Hi, we are ESTIEM, and this is how we treat your data. Take some minutes to read through this document, no legalese, we swear.
Some basic definitions to start
Any information that can lead to identifying a person directly or indirectly is considered personal data. This includes any pieces of information that together can identify an individual even if they don’t lead to this person on their own.
The Data Processor is any entity that can take actions – process – the data on behalf of the Data Controller. The Data Controller is an entity that defines the purposes and means of data processing. Processing can mean to store, adapt, alter, retrieve, and more, in relation to any kind of data.
If somebody uses automatic means to analise your data in order to predict a behavior, interest, performance, or any other attribute, this person is profiling you. It’s the way online shops use to suggest you items you may want to buy.
baked or cooked f tiny files that are stored in your device, and they can be installed or read by websites. Those files may contain informations essential to a website functioning or they can be used to collect informations about you. Not a inherently evil device on their own, they can be used to invade your privacy or to make you browse the pages you love.
What data we collect and why
Who can access the data you share with us?
Means through which you can share personal data
The most notable way of collecting data is the ESTIEM portal, contained in the the domain “estiem.org”; everything going through the IT infrastructure and stored in the database is accessible by the Vice-President of Administration, the IT Committee, and Analysis Committee. Other than that, some less obvious way through which you can share personal data with us are listed below.
Here the international level of ESTIEM discuss and shares ideas. Everything you post here or any comment you add is to be considered as shared with the whole ESTIEM network as the access is limited to members of organisations associated with ESTIEM. If any post is created to share data with other organisation it will be specified in the post itself.
Some of the lines that guided our thoughts
"Grey areas in GDPR ain't made for you to avoid being compliant, but to make you able to run your business while being respectful of people's privacy"
"We don't get compliant because of the law, but because of ethics"
ESTIEM cares about your privacy
We believe that every effort done towards ensuring someone’s privacy is a show of respect. We fully agree with the principles of GDPR as much as we want them respected when our data is on the line, we want to hear a reason for keeping data, we want it to be confidential, and kept just for the time needed.
For that reason we purged the database of any data collected in the past that is no more in line with what is strictly needed, and we are implementing privacy by design in all the new processes of ESTIEM, while we keep making the old ones fully transparent and compliant.
ESTIEM makes no profits out of your data, nor disclose any of it without your consent.
We also believe that information about your privacy and how we handle your data must be easely accessible, clear, and honest; this is why we wanted to craft the policy this way, for you.