Data Protection Statement of IPMA International Project Management Association
This document constitutes the Data Protection Statement (hereinafter referred as DPS) of IPMA International Project Management Association (hereinafter referred as the Association) with its registered office in Zürich (Switzerland).
Each user of the www.ipma.world website is bound by the current DPS located on the indicated website.
If you do not agree with this DPS, please do not visit www.ipma.world
Responsible for the data processing as described in this DPS is the Association. You can notify us of any data protection related concerns, using the following contact details:
International Project Management Association (IPMA)
Central Secretariat P.O. Box 7905
1008 AC Amsterdam, The Netherlands
Tel: + 31 33 247 34 30
Email : [email protected]
2. Type of personal data collected by the Association
By correctly filling in the subscription form for the newsletter on the website www.ipma.world
At the moment of filling in the newsletter subscription form in the Service, you agree to the processing by the Association of your personal data, including the active address of your e-mail account.
When you visit our website, we automatically collect technical information about your visit, such as your IP address, domain name, browser type you are using, operating system type, and so on.
When you contact us via our website, telephone, e-mail, etc., you provide us with your personal data, e.g. your name, surname, e-mail address, etc., with which you can be contacted.
3. Purpose of Data Processing and Legal Grounds
We primarily use collected data in order to conclude and process contracts with our clients and business partners, in particular in connection with Project Management and the advancement of Project Management as a profession as well as in order to comply with our domestic and foreign legal obligations.
In addition, in line with applicable law and where appropriate, we may process your personal data and personal data of third parties for the following purposes, which are in our (or, as the case may be, any third parties’) legitimate interest, such as:
– providing and developing our products, services and websites, apps and other platforms, on which we are active;
– communication with third parties and processing of their requests (e.g., job applications, media inquiries);
– advertisement and marketing (including organizing events), provided that you have not objected to the use of your data for this purpose (if you are part of our customer base and you receive our advertisement, you may object at any time and we will place you on a blacklist against further advertising mailings);
– market and opinion research, media surveillance;
– asserting legal claims and defense in legal disputes and official proceedings;
– prevention and investigation of criminal offences and other misconduct (e.g. conducting internal investigations, data analysis to combat fraud);
– ensuring our operation, including our IT, our websites, apps and other appliances.
If you have given us your consent to process your personal data for certain purposes, we will process your personal data within the scope of and based on this consent, unless we have another legal basis, provided that we require one. Consent given can be withdrawn at any time, but this does not affect data processed prior to withdrawal.
4. How the data are used
All data will be processed by the Association on the basis of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (GDPR).
Personal data shall be used by the Association only for the purpose of performing the contract for the provision of services by electronic means in accordance with the Act on Personal Data Protection and the Act on the Provision of Services by Electronic Means. Once you agree, the collected data will also be used for marketing purposes, market research and research into the behaviour and preferences of the Site’s users.
By filling in the subscription form to the newsletter you also allow to receive the e-mail address of the newsletter provided during registration. The aim of the newsletter is to constantly inform about new products appearing on the website, as well as about promotional and advertising materials concerning the Association.
Technical data collected automatically can be used to analyze the behavior of users using the website www.ipma.pl, as well as for the purpose of maintaining statistics on the audience of our website or to personalize its content. The Administrator hereby informs the User that he uses the following technologies to track the activities undertaken by the User within the Site:
Google Analytics Tracking Code – to analyze the statistics on the Site.
The Association is the only person who has access to the personal data provided by you. Personal data will not be sold or shared with other third parties.
The personal data controller is the Association, which processes personal data in accordance with the Personal Data Protection Act.
Cookies are small text files sent by the Association’s server and saved on the user’s side, which can only be read by the system that saved them. Cookies are only used to help you identify yourself. They store information that is necessary for the proper display of the Association’s website, such as the IP address, domain name and browser type.
Cookies do not allow the collection of any personal or address data of the user, they are not harmful to the computer or to the data of the user, therefore it is recommended not to disable their use in the browser. If you disable the use of these files, some features of the www.ipma.pl website may no longer be available.
6. Retention Periods for your Personal Data
We process and retain your personal data as long as required for the performance of our contractual obligation and compliance with legal obligations or other purposes pursued with the processing, i.e. for the duration of the entire business relationship (from the initiation, during the performance of the contract until it is terminated) as well as beyond this duration in accordance with legal retention and documentation obligations. Personal data may be retained for the period during which claims can be asserted against our company or insofar as we are otherwise legally obliged to do so or if legitimate business interests require further retention (e.g., for evidence and documentation purposes). As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or anonymized, to the extent possible. In general, shorter retention periods of no more than twelve months apply for operational data (e.g., system logs).
7. Data Security
We have taken appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse such as IT and network security solutions, access controls and restrictions.
8. Obligation to Provide Personal Data To Us
In the context of our business relationship you must provide us with any personal data that is necessary for the conclusion and performance of a business relationship and the performance of our contractual obligations (as a rule, there is no statutory requirement to provide us with data). Without this information, we will usually not be able to enter into or carry out a contract with you (or the entity or person you represent). In addition, the website cannot be used unless certain information is disclosed to enable data traffic (e.g. IP address).
9. Your Rights
In accordance with and as far as provided by applicable law (as is the case where the GDPR is applicable), you have the right to access, rectification and erasure of your personal data, the right to restriction of processing or to object to our data processing in addition to right to receive certain personal data for transfer to another controller (data portability). Please note, however, that we reserve the right to enforce statutory restrictions on our part, for example if we are obliged to retain or process certain data, have an overriding interest (insofar as we may invoke such interests) or need the data for asserting claims. If exercising certain rights will incur costs on you, we will notify you thereof in advance. We have already informed you of the possibility to withdraw consent in Section 3 above. Please further note that the exercise of these rights may be in conflict with your contractual obligations and this may result in consequences such as premature contract termination or involve costs. If this is the case, we will inform you in advance unless it has already been contractually agreed upon.
In general, exercising these rights requires that you are able to prove your identity (e.g., by a copy of identification documents where your identity is not evident otherwise or can be verified in another way). In order to assert these rights, please contact us at the addresses provided in Section 1 above.
In addition, every data subject has the right to enforce his/her rights in court or to lodge a complaint with the competent data protection authority. The competent data protection authority of Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).
10. The deregistration process
You can contact the Association at any time if you do not want to receive from us further marketing information, informing about the actions conducted by the Association or the current activity of the Association. Your statement will prevent us from contacting you to the extent indicated by you.
11. Amendments of this Data Protection Statement
We may amend this Data Protection Statement at any time without prior notice. The current version published on our website shall apply. If the Data Protection Statement is part of an agreement with you, we will notify you by e-mail or other appropriate means in case of an amendment.