Privacy Policy
The AIDP Privacy Policy
This is the privacy policy that relates to the processing of personal data by the Association Internationale de Droit Pénal (AIDP/IAPL).
Personal data means any information that identifies or enables to identify a natural person (i.e. name, address, pictures, IP-address etc.).
AIDP is committed to protecting your personal data in accordance with the principles of EU law as outlined in the General Data Protection Regulation (GDPR) 2016/679.
The purpose of this privacy notice is to explain how we collect, use, store and otherwise handle your personal data as well as information on how you can exercise your rights as a data subject.
WHY WE COLLECT PERSONAL DATA
We collect personal data for a number of purposes:
-
To register people for courses, events and conferences;
-
To respond to communications, queries or requests for information or services;
-
For recruitment and human resource purposes;
-
For auditing purposes;
-
For marketing purposes;
-
For procurement of services;
-
For managing relationships with partners;
-
For research in connection with our mission and objectives;
-
To comply with our legal or regulatory obligations.
AIDP only processes persona data when it has a legal basis for doing so. This legal basis will depend on the circumstances however generally our processing will be based on the following:
We have obtained your consent to use your data for a specific purpose e.g. when you register for a course or sign up to our mailing list you will be asked to give your consent. You may withdraw your consent at any time by contacting us at secretariat@penal.org
-
Processing is necessary in order to enter into a contract with us, for example for employment or provision of services;
-
Processing is necessary to comply with our Data will be processed in accordance with the applicable law, which may include retaining and reporting your personal data to official authorities for compliance with tax, customs or other legal obligations;
-
Processing is necessary for our legitimate interests, eg. for marketing AIDP’s conferences and events and to carry out our project activities. This legal basis will only be relied upon where we’ve identified the purpose (the legitimate interest), assessed that the processing is necessary for that purpose and conducted a balancing test to ensure that this interest is not overridden by the interests, rights and freedoms of the individual.
HOW WE COLLECT DATA
-
Communications;
-
Financial and Supporter Information;
-
Wi-Fi;
-
Mailing lists;
-
Registrations to events;
-
Volunteers and Applicants Information;
-
Google Analytics.
DO WE USE COOKIES?
Yes. Cookies are small files that a Website or its service provider transfers to your computer’s hard drive through your Web browser (if you allow them) that enables the Websites or service providers’ systems to recognize your browser and capture and remember certain information.
We use cookies to help us remember and process the items in your shopping cart, to understand and save your preferences for future visits, to keep track of advertisements, and to compile aggregate data about Website traffic and Website interaction so that we can provide better Website experiences and tools in the future. We may contract with third-party service providers to assist us in better understanding our Website visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.
If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via your browser settings. Like most Websites, if you turn your cookies off, some of our services may not function properly. However, you can still place orders over the telephone or by contacting customer service.
WHAT TYPE OF COOKIES WE USE?
Google Analytics:
-
Cookies that collect information about users. These cookies help to make reports and analysis for Website improvement. They collect anonymous information such as the number of visitors, how they reached our Website, and which pages they viewed.
HOW DO WE PROTECT YOUR PERSONAL DATA?
We use appropriate technical, organizational and administrative security measures to protect any information we hold from loss, misuse, and unauthorized access, disclosure, alteration and destruction.
Please, remind that safety is never 100%, we cannot and do not guarantee the full security or confidentiality of the information collected.
WHO IS YOUR PERSONAL DATA SHARED WITH?
We only share your personal data with your consent and/or where necessary for the abovementioned purposes. We may permit third-parties to access your information when it is necessary for the third-parties to process data on our behalf in furtherance of our activities that you have consented to, when the disclosure of such data is in your interest, or when it is required by law. We will conduct any necessary step to ensure the third-party’s reliability.
We exchange data with our service providers, suppliers, and subcontractors. We also exchange data with other third-parties collaborating with, or acting on behalf of, us. These subjects are strictly forbidden to share this data with others. These persons are also strictly forbidden to share this data for any purposes different than those agreed upon with us.
SHARING OF DATA WITH THIRD COUNTRIES
We will also transfer your data for processing them in countries with a different data protection regulation. Please, bear in mind that such countries may have a different data protection laws than yours.
By using our services, or giving us consent when required, you allow us to transfer and retain your personal information in all the different countries where our affiliates or service providers have their facilities. We will conduct any necessary step to ensure these third parties compliance with GDPR.
LINKED WEBSITES
This Website may contain links to other sites not related to us. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
The presence of a third-party’s link on our Website does not signify an endorsement of the third-party’s data handling practices, nor does it signify that the third-party’s practices fall under this Privacy Policy.
We recommend you pay attention to your moving between different services and that you read carefully the privacy statements of each Website you travel to.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
Your personal data is retained only for as long as necessary in accordance with the purpose for which it is collected (see above). When your personal data is no longer necessary for these purposes, it will be deleted.
YOUR RIGHTS AS THE DATA SUBJECT
As a data subject you have certain rights over the processing of your own data, including:
-
The right to request information regarding the personal data that we process;
-
The right to have inaccurate or incomplete information corrected;
-
The right to delete personal information that we hold;
-
The right to restrict the processing of your data in certain circumstances; and
-
Right to judicial review: in the event that we refuse your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in the process below.
You can exercise these rights through verbal or written request by emailing us at secretariat@penal.org. We will provide the requested information or take the requested action within one month. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. In that case, we will inform you of this extension within one month of the request, together with the reasons for the delay.
You also have the right to lodge a complaint with the corresponding data protection supervisory authority in your country of residence. Please note that a nominal fee may be assessed for each request, consistent with applicable law. In addition, there may be some narrow exceptions to the rights displayed above.
CHANGES TO THIS PRIVACY NOTICE
This privacy information will be reviewed and updated regularly, where necessary. In the event that the Policy is changed, the date and nature of the change will be clearly indicated in this document. In the event that the change has a material impact on the handling of your personal information, we will contact you to inform you of the changes and where appropriate seek your consent.
REVISIONS
Updated to take into account the EU General Data Protection Regulation, which entered into force on May 25 2018.