This statement discloses the privacy practices for the IIDA Headquarters.
IIDA Headquarters takes your privacy seriously. We process personal data in different contexts and we do so by fully respecting your privacy and your other rights and freedoms, as part of our unwavering commitment to ethical and responsible practices.
This Privacy Policy describes how we treat the information we collect. Please read this notice carefully.
Privacy Policy
IDA follows the principles of the EU-U.S. Privacy Shield Framework and the EU instituted General Data Protection Regulation (GDPR).
Questions or concerns regarding this statement should be directed to IIDA Headquarters at iidahq@iida.org.
IIDA and Your Privacy
We recognize personal data as any information related to an identified or identifiable individual. Depending on the context of your interactions with IIDA Headquarters, we collect and use different types of personal data.
Types of personal data we collect from:
- Members: include contact information, education details and history, employment, role, and payment account information (only the last four digits of credit cards are stored in our system).
- Prospect clients: include name and contact information.
- Customers of IIDA Headquarters (including registrations for events, programs, competitions, etc.): We access personal data which may include sensitive information, only when it is necessary, to provide the service.
- Vendors and suppliers: include name, tax and financial information, contact information for key personnel, language, communications and segmentation.
- Website and social media users: In addition to the information visitors volunteer, we automatically collect the domain name, Internet Protocol (IP) address, browser type and version, operating system and platform, average time spent on our website, pages viewed, information searched for, access times and other relevant statistics. Our website also uses cookies.
IIDA Headquarters receives and uses various types of personal data in order to conduct our day to day business activities. We apply the data minimization principle in the collection and use of personal data ensuring that we only collect information that is necessary and by fair means, and providing notice and requiring consent when necessary.
Some of this data is collected directly from you in the following situations when:
– You apply for membership or a competition.
– You register for an event, program, webinar, etc.
– When you browse, or use our website, e-commerce services, or social media pages.
IIDA Headquarters applies the storage limitation principle in order to retain personal data in our records only for the length of time required to fulfill the purpose for which the data was collected. We do not keep personal data for longer than is necessary, and what is necessary depends on specific circumstances such as regulations requiring to retain information for a certain period of time and limitation periods of legal claims.
The retention period depends on the context in which we process data:
– 7 years for data we gather on past members
– Indefinitely for current members and non-members who have registered for an event, program, competition, etc.
– At times, IIDA Headquarters engages third party service providers and other vendors to help us accomplish our business objectives. There are other circumstances where we are required by law to disclose personal data to third parties such as public bodies or judicial authorities.
We engage with third party contractors, service providers, and other vendors. If the engagement involves the transmission of personal data, IIDA Headquarters requires the service provider to treat that data consistent with this Policy.
In certain circumstances, IIDA Headquarters may be required to disclose personal information when required by law, when required to protect our legal rights, or in an emergency situation where the health or security of an individual is endangered.
We may also disclose personal data in the context of any sale or transaction involving all or a portion of the business.
IIDA Headquarters is committed to the security, confidentiality, and integrity principle. We take commercially reasonable precautions to keep all information obtained secure against unauthorized access and use and we periodically review our security measures. We are committed to processing your data in a secure manner and have put in place specific technical and organizational measures to prevent the personal data we hold from being accidentally or deliberately compromised.
IIDA Headquarters uses Symantec Website Security for its sites security certificates. Please be aware that these protection tools do not protect information that is not collected through our Website, such as information provided to us by e-mail.
We also conduct information risk assessments, we ensure that our staff understands the importance of protecting personal data, and we are responsibly managing access rights within the company. We include both physical security and IT security in our overall data security approach. We are diligent in selecting vendors that process personal data on our behalf so that they also ensure appropriate technical and organizational measures to protect the data.
IIDA Headquarters makes reasonable efforts to notify individuals and regulatory authorities, as required by law, if we reasonably believe that personal information has been stolen, disclosed, altered or infringed by an unauthorized person. We create and maintain a breach notification and reporting protocol.
If you reside or otherwise find yourself in the territory of Europe, IIDA Headquarters is committed to facilitate the exercise of your rights granted by the European data protection law. Otherwise you can contact us at any time to discuss your privacy concerns.