Privacy Policy
As the provider of the website www.hespalliance.org (hereinafter “Website”), we at HESP Alliance (“HESP Alliance”) are Controller as defined in applicable data protection law, more specifically the General Data Protection Regulation (EU) 2016/679 (“GDPR”), and are therefore responsible for the personal data (“Personal Data”) of the Website user. As a user of the Website you consent to HESP Alliance use of your Personal Data under this privacy policy and you acknowledge and accept that HESP Alliance processes your Personal Data. Your privacy is important to HESP Alliance and HESP Alliance is committed to protecting your privacy. This privacy policy explains how HESP Alliance collects and processes Personal Data, what Personal Data HESP Alliance processes and for what purposes such data is processed.
Information about the Controller
1. What Personal Data and other Customer Data does HESP Alliance collect?
When you access the Website and its forms, HESP Alliance collects information that includes your IP address, login data, the type of browser and version that you are using, the browser language, the operating system and platform, the date and time of access, commercial contact details as provided by you, the time zone setting, device type, geography and any other information transferred by you.
The Personal Data that HESP Alliance collects may include names, surnames, e-mail addresses, postal addresses, phone numbers, how you used our Website, length of visits, page interaction information and other Personal Data provided by you when you sign up for the services and when you use the Website. HESP Alliance will only process your Personal Data to the extent necessary to fulfil the services and for purposes which are compatible with providing the services, such as directing advertisement regarding the services to you.
When processing Personal Data, HESP Alliance complies with all applicable data protection laws, in particular (but not limited to) GDPR.
2. How do we collect Personal Data and Customer Data?
You trust HESP Alliance with your Personal Data and any data that you insert in connection with the services that could be both Personal Data for your own use and other data (“Customer Data”) when you register to use the services.
HESP Alliance also collects Personal Data using cookie files to improve and personalize your use of the services. When you use HESP Alliance services, HESP Alliance saves cookie files on your computer. Cookies are small text files that, unless you have adjusted your browser setting to refuse cookies, our system will send your device when you visit the Website. Cookies collect standard internet log information and visitor behaviour information. The cookie files help with the functionality of the Website and allow the Website to identify your browser and to recognize what preferences you have and what settings you have made.
You can access more information about cookies at www.allaboutcookies.org.
HESP Alliance uses the following Cookies:
Functional and Required Cookies. We use some necessary cookies because they allow visitors to navigate and key features on the site.
Analytics and Performance Cookies. We use Analytics and Performance cookies to collect information about how visitors interact with the site.
Session Cookies. We use Session Cookies to operate our Services.
Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.
3. How does HESP Alliance process your Personal Data and Customer Data?
HESP Alliance only processes Personal Data to the extent necessary to provide the services and for purposes which are compatible with providing the services, such as directing advertisement regarding the services to you. Customer Data is only processed on your behalf to provide the services to you.
HESP Alliance stores Personal Data and Customer Data in a database. Personal Data is used to contact you and to manage your account and any payments made by you. Customer Data is only processed on your behalf and in accordance with your instructions.
When HESP Alliance processes Personal Data and Customer Data, HESP Alliance complies with all applicable data protection laws as well as any laws and regulations applicable to the services provided to you.
4. Who has access to your Personal Data and Customer Data?
HESP Alliance processes your Personal Data and Customer Data confidentially. HESP Alliance does not sell your data to third parties. In this regard “third parties” shall not entail HESP Alliance subcontractors who assist HESP Alliance in performing the services to you. HESP Alliance has subcontractors such as cloud service providers, and consultants including for IT-support and accounting. HESP Alliance ensures that its subcontractors are liable to keep your Personal Data and Customer Data confidential.
HESP Alliance may further reveal your Personal Data and Customer Data to third parties, including the competent supervisory authority, if it is required by applicable data protection laws or other applicable laws and regulations.
HESP Alliance ensures that access to your Personal Data and Customer Data is limited to the personnel who require such access to perform the services and other processing activities which are compatible with providing the services.
Should Personal Data be submitted or stored by any third party in so called Third Countries, countries outside the EU, the HESP Alliance cannot guarantee that the same level of protection can be offered as that provided for by the GDPR.
5. How long does HESP Alliance store Personal Data and Customer Data?
HESP Alliance will only store Personal Data and Customer Data for a limited period. HESP Alliance ensures that Personal Data and Customer Data will be deleted when it is no longer necessary to retain it to provide the services, or for purposes which are compatible with providing the services.
Personal Data and Customer Data provided by you to HESP Alliance is retained for the duration of your subscription of the services and for a longer period if it is required by applicable laws, for example for any legal, accounting, or reporting requirements or purposes.
6. Direct marketing and the right to opt-out
HESP Alliance may process your Personal Data to provide information regarding HESP Alliance services to you as a Website user, including regular electronic newsletters that you can subscribe to. You have the right to object to HESP Alliance use of your Personal Data for direct marketing under applicable data protection laws. If you wish to object to direct marketing, please contact HESP Alliance by sending an e-mail to contact@hespalliance.org or use the unsubscribe link as provided.
7. Subject Access Requests
You are entitled to additional information regarding HESP Alliance processing of your Personal Data. In case you want to know what Personal Data HESP Alliance stores about you and how your Personal Data is processed, please contact HESP Alliance by sending an e-mail to contact@hespalliance.org (“Subject Access Request”). If you make a Subject Access Request by electronic means, HESP Alliance will provide information regarding the processing of your Personal Data in a commonly used electronic form. The information provided by HESP Alliance shall include the following:
(1) the purposes of the processing;
(2) the categories of Personal Data concerned;
(3) the recipients or categories of recipients to whom your Personal Data has been or will be disclosed, in particular recipients in third countries or international organizations;
(4) where possible, the envisaged period for which your Personal Data will be stored;
(5) whether you are entitled to request rectification or erasure of Personal Data or restriction of processing of Personal Data or to object to the processing or to lodge a complaint with a supervisory authority;
(6) where Personal Data is not collected from you, available information as to the source of the Personal Data;
(7) the existence of automated decision-making, including profiling;
(8) where Personal Data is transferred to a third country or to an international organization, information regarding the appropriate safeguards relating to the transfer;
(9) a copy of the Personal Data undergoing processing.
8. Rights relating to the processing of Personal Data
You are entitled to request rectification or erasure of your Personal Data and to object to the processing of your Personal Data. You may also request restriction of processing of your Personal Data. HESP Alliance is required to update or rectify your Personal Data if the Personal Data HESP Alliance holds on you is inaccurate. HESP Alliance may also be required to delete your Personal Data, in example if you withdraw your consent to the processing or if the Personal Data HESP Alliance stores about you is incorrect or irrelevant.
HESP Alliance undertakes to respond to requests regarding rectification, erasure or restriction of Personal Data, as well as to objections to the processing of Personal Data, in a timely manner. When HESP Alliance receives a request, which is justified according to applicable data protection laws, HESP Alliance shall comply with the request and delete or rectify the Personal Data or restrict or cease the processing of such data.
You have the right to receive the Personal Data, which has been provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit such data to another controller without hindrance from the controller to which the Personal Data have been provided. You also have the right to lodge a complaint with a supervisory authority.
Requests under this paragraph shall be sent to HESP Alliance by e-mail to contact@hespalliance.org.
9. Data security
Your privacy is important to HESP Alliance and HESP Alliance is committed to protecting your Personal Data and your Customer Data. HESP Alliance ensures that HESP Alliance will take all reasonable measures to protect your Personal Data and Customer Data and in particular to prevent unauthorized access to such data.
HESP Alliance wants to make you aware of the risks which are inherent in data transmissions over the Internet since such transmissions are never completely secure. When you provide your Personal Data and Customer Data to HESP Alliance over the Internet you are responsible for the risks of unauthorized access and loss of data which the transmission entails.
HESP Alliance has implemented and maintains a number of technical and organizational security measures to keep your Personal Data and Customer Data safe when stored by HESP Alliance. Such security measures include logical separation, encryption, firewalls and antivirus in accordance with applicable industry standards.
In the event that the security of the Website and the Personal Data be compromised, the HESP Alliance reserves the right to take any appropriate action as set out in the relevant data protection laws, including notifying you and the appropriate regulator of such a breach where required by law.
The Website may carry links to other websites that are not affiliated to nor controlled by the HESP Alliance. Should you access these sites from the Website, HESP Alliance accepts no liability or responsibility over the content, privacy policies, data handling or practices of these sites.
10. User responsibility
As a Website user it is important that you are aware of your responsibility regarding the use of the services. You are responsible for protecting and updating your account information to prevent unauthorized access to your account.
You are also responsible to abide by all applicable laws and regulations. Where you process your own Customer Data which is Personal Data you act as the Data Controller, hence you are responsible for compliance with applicable data protection laws. This entails ensuring the rights of the data subjects and in particular to erase your Customer Data when you no longer need it for the purposes specified by you. If you use free text fields, you are responsible for ensuring that free text fields do not generate processing of excessive or irrelevant Personal Data. You are further responsible for your sharing of your Customer Data, for example when providing access to third parties.
The HESP Alliance may use third-party services in order to provide services on the Website. If you decide to enable, access or use such third-party services, be advised that your access and use of such other services are governed solely by the terms and conditions of such other providers, and the HESP Alliance is not liable for, and makes no representations as to such other services and products, including, without limitation, their content or the manner in which they handle data (including your data) or any interaction between you and the such provider.
11. Changes to our Privacy Policy
HESP Alliance keeps its Privacy Policy under regular review and places any updates on this page. This Privacy Policy was last updated: 29 May 2020.
12. Contact
If you have any questions about HESP Alliance’s Privacy Policy, the data we hold on you, or would like to exercise one of your data protection rights, please do not hesitate to contact HESP Alliance.
HESP Alliance
Philipssite 5B Bus 1 3001, Leuven, Belgium
E-mail: contact@hespalliance.org