The data that you give us when contacting us or when contracting with us as well as the data that you generate and/or provide us with when visiting our website are essentially personal data.
We always process your personal data on the basis of and within the boundaries of the legal bases as laid down under this General Data Protection Regulation. We also ensure to limit the processing of your personal data to what is strictly necessary for the achievement and performance of the purposes described hereunder.
1. FIGIEFA as data controller
Your personal data are processed by FIGIEFA, having its registered seat at Woluwelaan/ Boulevard de la Woluwe, 42/5, at 1200 Brussels and registered with the Kruispuntbank van Ondernemingen/Banque-Carrefour des Entreprises (Crossroads Bank for Entreprises) under number 0472.205.007.
As a data controller we solely determine the purposes and means of the processing of personal data.
2. How and why do we process your data?
2.1. PURPOSES OF PROCESSING AND DATA CATEGORIES
We may process your personal data as a Member of our association, as a non-Member of our association or as a Participant to our events or as a person from the general public. The data can be either provided directly by yourself or potentially gathered from official websites freely available to the public. We are never treating any sensitive personal data in the meaning of the General Data Protection Regulation for these purposes. All these data are essential to us; without them, we cannot carry out our mission.
A) Your personal data as a Member or future Member of our Association
We use your data only to inform you about the European Union (‘EU’) and national policies, legislative and automotive industry related issues that are relevant for you. We consider such processing is necessary as it enables us in the execution of our mission and statutes to provide you with the services that your association or company requests from us through its membership of FIGIEFA or, at your request, in order to take the necessary steps prior to becoming a Member of our Association (Article 6(1)(b) of the General Data Protection Regulation).
To this end, we are processing the following data: your name, first name(s), gender, language, date and place of birth (if applicable), job title, company’s or association’s name, address, phone(s) and or/fax numbers, email address, company number and VAT number (if applicable)..
B) Your personal data as a non-Member of our association
In the course of our policy communication and the execution of our mission and statutes, we may use your data and contact you as, but without limitation, policymakers, authority or government representatives, stakeholders, association representatives or journalists, to communicate you our position on EU policy, legislative or sectorial issues or to invite you to our events and send you our press release or position papers. We consider such processing to be in the legitimate interest of FIGIEFA (Article 6(1)(f) of the General Data Protection Regulation) as a trade association whose mission is, in a representative democracy, to represent the European independent automotive spare parts distributors and its repair chains at EU level and to act as an interface between our Member associations and companies and the EU institutions, the media and other companies and associations that inform EU and national decision makers-. We believe our legitimate interest outweighs your right to the protection of your personal data since we process your data only to contact you in your professional capacity and to send you only information that may be relevant for your professional activity.
Within the framework of the execution of our activities, we may also use your data and contact you as, but without limitation, contractors, to perform (pre-)contractual arrangements and to communicate with you in this respect. We consider such processing is necessary for the performance of a contract to which you are a party or in order to take steps prior to entering into a contract (Article 6(1)(b) of the General Data Protection Regulation).
To this end, we are processing the following data: your name, first name(s), gender, language, job title, company’s or association’s name, address, phone(s) and fax numbers, email address, company number and VAT number (if applicable).
C) Your personal data as a Participant to our events
When organising events, your personal data are processed to invite you (if you were already Participant in any previous FIGIEFA event or if you are falling into the category of people where FIGIEFA can demonstrate any legitimate interest for processing your data) and/or when filling in the registration form. We consider such processing to be either necessary in the sense of Article 6(1)(b) of the General Data Protection Regulation or in the legitimate interest of FIGIEFA (Article 6(1)(f) of the General Data Protection Regulation) as a trade association whose mission is, in a representative democracy with a free press, to represent and promote the European independent automotive spare parts distributors and their repair chains at EU level. We believe our legitimate interest outweighs your right to the protection of your personal data since we process your data only to contact you in your professional capacity and to send you only information that may be relevant for your professional activity.
To this end, we are processing the following data: your name, first name(s), gender, language, date and place of birth, job title, company’s or association’s name, address, phone(s) and fax numbers, email address, company number and VAT number (if applicable).
D) Your personal data when consulting our website
Online contact form: When visiting our website, it is possible that you enter into contact with us by filling in the online contact form. The data you provide us by this way are only used to satisfy your request for information. To this end, we are processing the following data: your name, email, the subject of your message and the content of your message itself. All these data are essential to the processing of your request.
We will retain your personal data as long as they are current and for no longer than necessary, considering the following criteria:
- Whether we have a legal basis to continue to process your data (such as a contractual relationship, our legitimate interest or your consent).
- Whether we have any legal obligation under Belgian law to continue to process your data.
As Member or contractor or as Participant to our events, your personal data will be kept during our contractual relationship as well as for a period of maximum 10 years after the end of the contractual relationship.
As non-Member and non-contractor, we retain your contact information until you express your wish to unsubscribe from our list of contacts.
3. On which legal basis do we process your data?
3.1. With Your consent (legal basis: art 6(1)a, of the GENERAL DATA PROTECTION REGULATION)
When we process your personal data, beyond the interactions with our Members or with our contractors or beyond our institutional communications or communications with respect to FIGIEFA’s events, we strive to rely on your consent, to put you in control of your personal data. Subject to obtaining your prior, freely given, specific and unambiguous consent and in accordance with the General Data Protection Regulation, we may process your personal data, such as e-mail address, in order to send you personalised information. You always have the right to withdraw your consent at any time.
3.2 Performance of our duties (legal basis: art 6(1)B and c, of the GENERAL DATA PROTECTION REGULATION)
We process personal data of (former and future) Members’ representatives, namely (but not limited to) for the management of membership, registration of members at meetings or communication with our members (such as, news, updates, activities).
We process events (former) Participants’ personal data for the carrying out of FIGIEFA’s events, namely (but not limited to) to ensure the good processing and follow-up of your registration. We limit the processing of events participants’ personal data to what is strictly necessary for the achievement and performance of this purpose.
We also process personal data of the people managing and working at FIGIEFA.
We may also process your personal data where this is necessary for the performance of our legal duties (tax and accounting obligations) or for the performance of our (pre-)contractual obligation towards you. In such a case, we limit the processing of your personal data to the extent of what is strictly necessary.
3.3 Legitimate interest of FIGIEFA (legal basis: art 6(1)f, of the GENERAL DATA PROTECTION REGULATION)
FIGIEFA may also process your personal data for other purposes than those falling strictly under the abovementioned reasons, falling then under the achievement and the realisation of its legitimate interests. In such a case, however, FIGIEFA strives to maintain a fair balance between the need to process your data and the preservation of your privacy.
Against this background, we may process your personal data for the following reasons:
- to contact policymakers, authority or government representatives, stakeholders, association representatives and journalists on policies, legislative and sectorial issues, and communicate the position of FIGIEFA on these issues,
- to contact Participants to FIGIEFA’s events,
- to send newsletters to policymakers, stakeholders, authority or government representatives, association representatives and journalists or to Participants to FIGIEFA’s events.
4. DATA sharing
As the case may be, your data may be transmitted to our external legal counsel or to a bailiff if a litigation arises.
Personal data may also be accessed during the maintenance of our IT infrastructure, management programs, the realisation and maintenance of our website. In this case, our IT subcontractors could access your data to the extent that is strictly necessary for the execution of their respective missions. They will not keep the data they have access to.
We do not transfer your data outside the European Union and our servers are located in the EU.
We may disclose your personal data where we are required to do so by applicable law, by a governmental body, by a law enforcement agency or in connection with an investigation of suspected or actual fraudulent or illegal activity.
5. WHAT ARE YOUR RIGHTS? how can you exercise them?
5.1 Access, rectification, erasure, portability and objection rights
For all the purposes defined above, and subject to the General Data Protection Regulation, you have the following rights:
Information – This right is exercised through this document. If the data processed includes the data of your staff members, you commit yourself to let them know about this document.
Access and rectification – You have the right to access your data and have it rectified if necessary. We have a process in place to communicate updates of personal data to third parties who have validly received the data.
Opposition – You may object to the processing of your data that we do on the basis of our legitimate interest, within the limits afforded by the General Data Protection Regulation. We have process in place to comply with requests to restrict the processing of data if requested, including any processing by third parties.
Withdraw your consent – When the data is processed under your consent, you may revise this decision at any time, however without questioning past treatment. We have process in place to ensure processing is stopped, including any processing by third parties.
Deletion – You can request the deletion of your data or the limitation of the processing of your data under the conditions provided for in Articles 17 and 18 of the General Data Protection Regulation.
Portability – The data you have provided to us may be communicated to you or transmitted to another controller in electronic format.
5.2 How to exercise those rights?
You may at any time exercise the abovementioned rights in accordance with the General Data Protection Regulation, by sending a written request, accompanied with a proof of your identity (copy of your ID card, passport, or other proof of identity) to firstname.lastname@example.org.
You can also always have recourse to the Data Protection Authority whose contact details are listed on the website: https://www.autoriteprotectiondonnees.be/contact.
5.3 Right to lodge a complaint
You can also lodge a complaint to the Belgian Data Protection Authority either by post at rue de la Presse 35, 1000 Brussels, or by e-mail at email@example.com or by phone at +32 2 274 48 00.
6. How do we protect your personal data?
Your personal data is treated confidentially. FIGIEFA makes every effort to take appropriate technical and organisational measures to safeguard and protect your personal data against unauthorised or unlawful processing and against accidental destruction, loss, access, misuses, damage and any other unlawful forms of processing of the personal data in our possession.
If you share information of the FIGIEFA website through social networks, personal data may be viewed by visitors of your personal pages on these sites. FIGIEFA cannot in any way be held liable for any data processing by means of this type of media.