IHE is fully committed to complying fully with the General Data Protection Regulation (GDPR) and ensuring that IHE Members and business partners are able to exercise the rights the GDPR creates for individuals.
One of the rights of an individual under the GDPR is that they must be informed when their personal data - also known as personal information - is processed (collected, used or stored) by any organisation.
Accordingly, IHE hereby provides you with some general information about IHE’s data collection and processing.
Data Collected by IHE
IHE is a member organisation, which may collect from its members the following categories of information:
- Identifying data: first name and last name, in some cases data of birth and nation ID data. In some cases T shirt size and photo
- Contact data: professional and/or private physical address, email, skype, telephone or other similar information
- Professional information: employer or professional status, skills and qualifications, salary bracket
- Financial information: bank account details
Cookies are short text files stored on a user’s device (such as a computer, tablet or phone) by a website. Cookies are used for the technical functioning of a website or for gathering statistics. Cookies are also typically used to provide a more personalised experience for a user for example, when an online service remembers your user profile without you having to login. When you visit our website, we may collect some data on your browsing experience such as your IP address, the IHE page you visited, when you visited and the website page you were redirected from. This information is used to gather aggregated and anonymous statistics with a view to improving our services and to enhance your user experience. When you visit the IHE website, we will keep the browser history of your visit for a maximum of 13 months. This information will then be deleted.
Purpose of data collection
The data collected, processed and stored by IHE are collected for the purposes of providing services to IHE members. The legal basis is therefore one of legitimate business interest. In order to provide services, such as event management, testing and information services your information may be shared with IHE service providers such as event management providers and use of product testing tools such as Gazelle. When IHE enters into service provision contracts with any party with whom it shares your data, a strict requirement of confidentiality and security of data is included in the contract. In some cases data may be collected for another purpose, if this is the case your explicit consent will be requested and the purpose for data collection fully detailed in written form.
IHE will store your data for the duration of your membership and /or interaction with IHE and for 6 months after your relationship with IHE has ended for IHE management purposes, after this time it will be securely deleted. The period of data retention may be longer where legal rules require, notably in the case of invoicing and other financial transaction data where national or European audit legalisation requires longer data retention.
You are entitled to access the personal data the IHE holds about you and to have them rectified where necessary. In certain cases, you also have the right to have your data blocked or erased or to object to their processing. For more information, please see Articles 13 to 19 of the GDPR. To exercise any of these rights, please contact us using our contact details provided below. We will reply as soon as possible and in any case within three months. Please note that in some cases restrictions under Article 20 of the GDPR may apply.
Further information and complaints
Please contact the IHE-Europe Secretariat:
c/o ECR GmbH, Am Gestade 1, 1010 Vienna, Austria