1. You are here:
  2. Excellence in Professional Congress Organisation
  3. Policies
  4. Privacy Notice

Privacy Notice

IAPCO is committed to protecting your data and complying with our obligations under the GDPR and the Data Protection Act 2018. Under the GDPR, a Data Controller determines the purposes and means for processing personal data. A Data Processor processes personal data on behalf of a Data Controller.

IAPCO Privacy Notice

IAPCO is a Data Controller under the EU and UK GDPR. We process determine the means and purposes of processing data for our own business purposes – e.g. processing employee and member data. We also Further details about how we process personal data can be found throughout this statement. IAPCO is referred to as “we”, “us”, “our”, “the company” throughout this privacy statement.
 

Our contact information

Company name: IAPCO
Address: C/O Prager Dreifuss,  Muhlebachstrasse 6, 8008 Zurich, Switzerland
Email address: [email protected]
 

About this Privacy Notice

This privacy notice outlines the following:
 
  • What personal data we collect and about whom
  • Why we collect personal data
  • How we use personal data
  • The lawful basis for collecting personal data
  • Your rights in relation to your personal data
  • How we collect personal data
  • How we store personal data
  • Who we share personal data with
  • How we keep personal data secure
  • How long we keep personal data
  • How we use personal data for marketing
  • Transferring data internationally (outside the EEA)
  • Our use of cookies
  • Your right to complain

Your Personal Data

Under the GDPR, IAPCO must be transparent about the data we collect, about whom and why we need it.  We are required to have a lawful basis, and where appropriate, a condition for processing personal data. Details of what personal data we collect, about whom, why we collect it, how we use it can be found in the following section. Where we rely on consent as a lawful basis, you have the right to withdraw your consent at any time and can do this by contacting us at [email protected].
 

Member Contacts

We process personally identifiable data of our employees of our Accredited and Registered Office members. The data is used to administer, and communicate with you about membership and to allow access to member benefits. This includes sending communications about the membership, benefits, and allowing access to the member only area of our website. To do this, we collect your contact information, your employment information, contact preferences, and your login information for the website.
 

Your rights in relation to your personal data

Under the GDPR you have the following rights in relation to your data. All requests can be made free of charge and we have one month to respond:
 

The right to be informed
You have the right to be informed when we collect your personal data from you directly or indirectly from another source.

The right of access
You have the right to request copies of the data we hold about you.

The right rectification
You have the right to request that we complete any information about you that you think is incomplete. You also have the right to request that we rectify any inaccurate information that we hold about you.

The right erasure
Also referred to as the “right to be forgotten”, you have the right to ask us, in certain circumstances, to erase your data.

The right to be informed
You have the right to be informed when we collect your personal data either directly from you or indirectly from another source.

The right to object to us processing your personal data
You have the right to object to us processing your personal data in certain circumstances. For example – for the purposes of direct marketing.

The right to restrict us processing your personal data
You have the right to restrict us processing your data in certain circumstances. This means that we may still be able to hold the data but not process it.

How we collect personal data

We collect your personal data via the following methods:
 
  • Directly from you – we collect your personal data directly from you for the purposes outlined in ‘Your Personal Data’ above. We collect personal data via a number of methods – e.g. when you provide it on a contact form on our website or by completing one of our online forms and/or signing up to receive communications from us. We also collect data by email, telephone, and during meetings (in-person, online etc) (i.e. using Zoom, Microsoft Teams).
  • Indirectly – e.g. from your employer as part of their membership with IAPCO. Where we have your consent, we collect personal data (such as IP address and online behaviours) using tracking Cookies.

How we store personal data

IAPCO store your personal data on our internal, paper and digital systems as well as on our Data Processor systems – e.g. Microsoft365, our customer relationship management database (ReadyMembership), MailChimp and Google Analytics, Zoom, Microsoft Teams etc.
 

Who we share personal data with

IAPCO will never sell your personal data. We share your personal data with suppliers and providers – e.g. Data Processors – whose systems software we use (listed in ‘How we store personal data) – and any independent consultants / sub-contractors who we assist us to deliver services to you.  In certain circumstances IAPCO will be required to disclose personal data. Examples include:
 
  • In an emergency situation (e.g. life or death) – i.e. to protect the vital interest of an individual(s)
  • In the interest of national security
  • To prevent or detect crime, including the apprehension or prosecution of offenders
  • To prevent serious harm to an individual(s) – e.g. a health and safety concern

How we keep personal data secure

IAPCO have appropriate physical and technical security measures in place to protect your personal data. We ensure that we have provisions in place to ensure that only authorised persons have access to personal data, that your data is kept secure, and that we have processes and procedures in place to prevent accidental loss, destruction, alteration, unauthorised access or disclosure of your personal data. We have incident and breach processes and procedures in place to deal with and respond to any suspected breaches of your personal data and will notify you and any relevant regulators in the event of a breach where we are required to do so. When engaging independent consultants, sub-contractors and Data Processors, we carry out due diligence to ensure that they employ appropriate levels of security and that they comply with the GDPR.
 

How long we keep personal data

IAPCO have a Data Retention Policy and Retention Schedule in place to ensure that your data is only kept for a long a necessary, and in line with the purposes that it was collected. Retention timescales are outlined in the ‘Your Personal Data’ table above.
 

How we use personal data for marketing, profiling and automated decision making

Where appropriate, and consent obtained if required, we will use your data to market membership, our products, and services to you, including when browsing website and through social media. Where you have given your consent, you have the right to withdraw it at any time by:
 
  • Using the unsubscribe link in emails
  • Managing your preferences in your profile in our member area
  • By contacting us at [email protected]

Transferring data internationally (outside the EEA)

The GDPR places obligations on Data Controllers to ensure that provisions are put in place when data is being transferred outside of the EEA. When tendering for new suppliers and systems, IAPCO will carry out due diligence to ensure that, where possible, data is not transferred outside of the EEA. In the event that data will be transferred outside of the EEA, we will ensure that appropriate safeguards and provisions – as outlined under the GDPR – are in place prior to transferring the data.
 

Your right to complain

If you are unhappy with how we use your personal data you have the right to us at [email protected].
You also have the right to complain to your local Supervisory Authority. You can find a list of Supervisory Authorities here. https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

Our use of cookies

Introduction

Digital & Data Consultancy’s website and services, we will ask you to consent to our use of cookies when you first visit our website.
 

About cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies may be either “persistent/permanent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

Cookies may not contain any information that personally identifies a user, but personal data that we store about you may be linked to the information stored in and obtained from cookies.

Cookies that we use

We use cookies for the following purposes:
  • tracking visits – to identify you when you visit our website and as you navigate our website. Cookies used for this purpose are: Session cookies;
  • personalising your visit – we use cookies to store information about your preferences and to personalise our website for you. Cookies used for this purpose are: permanent cookies;
  • advertisements – we use cookies to help us to display advertisements that will be relevant to you on our website and on third party platforms such as Facebook and other social media platforms. Cookies used for this purpose are: permanent cookies;
  • analysis – we use cookies to help us to analyse the use and performance of our website and services. Cookies used for this purpose are: permanent cookies; and
  • cookie consent – we use cookies to store your preferences in relation to the use of cookies more generally. Cookies used for this purpose are: permanent cookies.

Cookies used by our service providers

Our service providers use cookies and those cookies may be stored on your computer when you visit our website. Service providers Google Analytics – Google Analytics gathers information about the use of our website by means of cookies. The information gathered is used to create reports about the use of our website. You can find out more about Google’s use of information by visiting https://www.google.com/policies/privacy/partners/ and you can review Google’s privacy policy at https://policies.google.com/privacy. The relevant cookies are: permanent cookies.

Managing cookies

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
 

Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, this may impact the use of some of the features on our website.

Cookie preferences

You can manage your preferences relating to the use of cookies on our website by not accepting cookies.