IFES Data Privacy Statement
What are personal data?
The term “personal data” covers any information relating to an identified or identifiable natural person (‘”data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Who is the controller of data according to the GDPR?
This website is run by:
IFES ASBL, the International Federation of Exhibition and Event Services
Rue de l’Amazone 2
Association registration Number.: 0436.936.993
IFES is an international federation of companies and associations that are active in the field of exhibition, experience and live marketing as well as the meetings, incentive, congress and event (MICE) Industry. IFES represents and promotes the economic, professional and social interests of its members and their profession. It is non-profit organization.
For further details, we kindly refer you to the IFES Statutes.
Has IFES appointed a data protection officer?
For the time being, IFES has not appointed a data protection, as its core activities do not consist of the processing operations which, by virtue of their nature, scope or purposes, require regular and systematic monitoring of data subjects on a large scale (see Art 37 par. 1 b GDPR). Neither does IFES process special categories of data pursuant to Article 9 GDPR, e.g. biometric data (see Art 37 par. 1 b GDPR).
For which purposes does IFES process personal data?
IFES processes personal data for the following purposes:
- the technical administration and on-going improvement of its website for security and usability purposes (website analysis);
- marketing in its own matters and in dedicated matters of its members;
- publications of press releases and industry information;
- market research regarding the exhibition and event industry, including related regulations;
- the self-administration of its members through the personalized area of its website;
- the administration of members and treatment of all related membership issues through its separate data base (work4all).
IFES’ Website analysis, marketing and press publication purposes may require processing of personal data from time to time. Such processing will be necessary to pursue IFES legitimate interests (see Art. 6 par. 1 f) GDPR), since the users of these service can reasonably expect that processing for these purposes may take place (see Recital 47 GDPR), since it is the (designated) IFES member or customers who contacts IFES with the objective to either gather certain information or register for certain purposes.
Processing of personal data in the context of IFES’ online community and the personalized website for its members is necessary for the performance of a contract, i.e. the membership (see Art. 6 par. 1 b) GDPR) and for compliance with legal obligations to which IFES is subject, i.e. IFES’ information duties and billing processes in due course of a membership (see Art. 6 par. 1 c) GDPR).
Who is involved in IFES’ activities and services?
IFES has appointed the following company as its current management office:
Am Bonifatiusbrunnen 19[
Phone: +49 69 95103943
Fax: +49 69 95103949
E-Mail: [email protected]
The management services which Comcret renders to IFES, necessarily require the processing of personal data. Comcret’s services are based on a service agreement and a separate data processing agreement dated 15.05.2018 (see Art. 6 par. 1 b) GDPR). Transfer of personal data between IFES and Comcret takes place through secured SSL connections. Comcret is a micro enterprise pursuant to Commission Recommendation 2003/361/EC and section 38 par. 1 of the German Data Protection Act.
Moreover, IFES has appointed the following service providers to render further dedicated services to IFES:
Representative: Katerina Agadakou
Services: Website Administration Services
Sikinou 2C, Gerakas 15344, Greece
Telephone: +30 210 661 5641
Commercial register: EL800946934
Amoweb’s services are based on a service agreement and a separate data processing agreement dated 20.05.2018 (see Art. 6 par. 1 b) GDPR). Transfer of personal data between Amoweb and IFES takes place through secured SSL connections.
Services: Website Hosting
52080 Aachen, Germany
Telephone: +49 241 601860
Handelsregister Aachen HRB 19194
Honds’ services are based on a service agreement and a separate data processing agreement dated 22.05.2018 (see Art. 6 par. 1 b) GDPR). Transfer of personal data between Honds’ and IFES takes place through secured SSL connections.
For how long does IFES store personal data?
Personal data will be stored for the periods which are required to manage the respective membership and to the extent that this is required to comply with mandatory commercial, tax and bookkeeping rules. The maximum storage period under Belgian accounting rules can be up to 10 years.
Your right of access (Art. 15 GDPR)
You have the principle right to obtain confirmation from IFES, as to whether or not personal data concerning you are being processed, and, where that is the case, access the personal data including inter alia the purpose of processing, the categories of personal data concerned, possible recipients of personal data and the storage period.
For further details, we refer you to the complete wording of Art 15 GDPR.
Your right to rectification (Art. 16 GDPR)
You have the principle right to obtain from IFES without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the principle right to have incomplete personal data completed, including by means of providing a supplementary statement.
For further details, we refer you to the complete wording of Art 16 GDPR.
Your right to erasure and your ‘right to be forgotten’ (Art. 17 GDPR)
You have the principle right to obtain from IFES the erasure of personal data concerning you without undue delay. Conversely, IFEs has the principle obligation to erase personal data without undue delay, e.g. in cases where the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed. However, this right might be limited to the extent that it is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation which requires processing by a Union or Member State or for the establishment, exercise or defence of legal claims.
For further details, we refer you to the complete wording of Art 17 GDPR.
Your right to restriction of processing (Art. 18 GDPR)
You have the principle right to obtain from IFES restriction of processing your personal data in cases where you may contest the accuracy of your personal data, the processing is unlawful, IFES no longer needs the personal data for the purposes of the processing, but you require the data to establish, exercise or defend legal claims, or in cases where you have objected to processing pursuant to Article 21(1) GDPR.
For further details, we refer you to the complete wording of Art 18 GDPR.
Your right to data portability (Art 20 GDPR)
You have the principle right to receive the personal data, which you have provided to IFES, in a structured, commonly used and machine-readable format. You also have the principle right to transmit those data to another controller without hindrance from IFES, provided that the processing is based on a consent or on a contract pursuant to points (a) and (b) of Article 6(1) GDPR.
In exercising your right to data portability, you have the principle right to have your personal data transmitted directly from IFES to another controller, where this is technically feasible.
For further details, we refer you to the complete wording of Art 20 GDPR.
Your right to object (Art. 21 GDPR)
You have the principle right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you, provided such processing is based on IFES legitimate interests, including profiling based on Art. 6 par. 1 e) and f) GDPR. In these circumstances IFES shall no longer process your personal data unless IFES demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or processing is required for IFES to establish, exercise or defend legal claims.
Should IFES process personal data for direct marketing purposes, you have the principle right to object at any time to the processing of your personal data concerning for such marketing, including profiling to the extent that it is related to such direct marketing.
For further details, we refer you to the complete wording of Art 21 GDPR.
Your right to withdraw consents (Art. 7 par. 3 GDPR)
You have the right to withdraw the consent(s) which you may have given regarding the processing of your personal data at any time. Any withdrawal of consent(s) will not affect the lawfulness of processing based on consent(s) before your withdrawal. Should you exercise this right, processing of personal data may still be necessary to the extent that this is required to administer an IFES membership in accordance with Art. 6 par. 1 a) or b) GDPR.
Your right to file complaints
Complaints against IFES in its role as the data controller of data according to Art. 4 No. 7 GDPR should be file with:
Is there a strict need to provide personal data?
Whilst the provision of personal data is neither a statutory nor a formal contractual requirement, the provision of certain personal data is necessary to enter into a membership with IFES and to use the full functionality of its website and website services. Against this background, designated IFES members are not legally obliged to provide the personal data, but the provision of their personal data as set out in the IFES application forms is a condition precedent to enter into an IFES membership.