The new General Data Protection Regulation (GDPR) came into force in May 2018. It applies to all organisations that collect, store and process personal data. As a membership organisation EURHODIP needs to keep and process information about you for normal membership operation purposes.
2. Explicit Consent
When collecting your personal data it is necessary to:
- Clearly state the reason for needing the data
- Obtain sufficient and explicit consent regarding the collection and processing of your data
- Communicate with you to let you know the duration that we will keep your data
- State who may have access to the data.
3. Your rights
You have the following rights:
- The right to access and verify the data and if necessary rectify the data.
- The right to be forgotten, for us to delete your personal data.
- The right to data portability, and to provide you with a copy of your data in electronic format.
- The rights to object, to require EURHODIP not to process your data other than for the purposes of your membership.
- The rights to the secure storage of your data.
- The right that your personal data will not be communicated to any third parties without your written authorisation.
- You have a right to lodge a complaint if you believe that we have not complied with the appropriate regulations.
4. EURHODIP obligations and actions
The information we hold and process will only be used for the membership and administrative purposes. We’ll keep and use it to enable us to run the organisation and manage our relationship with you effectively, lawfully and appropriately. This applies when you join us, whilst you’re a member, at a time if you ever decide to end your membership with us, and if you then choose to re-join us.
This includes using information to enable us to comply with the terms and conditions, to comply with legal requirements, to pursue the legitimate interests of EURHODIP and protect our legal position in the event of legal proceedings. If you do not provide this data, we may not be able, in some circumstances, to comply with our obligations and we’ll tell you about the implications of that decision.
As a membership organisation representing The Leading Hotel Schools in Europe we may sometimes need to process your data to pursue our legitimate interests. The nature of our legitimate interests are to provide you with information about, and access to, your membership benefits; to provide you with news about your membership as well as other relevant news about Congresses, events, policy, as well as content about Newsletters and other communications.
The data will be processed and accessed by the Secretariat, Treasurer and authorised members of the Board.
In addition, we may need to process the data we hold for the purposes of administering invoices and collecting opinions via membership surveys panel about issues that could affect your school or EURHODIP’s collective interests. Please be assured that we will never process your data where these interests are overridden by your own privacy.
The information we hold will have been provided by you.
The sort of information (data) we hold includes your name, school (organisation) address, telephone numbers, email addresses, the name of your school (or organisation) . We also maintain records of when you contact us, and this is likely to be by storing emails. Where we’re processing data based on your consent, you have the right to withdraw that consent at any time.
We’ll only ever disclose information about you to third parties if we’re legally obliged to do so, or where we need to comply with our contractual duties to you.
Should you decide to terminate your membership with EURHODIP for whatever reason, your personal data will be stored for a period of twelve months from the date your membership ends and after this time it will be deleted from our systems.
If you have any concerns as to how your data is processed you can contact the Secretariat at firstname.lastname@example.org