This Privacy & Data Protection Policy describes the types of data we may collect from you or that you may provide when you visit our main website www.Rotary-Arendonk.be, www.Motary.be or any other website owned by RC Arendonk (our "Websites"), join our club, use our services, or participate in our projects and activities. It also describes our policies and practices for collecting, using, protecting, and disclosing that data.
This Policy applies to personal data we collect:
- On our Websites
- When you interact with us as part of projects or our advertising and applications on third-party websites and services, if those applications or advertising include links to this Policy
- When you sign up for and/or attend any events that we host
- When you interact with us in another way, for example, contacting us with an inquiry
Data We Collect About You and How We Collect It
We collect several types of personal data, including:
- Data by which you may be personally identified, including your name, postal address, email address, or telephone number ("personal data") and/or
- Data about your interest in our events
We collect data from:
- Donations and contributions to the charities we support and events we organize
- People who attend RC Arendonk events
We only collect this data:
- Directly from you when you provide it to us
- From subscriptions to our events, presentations, lectures, etc. that you’ve signed up for via our Websites
Data You Provide to Us
We collect data you provide when you interact with our Website or when dealing with RC Arendonk or our network offline. That data includes:
- Personal data that you provide by making an inquiry of RC Arendonk or joining events organized by RC Arendonk; this includes data provided when registering on Websites of RC Arendonk for specific events or activities.
- Personal data you provide when posting material on our Websites
- Personal data you provide when you report a problem with our Websites
- Records and copies of your correspondence (including email, social media posts, and other electronic messages), if you contact us
- Your responses to surveys that we might ask you to complete for research purposes
- Your registration to attend and/or participate in RC Arendonk events
- Personal data you provide when making a donation
- Personal data you provide when submitting applications, for example, for grants, fellowships, or scholarships
- Details of transactions you carry out through our Website and details of the fulfillment of your attendance to our events (you may be required to provide financial personal data before confirmation of attendance or placing an order through our Websites)
Features that are developed in the future may result in the collection of additional new personal data.
You also may provide data to be published or displayed (hereinafter, "posted") on public areas of the Website or transmitted to other users of the Website or third parties (collectively, "User Content"). Your User Content is posted on the Website and transmitted to others at your own risk. Although we limit access to certain pages and you may set certain privacy settings for entering data on our websites, no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Content.
Usage Details, IP Addresses, Cookies, and Other Technologies
As you navigate through and interact with our Website, we may automatically collect certain data about your equipment, browsing actions, and patterns, including:
- Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on our Website
- Information about your computer and internet connection, including your IP address, operating system, and browser type
The data collected in this way is anonymous. It is aggregated into statistical data to help us improve our Website and to deliver a better and more personalized service by enabling us to:
- Estimate our audience size, browser statistics, popularity of content, and usage patterns
- Speed up your searches
- Recognize you when you return to our Website
How We Use Your Personal Data
We use data that we collect about you or that you provide to us, including any personal data:
- To present our Website and its contents to you
- To provide you with information, products, or services that you request from us
- To offer and fulfill our core business purposes, which include:
- Fulfilling Rotary's obligation to Rotarians and other individuals
- Financial processing
- Supporting The Rotary Foundation, including fundraising efforts
- Facilitating convention and special event planning
- Communicating key organizational messages through RC Arendonk publications and other materials
- Supporting the programs and membership of Rotary
- Complying with any legal obligations
- To fulfill any other purpose for which you provide it
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection
- To notify you about changes to our Website or any products or services we offer or provide through it
- To allow you to participate in interactive features on our Websites
- To store information about your preferences, allowing us to customize our Websites according to your individual interests
- In any other way we may describe when you provide the personal data
- For any other purpose where we have your consent
We may also use your data to contact you about our own events and services that may be of interest to you. RC Arendonk confirms that it will not sell or trade its data.
Disclosure of Your Personal Data
We may disclose aggregated data about our users, and data that cannot be used to identify any individual, without restriction.
We only disclose personal data that we collect or you provide as described in this Policy:
- To fulfill the purpose for which you provide it
- For any other purpose disclosed by us when you provide the data
- With your consent
We may also disclose your personal data:
- To comply with any court order, law, or legal process, including responding to any government or regulatory request.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of RC Arendonk, Rotary, Rotarians, Rotary clubs, Rotary districts, or others. This includes exchanging personal data with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Choices About How We Use and Disclose Your Personal Data
We strive to provide you with choices regarding the personal data you provide to us. We have created mechanisms to provide you with the following control over your data:
- Disclosure of Your Personal Data for Third-Party Advertising. We do not share your personal data with unaffiliated or non-agent third parties for promotional purposes.
RC Arendonk Donor Privacy Personal Data
RC Arendonk will not sell, trade, or share a donor's personal data, including their name, phone number, email, or physical address, with non-Rotary entities, nor will it send donors mailings on behalf of other unrelated organizations. This policy applies to all donor data received by RC Arendonk, both online and offline, as well as any electronic, written, or oral communication. RC Arendonk does not use third-party vendors to manage and process donor data.
Accessing and Correcting Your Personal Data
You may access and correct your data using the following method:
We may choose not to accommodate a request to change or delete data if we believe the change or deletion would violate any law or legal requirement or cause the data to be incorrect.
Children Under the Age of 18
We have implemented technical and operational measures designed to secure your personal data from accidental loss and from unauthorized access, use, alteration, and disclosure. When developing new or enhancing existing systems and processes, RC Arendonk implements appropriate data protection throughout its data processing operations. All personal data you provide to us is stored on password-protected databases on our secure servers behind firewalls and we use Secure Sockets Layer (SSL) to ensure that the transmission of sensitive data for payments and contributions is encrypted and appropriately safeguarded. We train our members on the importance of data security and focus specifically on practices for protecting against unauthorized disclosure of personal data. We have a documented incident response plan for promptly acting upon events that violate RC Arendonk security or privacy policies, should they occur, and this plan is reviewed and updated on an ongoing basis.
The safety and security of your personal data also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. Passwords registered with our Website are encrypted to ensure protection against unauthorized access to your personal data. We ask you not to share your password with anyone. We urge you to be careful about giving out personal data in public areas of our Website. The personal data you share in public areas may be viewed by any user of our Websites.
Unfortunately, the transmission of personal data via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Website or over any public network. Any transmission of personal data is at your own risk. Without prejudice to any mandatory legal obligations to which we may be subject, we are not responsible for circumvention of any privacy settings or security measures contained on our Website.
RC Arendonk may change, add, modify or remove portions of this Policy at any time, which shall become effective immediately upon posting on this page. The date the Policy was last revised is identified at the bottom of the policy. It is your responsibility to review this Policy for any changes. By continuing to use our Website, use our services, or participate in our events, you agree to any changes in the Policy.
Last modified: 11 January 2019
Appendix A: EU Privacy Notice
If you are a resident of the European Union (EU) or European Economic Area (EEA) whose personal data we collect, the following additional information applies to you.
If you are an EU or EEA resident and RC Arendonk knowingly collects your personal data, we will do so in accordance with applicable laws that regulate data protection and privacy. This includes, without limitation, the EU General Data Protection Regulation (2016/679) ("GDPR") and EU member state national laws that implement or regulate the collection, processing and privacy of your personal data (together, "EU Data Protection Law").
This Privacy Notice also provides information on your legal rights under EU Data Protection Law and how you can exercise them.
How Personal Data is Collected
Because of the nature of the Rotary International organization and our club, RC Arendonk may hold and process personal data that is collected from other Rotary clubs, districts, and partner organizations around the world, including within the EU/EEA.
This also means that if you contact RC Arendonk and are a resident in the EU/EEA, your personal data may be transferred from the EU/EEA to Rotary headquarters in the United States, and may also be accessed and processed from Rotary's international offices in Australia, Brazil, India, Japan, South Korea, and Switzerland.
U.S. data privacy laws are currently not considered to meet the same legal standards of protection for personal data as those set out under EU Data Protection Law. However, in order to safeguard personal data received from the EU/EEA, we allow such a transfer of personal data to the U.S. or other third countries only under an approved contract or another appropriate mechanism that is legally authorized under EU Data Protection Law.
This is to make sure that the personal data that RC Arendonk receives and processes (so far as it relates to residents of the EU/EEA) is properly safeguarded in accordance with similar legal standards of privacy you would enjoy under EU Data Protection Law.
If RC Arendonk provides direct marketing communications to individuals in the EU/EEA regarding services and/or events that may be of interest, this will be done in accordance with EU Data Protection Law, and in particular where we contact individuals for direct marketing purposes by SMS, email, fax, social media, and/or any other electronic communication channels, this will only be with the individual's consent or in relation to similar services and events to services and events that the individual has purchased or attended (or made direct inquiries about purchasing) from RC Arendonk before.
Lawful Grounds on Which We Collect and Process Personal Data
We process your personal data for the above purposes, relying on one or more of the following lawful grounds under EU Data Protection Law:
- When you have freely provided your specific, informed, and unambiguous consent for RC Arendonk to process your personal data for particular purposes
- Where we agree to provide services to you, in order to set up and perform our contractual obligations to you and/or enforce our rights
- Where we need to process and use your personal data in connection with our legitimate interests and need to be able to effectively manage and operate our organization and events. We will always seek to pursue these legitimate interests in a way that does not unduly infringe on your legal rights and freedoms and, in particular, your right to privacy; and/or
- Where we need to comply with a legal obligations or for the purpose of our being able to establish, exercise, or defend legal claims
Please also note that some of the personal data we receive and that we process may include what is known as "sensitive" or "special category" personal data about you, for example, personal data regarding your ethnic origin or political, philosophical, and religious beliefs. This is not the type of data that RC Arendonk or its committees routinely collect, but if we process such sensitive or special category data, we will do it only in situations where:
- You have provided us with your explicit consent to use it
- We have a legal obligation to process such data in accordance with EU Data Protection Law
- It is needed to protect your vital interests (or those of someone else), such as in a medical emergency
- You have clearly chosen to publicize such information; or
- It is needed in connection with a legal claim that we have or may be subject to
Disclosing Your Personal Data to Third Parties
We may disclose your personal data to certain third-party organizations that are processing data solely in accordance with our instructions ("Data Processors"), such as companies and/or organizations that support our business and operations (for example, providers of web or database hosting, IT support, payment providers, event organizers, agencies we use to conduct fraud checks, or mail management service providers), as well as professionals we use such as lawyers, insurers, auditors, or accountants. We use only those Data Processors that can guarantee to us that adequate safeguards are put in place by them to protect the personal data they process on our behalf.
In certain circumstances, for example, if you attend our events or participate in Rotary programs, we may also disclose your personal data to third parties called "Data Controllers." Such third parties may include companies, foundations, government bodies and ngo’s. Due to the nature of the business of the Data Controllers, they will make their own determinations as to how they process your personal data. As Data Controllers, they are required to follow the EU Data Protection Law and are required to protect personal data with adequate safeguards and provide you with notice if their processing goes beyond the instructions RC Arendonk provided. The types of external third-party Data Controllers listed above may handle your personal data in accordance with their own chosen procedures, and you should check the relevant privacy policies of these companies or organizations to understand how they may use your personal data.
Other than as described above, we will treat your personal data as private and will not routinely disclose it to third parties without your knowing about it. The exceptions are in relation to legal proceedings or where we are legally required to do so and cannot tell you (such as a criminal investigation). We always aim to ensure that your personal data is used only by third parties we deal with for lawful purposes and who observe the principles of EU Data Protection Law.
How Long We Retain Your Personal Data
RC Arendonk retains personal data identifying you for as long as necessary in the circumstances — for instance, as long you indicated to receive information on events and other activities, for a reasonable period to send you marketing materials where we have regular contact with you, or as may be needed to enforce or defend contract claims or as is required by applicable law.
RC Arendonk has adopted a Records Management Policy (which we may make available on request). The criteria we use for determining the relevant retention and disposal periods we adopt are based on the purpose for which we hold data and the reasonable expectations of those whose personal data we collect in these circumstances, taking into account various legislative requirements and guidance issued by relevant EU regulatory authorities.
In accordance with the above retention policy, the personal data that we no longer need will be disposed of and/or anonymized so you can no longer be identified from it.
Your Personal Data Rights
In accordance with your legal rights under EU Data Protection Law, you have a "subject access request" right, under which you can request information about the personal data that we hold about you, what we use that personal data for and who it may be disclosed to, as well as certain other information.
Usually we will have one month to respond to a subject access request. However, we reserve the right to verify your identity, and we may, in case of complex requests, require a further two months to respond. We may also charge for administrative time in dealing with any manifestly unreasonable or excessive requests. We may also require further information to locate the specific data you seek, and certain legal exemptions under EU Data Protection Law may apply when we respond to your subject access request.
Under EU Data Protection Law, EU/EEA residents also have the following rights, which you may exercise by making a request to us in writing:
- That we correct personal data that we hold about you that is inaccurate or incomplete
- That we erase your personal data without undue delay if we no longer need to hold or process it
- To object to any automated processing (if applicable) that we carry out in relation to your personal data, for example, if we conduct any automated credit scoring
- To object to our use of your personal data for direct marketing
- To object to and/or to restrict the use of your personal data for a purpose other than those set out above unless we have a compelling legitimate reason; or
- That we transfer personal data to another party where the personal data has been collected with your consent or is being used to perform services under a contract with you and is being processed by automated means
So we can fully comply, please note that these requests may also be forwarded to third-party data processors that are involved in the processing of your personal data on our behalf.
If you make a request and are not satisfied with our response, or you believe that we are illegally processing your personal data, you have the right to complain to the Office of the Information Commissioner in Belgium.