Privacy-policy

This privacy policy describes the collection, use and processing of personal data by The European Council of the paint, printing and artist’s colours industry denominated “CEPE”, acting as the data controller of this information as defined by the General Data Protection Regulation of the European Union (the EU GDPR).

  • 1. About CEPE and your data privacy rights CEPE is established as a non-profit making international association under Belgian law (aisbl). CEPE’s address is: Boulevard du Triomphe 172 , 1160 Brussels (Auderghem), Belgium.

    • 1.1 Your data privacy rights – CEPE is committed to the highest data privacy standards and to protecting the personal data it collects and processes. CEPE has to that end deployed this data privacy policy and organisational and IT technical measures to prevent data breaches and unlawful use. As a data controller, our responsibility notably implies that we provide you with the right to consult, correct or remove any of your personal data. 
       -> Should you wish to consult, complete, rectify or remove any of the information that we hold about you or your organisation, please contact us at: secretariat@cepe.org

       ->To know more about your data protection and privacy rights please consult the Belgian supervisory authority – the Commission for protection of privacy – at www.privacycommission.be/en (site available in English, French and Dutch).

  • 2. About the personal data we collect and the way we use them

    • 2.1 Personal data – As a member of CEPE or an external stakeholder, you may provide us with personal data information when using our website, interacting with us on social media, registering for information or events. The data we collect can include your organisation’s name, title, job title, first name, family name, function, telephone number, mobile phone number, mailing address, e-mail, social media account (s) and web address or photo, as well as where applicable, CEPE working groups memberships, subscriptions to CEPE information, interests in topics we work on, and attendance at CEPE meetings. Some of this data is considered as personal data under the EU GDPR. In most instances, we collect personal data directly from the data subjects, but we may sometimes obtain personal data from third parties such as directories or EU institutions websites.

    • 2.2 Purpose of use and processing – the information that you provide us with will be used for the purpose of contacting you, fulfilling your online requests or facilitating your access to members-only content and/or providing you with relevant and updated information about our organisation, its activities and positions. More specifically, as part of its general mission, CEPE processes personal data for the following purposes:

      ->For membership management and general administration: CEPE has legitimate interests in the processing of personal data of the contact persons across its membership for the purpose of administering or informing its membership or for the governance of the association (such as the organisation of general assemblies and board meetings). CEPE also processes the personal data of representatives and contact persons of entities with which CEPE contracts, such as consortiums, services providers or consultancies.

      ->For research, information, publication and advocacy purposes: CEPE processes contact details of journalists, Members of European Parliament, officials from the European Commission and from EU Member States, academics, consultants and industry experts and European affairs stakeholders for the purposes of carrying out its research, information, and advocacy activities.

      ->For events organisation: CEPE processes identification details of individuals who register to participate to events and conferences it organises for the purpose of managing the registration, invoicing and participation to such events under the general terms and conditions that are expressly accepted by the individuals and/or based on consent for certain personal data.

      >For websites security and content access: CEPE processes identification data from individuals who register themselves on websites managed by CEPE and give their express consent to receive newsletters or information from CEPE. CEPE also processes identification data from members or content subscribers to facilitate their personal access to the meeting documents of their working groups or subscribed content.

    • 2.3 Explicit consent, retention and right of consultation and modification – Your prior informed, explicit, consent for the use and processing of your personal data will be requested for registering to CEPE mass communication such as newsletters or event participation. Your consent will also be specifically asked for photos or multimedia content that may enable the recognition of participants at events. Your personal data will be kept as long as you are a designated person of your organisation in relation with CEPE or its members and, otherwise provided by law, for the time that is strictly necessary to achieve the purpose(s) for which they were collected. Should you wish to withdraw your prior informed consent, consult, complete, rectify or remove any of the information that we hold about you, please contact us at: secretariat(at)cepe.org. Such data will usually be removed within five working days but will always be removed within one month of such written request being received. It is the responsibility of the Managing Director, to ensure GDPR compliance and in case of query, contact secretariat(at)cepe.org in the first instance.

    • 2.4 Data sharing – As a non-profit organisation CEPE does not share or sell any personal data to third parties for any commercial purposes. Where CEPE hires service providers for activities that require access to the data of relevant members that need to be part of these activities CEPE will share these data after consent of the relevant members. The IT supplier will be the only party for which the access will be implicit and automatic as part of their work on the Customer Relation Management platform. Personal data may be shared with CEPE members for the same legitimate interest and purpose CEPE uses them. Your personal data may be processed outside the European Union. In such case, the transfer of data is governed by a data processing agreement to provide adequate safeguards as defined by the EU GDPR. CEPE may provide aggregated statistical information to reputable third parties. Such information will not allow any user to be personally identified.

    • 2.5. Risk assessment – The processing of your personal data was self-assessed as presenting limited risks for your fundamental rights considering that only professional information is used and that adequate measures are in place to prevent data breaches.

  • 3. About our website, social media and our cookies policies

    • 3.1 Cookies for functional purposes- During the course of any visit to CEPE websites, the pages you view, along with a short text file called a ‘cookie’, are downloaded to your computer. Many websites do this, because cookies enable website publishers to do useful things like find out whether the computer (and probably its user) has visited the website before. A cookie is a small amount of data, which often includes an anonymous unique identifier that is sent to your browser from a website’s computer and stored on your computer’s hard drive. Information supplied by cookies can help us to provide you with a better online user experience and assist us to analyze the profile of our visitors. For example: if on a previous visit you went to our Member pages, we might find this out from your cookie and highlight Member information on your second and subsequent visits. When using this information, we do so on an anonymous and aggregate basis without viewing any of your personal details. For more information about cookies and how to disable them, please visit: www.aboutcookies.org

    • 3.2 Cookies for analytical purposes.CEPE use also Google Analytics for analytical purpose. Google collects information through our use of Google Analytics on our website. They are using cookies to collect information that is used either in aggregate form to help us understand how our websites are being used to help us improve our websites and application for you in order to enhance your experience. Your personal data use are covered by the terms and conditions and privacy policies To get a general picture of what data Google is gathering, you may take a look at Google’s privacy policy:

    • 3.3 Social media and privacy policies – When interacting with our social media channels ( LinkedIn) your consent and personal data use are covered by the terms and conditions and privacy policies of these social media platform.

    • 3.4 Third parties websites and social media – Our website (s), social media channels and electronic communication tools may also contain links to websites or social media channels of third parties. These links are provided for your information and convenience only. CEPE does not endorse, approve or take any responsibility for the websites or social media channels which we provide links to. We also do not endorse, approve or take any responsibility for their availability, performance, content or for the use of such websites or social media channels or any information contained therein. CEPE’s data privacy policy applies only to CEPE’s databases, website(s), and electronic communication media and not to any other websites or media that you would access by hyperlink from our website (s) or our social media. When you leave our website by linking to another site or through social media, you should read the privacy policy, if any, provided by such website or media.

    • 3.5 Photographs Photographs taken at CEPE events and meetings may be used in marketing material and may therefore be in the public domain. Personal data will not be published alongside the photograph unless the individual is a speaker or has a key role at the event or at the CEPE organisation. In case of query or to ask not to be included in such photographs, please email to secretariat@cepe.org

  • 4. Marketing choices regarding your personal information Where we have your consent to do so (e.g. if you have subscribed to one of our e-mail lists or have indicated that you are interested in receiving information from us), we send you communications by email about topics and services that we feel may be of interest to you. You can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.

  • 5. Policy update and notifications

CEPE may update this policy at any time by posting changes online. Any such changes will be notified to registered contacts and to website visitors in order to be read and accepted.