Skip to main content

Privacy Policy

Privacy Notice

 

Effective as of 25 May 2018

1. Introduction

At GPA Europe, we want to give you the best possible experience to ensure that you enjoy our membership and service offerings. So, we want to transparently explain how and why we gather, store, share and use your personal data - as well as outline the controls and choices you have around when and how you choose to share your personal data.

That is our objective, and this Privacy Policy (“Policy”) will explain exactly what we mean in further detail below.

2. About this Policy

This Policy sets out the essential details relating to your personal data relationship with GPA Europe Ltd. The Policy applies to all GPA Europe services and any associated services (referred to as the “GPA Europe Service”).

From time to time, we may develop new or offer additional services. If the introduction of these new or additional services results in any change to the way we collect or process your personal data we will provide you with more information and additional terms or policies. Unless stated otherwise when we introduce these new or additional services, they will be subject to this Policy.

The aim of this Policy is to:

  1. Ensure that you understand what personal data we collect about you, the reasons why we collect and use it, and who we share it with;
  2. Explain the way we use the personal data that you share with us in order to give you a great experience when you are using the GPA Europe Service; and
  3. Explain your rights and choices in relation to the personal data we collect and process about you and how we will protect your privacy.

We hope this helps you to understand our privacy commitments to you. For information on how to contact us if you ever have any questions or concerns, please see the ‘How to Contact Us’ Section 14 below. Alternatively, if you do not agree with the content of this Policy, then please remember it is your choice whether you want to use the GPA Europe Services.

3. Your rights and your preferences: Giving you choice and control

You may be aware that a new European Union law, called the General Data Protection Regulation or "GDPR" gives certain rights to individuals in relation to their personal data. As available and except as limited under applicable law, the rights afforded to individuals are:

  • Right of Access - the right to be informed of and request access to the personal data we process about you;
  • Right to Rectification - the right to request that we amend or update your personal data where it is inaccurate or incomplete;
  • Right to Erasure - the right to request that we delete your personal data;
  • Right to Restrict - the right to request that we temporarily or permanently stop processing all or some of your personal data;
  • Right to Object -
    • the right, at any time, to object to us processing your personal data on grounds relating to your particular situation;
    • the right to object to your personal data being processed for direct marketing purposes;
  • Right to Data Portability - the right to request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service; and
  • Right not to be subject to Automated Decision-making - the right to not be subject to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect.

In order to enable you to exercise these rights with ease and to record your preferences in relation to how GPA Europe uses your personal data, you can contact the administration team at [email protected] or on +44 (0) 1252 625 542 to provide you with a download of your data and to update communications you receive from GPA Europe.

If we send you electronic marketing messages based on your consent or as otherwise permitted by applicable law, you may, at any time, respectively withdraw such consent or declare your objection (“opt-out”) at no cost. The electronic marketing messages you receive from GPA Europe (e.g. those sent via email) also will include an opt-out mechanism within the message itself (e.g. an unsubscribe link in the emails we send to you).

If you have any questions about your privacy, your rights, or how to exercise them, please see the ‘How to Contact Us’ Section 14 below. We will respond to your request within a reasonable period of time upon verification of your identity. If you are unhappy with the way we are using your personal data you can also contact and are free to lodge a complaint with your local Data Protection Authority.

4. How do we collect your personal data?

We collect your personal data in the following ways:

  1. When you sign up for the GPA Europe Service - when you sign up to any GPA Europe Services, we collect certain personal data so you can use the GPA Europe Service such as, but not limited to, your name, email address, company name, and country.
  2. Through your use of the GPA Europe Service - when you use the GPA Europe Service, we collect personal data about your use of the GPA Europe Service, such as events you have attended, papers you have downloaded, purchase history.
  3. Personal data collected that enables us to provide you with additional services - from time to time, you also may provide us with additional personal data or give us your permission to collect additional personal data e.g. dietary requirements. You always will have the option to change your mind and withdraw your consent at any time. This data will be deleted after the event has occurred.

We use anonymised and aggregated information for purposes that include testing our IT systems, research, data analysis, creating marketing and promotion models, improving our GPA Europe Service, and developing new features and functionality within our GPA Europe website.

5. What personal data do we collect from you?

We have set out in the tables below the categories of personal data we collect and use about you:

Personal data collected when you sign up for the GPA Europe Service

Categories of personal data

Description of category

Account Registration Data

This is the personal data that is provided by you or collected by us to enable you to sign up for and use the GPA Europe website. This includes your email address, address, phone number, and country.

Some of the personal data we will ask you to provide is required in order to create your account.

Event Registration Data

This is the personal data that is provided by you or collected by us to enable you to register to our Events. This includes, but is not limited to; your name, email address, address, phone number, country, emergency contact details, dietary requirements, special access requirements.

Some of the personal data we will ask you to provide is required in order to book your accommodation, arrange catering, provide formal registration.

Personal data collected through your use of the GPA Europe Service

Categories of personal data

Description of category

GPA Europe Service Usage Data

This is the personal data that is collected about you when you are using the GPA Europe Service - this may include:

  • Information about your type of GPA Europe membership.
  • Information about your interactions with the GPA Europe Service which includes the date and time of any requests you make, membership purchased, papers downloaded, GPSA Databooks purchased, events signed up to.
  • Technical Data which may include URL information, your IP address, the types of devices you are using to access or connect to the GPA Europe Service; browser type, language and operating system.

Personal data collected with your permission that enables us to provide you with additional features/functionality

Categories of personal data

Description of category

Payment Data

We may collect such personal data if you make other purchases through GPA Europe. The exact personal data collected will vary depending on the payment method (e.g. direct via PayPal, Bank Transfer or by Credit Card) but will include information such as:

  • Name;
  • Company Name;
  • Credit or debit card number, expiration date, and CSV number;
  • Invoice Address.

No Credit Card details taken over the phone are stored.

Marketing Data

This personal data is used to enable GPA Europe to send you marketing communications via email.

6. What do we use your personal data for?

When you use or interact with GPA Europe, we use a variety of technologies to process the personal data we collect about you for various reasons. We have set out in the table below the reasons why we process your personal data, the associated legal bases we rely upon to legally permit us to process your personal data, and the categories of personal data (identified in Section 5 ‘What personal data do we collect from you?’) used for these purposes:

Description of why GPA Europe processes your personal data (‘processing purpose’)

Legal Basis for the processing purpose

Categories of personal data used by GPA Europe for the processing purpose

To understand how you access and use the GPA Europe website to ensure technical functionality of the GPA Europe website, develop new products and services, and analyse your use of the GPA Europe website, including your interaction with products, and services that are made available, linked to, or offered through the GPA Europe website.

  • Performance of a Contract
  • Legitimate Interest
  • Account Registration Data
  • Service Usage Data

To communicate with you for GPA Europe Service-related purposes.

  • Performance of a Contract
  • Legitimate Interest
  • Account Registration Data
  • Service Usage Data

To process your payment for the use of GPA Europe Services.

  • Performance of a Contract
  • Compliance with legal obligations
  • Legitimate Interest
  • Payment Data

To communicate with you directly for:

  • marketing,
  • research,
  • participation in surveys,
  • promotional purposes,

via emails consistent with any permissions you may have communicated to us.

  • Consent
  • Legitimate Interest
  • Surveys Data
  • Marketing Data

7. Sharing your personal data

We have set out the categories of recipients of the personal data collected or generated through your use of the GPA Europe Service.

Publicly available information

The following personal data will always be publicly available on the GPA Europe website when Corporate Membership has been purchased: company name, your name, email address.

Personal data you may choose to share

The following personal data will only be shared with the categories of recipients outlined in the table below if:

Categories of Recipients

Reason for sharing

GPA Europe Conference Delegates

There may be times when you want us to share certain personal information to other GPA Europe Conference Delegates.

For example, you may like to be added to the Delegate list for a Conference, you can opt in to this during registration, but you can also ask to be removed at any time.

Information we may share

Categories of Recipients

Reason for sharing

Service Providers and Others

We use service providers who operate the technical infrastructure that we need to provide the GPA Europe Service, in particular providers which host, store, manage, and maintain the GPA Europe website, its content and the data we process.

We also use service providers for the sole purpose of providing event registration services for our conferences, for example Hotels and DMCs.

Law Enforcement and Data Protection Authorities

We will share your personal data when we in good faith believe it is necessary for us to do so in order to comply with a legal obligation under applicable law, or respond to valid legal process, such as a search warrant, a court order, or a subpoena.

We also will share your personal data where we in good faith believe that it is necessary for the purpose of our own, or a third party’s legitimate interest relating to national security, law enforcement, litigation, criminal investigation, protecting the safety of any person, or to prevent death or imminent bodily harm, provided that we deem that such interest is not overridden by your interests or fundamental rights and freedoms requiring the protection of your personal data.

8. Data retention and deletion

We keep your personal data only as long as necessary to provide you with the GPA Europe Service and for legitimate and essential business purposes, such as maintaining the performance of the GPA Europe Service, making data-driven business decisions about new features and offerings, complying with our legal obligations, and resolving disputes. We keep some of your personal data for as long as you are a user of the GPA Europe Service. For example, you are a member; have requested to use the services on our website; or have requested to be on our Mailing List.

If you request, we will delete or anonymise your personal data so that it no longer identifies you, unless, we are legally allowed or required to maintain certain personal data, including situations such as the following:

  • If there is an unresolved issue relating to your account, such as an outstanding credit on your account or an unresolved claim or dispute we will retain the necessary personal data until the issue is resolved;
  • Where we are required to retain the personal data for our legal, tax, audit, and accounting obligations, we will retain the necessary personal data for the period required by applicable law; and/or,
  • Where necessary for our legitimate business interests such as fraud prevention or to maintain the security of our users.

9. Transfer to other countries

GPA Europe may share your personal data globally with other companies in the GPA Chapter in order to carry out the activities specified in this Policy, such as organising a joint conference. This includes to GPA Chapter companies in the following countries: Canada, Middle East, and the United States of America. GPA Europe may also subcontract processing to, or share your personal data with, third parties located in countries other than your home country. Your personal data, therefore, may be subject to privacy laws that are different from those in your country of residence.

Personal data collected within the European Union may, for example, be transferred to and processed by third parties located in a country outside of the European Union. In such instances GPA Europe shall ensure that the transfer of your personal data is carried out in accordance with applicable privacy laws.

10. Links

We may display advertisements from third parties and other content that links to third-party websites. We cannot control or be held responsible for third parties’ privacy practices and content. If you click on a third-party advertisement or link, please understand that you are leaving the GPA Europe Service and any personal data you provide will not be covered by this Policy. Please read their privacy policies to find out how they collect and process your personal data.

11. Keeping your personal data safe

We are committed to protecting our users’ personal data. We implement appropriate technical and organisational measures to help protect the security of your personal data; however, please note that no system is ever completely secure. We have implemented various policies including encryption, access, and retention policies to guard against unauthorised access and unnecessary retention of personal data in our systems.

Your password protects your user account, so we encourage you to use a unique and strong password, limit access to your computer and browser, and log out after having used the GPA Europe Service.

12. Children

The GPA Europe Service is not directed to children under the age of 13 years. However, in some countries, stricter age limits may apply under local law.

We do not knowingly collect personal data from children under 13 years or under the applicable age limit (the “Age Limit”). If you are under the Age Limit, please do not use the GPA Europe Service, and do not provide any personal data to us.

13. Changes to this Privacy Policy

We may occasionally make changes to this Policy.

When we make material changes to this Policy, we’ll provide you with prominent notice as appropriate under the circumstances, e.g. by displaying a prominent notice on the GPA Europe website or by sending you an email. We may notify you in advance.

Please, therefore, make sure you read any such notice carefully.

If you want to find out more about this Policy and how GPA Europe uses your personal data, please contact us to find out more.

14. How to contact us

Thank you for reading our Privacy Policy. If you have any questions about this Policy, please contact us by using the details below:

Write to us at: Willow Cottage, Stroud Lane, Crookham Village, Fleet, Hampshire, GU51 5ST

Email us at: [email protected]

Call us on: +44 (0) 1252 625 542

GPA Europe is the data controller for the purposes of the personal data processed under this Policy.