Open Finance Association Europe Privacy Policy
This Privacy Policy informs you of Open Finance Association’ policies regarding the processing of your personal data when you use our Services.
Definitions
Data controller: the person who, alone or jointly with others, determines the purposes and means of the processing of personal data. In the present case, the Data Controller is “Open Finance Association” (“OFA”, “we”, “our” or “us”). Open Finance Association Europe is a Belgian AISBL (Association Sans But Lucratif) registered under number ……….in Belgium and has its office at 23 Avenue Marnix, 1000 Brussels, Belgium.
Personal data: any information relating to an identified or identifiable natural person (“Data Subject”). In the present case, the Data Subject is the user (“you” or “your”) using our Services.
Services: any service provided by OFA on its website, including surfing the website and subscribing to our newsletter.
Data processor: a person who processes personal data on behalf of the Data controller.
What type of data do we collect?
When you use our Services, we may ask you to provide us with certain personal data of yours, including:
(i) if you subscribe to our newsletter:
– first name and last name;
– address (only if you subscribe to our newsletter; non-compulsory field), email address and phone number (non-compulsory);
– where you currently work and your job title;
– sector of interest and sector of activity.
(ii) if you contact us:
– the information you decide to provide, including your email address, first name and last name.
Furthermore, we also use cookies to improve our Services and give you the best journey around our website. We use cookies and similar technologies to track the activity on our website and then hold such information. Information obtained via cookies is collected either directly by us or by third parties. The information we collect via cookies may include: your IP address, your browser type, your operating system, the pages you view on the Website, the pages you view immediately before and after you access the Website, the search terms you enter on the Website, your mobile device data and local settings i.e. language.
In the settings of your browser, such as Internet Explorer, Safari, Firefox or Chrome, you can set which cookies to accept and which to reject. If you choose not to accept certain technical and/or functional cookies, you may not be able to use some functions on our website. For more information, please check our Cookie policy.
Purposes and legal bases
We process your personal data upon your consent, pursuant to the General Data Protection Regulation (GDPR). Remember, you can withdraw your consent at any time. We may also process your personal data relying on our legitimate interest, in case we send you, for instance, certain direct marketing communications.
We may use the information we collect for various purposes:
- providing you with information about the website;
- providing you with services or information you request;
- inviting you to join events;
- delivering marketing communications, promotional materials, or advertisements that may be of interest to you;
- allowing us to improve the website and the services we provide, such as by better tailoring our content to our users’ needs and preferences;
- generating and analysing statistics about your use of the website;
- detecting, preventing, and responding to fraud, intellectual property infringement, violations of our Terms of Use, violations of law, or other misuse of the website; and
- such other uses within the context of the foregoing uses.
We may disclose the information we collect from you through the website:
- to Data Processors such as service providers who work on our behalf in furtherance of our operations or to third parties to the extent reasonably necessary and solely for security reasons to ensure safe access to premises;
- to competent authorities in response to their request for information when it is our legal obligation;
- to affiliates, service providers, advisors, and other third parties to the extent reasonably necessary to proceed with the negotiation or completion of a merger, acquisition, or sale of all or a portion of our assets.
We may disclose the information you provide to us (including first name and last name; email address; where you currently work and your job title; sector of interest and sector of activity) when registering for our newsletter to third parties sponsoring our newsletters as part of the setting of the newsletter itself. The third parties sponsoring our newsletters may process that information for marketing or commercial reasons. To that end, the third parties sponsoring our newsletters act as separate Data Controllers in relation to your personal data. Please also refer to their privacy policies when subscribing to our newsletters – the name of the third party is clearly represented in the registering page. In addition, we may share aggregated and anonymised data with third parties.
Where is your personal data processed?
Your personal data may be processed in any country(ies) of the European Economic Area (EEA).
We may transfer data to a country outside the EEA only when that country ensures an adequate level of protection within the meaning of the legislation in force and, in particular, within the meaning of the GDPR, including, but not limited to, the list of countries to which the European Commission has issued an adequacy decision. You can check the list here. Should we be obliged to provide the personal data to a government/public authority outside the EEA, we will take, where appropriate, all the reasonable steps to ensure that that public body is entitled to do so. Additional safeguards will be put in place in case we are not satisfied with the level of protection granted by the third country in question. Should we be using standard contractual clauses (SCCs) as provided by the European Commission, or any other contractual arrangements, you can request a copy thereof.
Additional information
– How long do we keep your personal data?
Your personal data will be retained until you withdraw your consent or, at the latest, three (3) years after your last contact with OFA (e.g. a contact may be a request for documentation, a registration for our newsletter, or a click on a hyperlink in an e-mail we sent to you).
– Social media
We use or may use social media and instant messaging platforms in particular to promote our services and share information about our work.
On our Website we can place social media plugins (i.e., like or share buttons). We advise you to carefully read privacy policies of your social media platforms and your own privacy settings therein.
You will not be subject to any automated decision-making, including profiling.
Your rights
You can exercise your rights by writing to us at the following email address: info@openfinanceassociation.eu.
– Right of access
You have the right to obtain from us confirmation as to whether or not your personal data are being processed, and, where that is the case, access to the personal data and to all the information listed under Article 15 GDPR.
– Right to rectification
You have the right to obtain from us rectification of inaccurate personal data of yours, pursuant to Article 16 GDPR.
– Right to erasure (‘right to be forgotten’)
You have the right to obtain from us the erasure of your personal data, pursuant to Article 17 GDPR.
– All other Data Subjects’ rights listed under the GDPR, such as the right to data portability.
We will not charge any fee for responding to your requests, unless they are obviously unfounded or excessive. We will reply to your request without delay.
If you no longer wish to receive communications from us, please click on the “unsubscribe link” contained in our email. You can always contact us if you have any other questions about how your personal information is used or about your rights.
For all issues arising from this Privacy Policy, including requests to exercise data subject rights, you can contact us:
Email:
info@openfinanceassociation.org
Address:
23 Avenue Marnix,
1000 Brussels
Belgium
If you have a complaint or concern about how we use your personal data, please contact us in the first instance and we will attempt to resolve the issue as soon as possible.
If you remain dissatisfied, you may complain to Data Protection Authority (https://www.autoriteprotectiondonnees.be/) at any time.
Changes to our Privacy Policy
If we update this Privacy Policy, we will notify you of any changes as required by law. We will also post an updated copy on our Website. It will have a different date from the one set out above. Please check our website periodically for updates.
(Updated: 12 September 2022).
Copyright OFA 2022