend potential legal claims.

If you wish to obtain additional information concerning the duration of the contract between EASA and your EASA Member Organisation please contact: privacy@easa-alliance.org

6. Your rights

To the extent required by applicable law and subject to legal limitations, you have the right:

to have access to your Personal Data;
to have inaccurate data corrected or removed,
to object to the processing of your Personal Data;
to restrict EASA’s use of your Personal Data;
to the erasure of your Personal Data;
to receive your Personal Data in a usable electronic format and transmit it to a third party (right to “data portability”); and
to lodge a complaint with their local data protection authority. (www.privacycommission.be)

If you have any questions or wishes in connection with your personal data or you want to exercise your rights, please contact EASA by sending a letter/fax/e-mail or calling at:

EASA European Standards Alliance
Address: Rue des Deux Églises, 26 / Tweerkerkenstraat, 1000 Brussels, Belgium
Telephone: +32 (0)2 513 78 06
Fax: +32 (0)2 513 28 61
Email: privacy@easa-alliance.org

7. Notice updates

Click here to read privacy policies of each SRO

Last updated on January 7, 2020

Cookie Notice

We use cookies on this website. You can find out more about cookies and how to control them in the information below.

By using our website, pages and/or service you accept the use of cookies in accordance with this Cookie Notice.

If you do not accept the use of these cookies please disable them following the instructions in this Cookie Notice, for instance by changing your browser settings so that cookies from this website cannot be placed on your computer or mobile device.

1. What terms do we use in this Cookie Notice?

EASA referred to as “EUROPEAN ADVERTISING STANDARDS ALLIANCE”, an international non-profit association with a business address of 26 rue des Deux Eglises, 1000 Brussels and registered in Brussels under number BE 0.450.933.006, which is the data controller under Privacy Law.

We use the term “User” to refer to the users of our websites, online pages and services.

We use any of the term “you”, “your” and “yours” to refer to the User who is reading this Cookie Notice.

We use any of the terms “we”, “us”, and “our” to refer to EASA.

We use the term “Personal Data” to refer to personally identifiable information about you.

We use the term “Privacy Law” to refer specifically to the Belgian Law of December 8, 1992 on the protection of privacy and its various implementing regulations and rulings, and to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. .

2. What is a cookie?

Cookies are text files containing small amounts of information which are downloaded to your computer or mobile device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device.

Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improving the user experience.

Certain cookies contain personal information – for example, if you click to “remember me” when logging in, a cookie will store the relevant information in your browser. Most cookies won’t collect information that identifies you, and will instead collect more general information such as how users arrive at and use our websites.

There are mainly four kinds of cookies:

Session cookies last only for the session. They are erased when the user closes the web browser
Persistent cookies remain even after the session is closed. They are stored on a user’s hard drive until they expire (persistent cookies are set with expiration dates) or until the user deletes them. Persistent cookies are used to store identifying information about the user, such as Web surfing behaviour or user preferences for a specific Website
First-party cookies belong to the site where you chose to go.
Third-party cookies are fetched from a site whose content is retrieved indirectly for example through an image tag.

The majority of browsers support them (Internet Explorer, Mozilla Firefox, Netscape, Safari, etc.). However, users can set their browsers to decline cookies, or they can delete their cookies at will.

3. What cookies do we use?

Generally, our cookies perform up to three different functions:

1. Essential cookies

Some cookies are essential for the operation of our website and pages. For example, some cookies allow us to identify the user and ensure the user can access the registration or log in pages. These cookies don’t gather information about you that could be used for marketing or remembering where you have been on the internet. This category should not be disabled. If a user opts to disable these cookies, the user will not be able to access all of the content that such pages entitles them to.

2. Performance and Analytics Cookies

These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies you. All the information that these cookies collect is anonymous and is only used to improve how a website works.

3. Functionality Cookies

We may use functionality cookies to allow us to remember your preferences. For example, cookies save you the trouble of typing in your username every time you access the site, and recall your customisation preferences, such as which regional edition of the website you want to see when you log in. We may also use functionality cookies to provide you with enhanced services such as allowing you to watch a video online or comment on a blog.

4. Does anyone else use cookies on our website?

We may use or allow third parties to serve cookies that fall into the three categories above.
As part of Google Analytics, EASA also uses first-party cookies to monitor traffic to this site. The purpose of these cookies is to understand – at an anonymous, statistical level – who our site visitors are, what brings them to the site and what use they make of it. The longest cookie lifespan of these cookies is 2 years.

You may also control and delete these cookies through your browser settings.

5. How to control and delete cookies through the browser?

The ability to enable, disable or delete cookies can also be completed at browser level. In order to do this, follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” facility. Disabling a cookie or category of cookie does not delete the cookie from your browser, you will need to do this yourself from within your browser. Please remember that if you do choose to disable cookies, you may find that certain sections of our website do not work properly.