Sea the future - Privacy
Who are we
Our responsibility and commitment to privacy
We are committed to protecting the privacy of your personal data. We work to ensure that we comply with the Algemene Verordening Gegevensbescherming including lower rules and regulations (AVG), implementing Regulation (EUR) 2016/679 of the European Parliament and the Council on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC both as amended from time to time (the GDPR and jointly with the AVG, the Data Protection Legislation). Sea The Future is responsible for the use of any personal data as a 'controller’ within the meaning of the Data Protection Legislation.
Collecting personal data
How we collect personal data
We may collect personal data directly from you in a number of circumstances, including when you visit our website, contact us, raise a query or complaint with us, sign up to one of our mailing lists or otherwise interact with us.
We may also collect your personal data from third parties, including government agencies, regulators, commercial counterparties, research institutions and third party service providers and from publicly available records.
The types of personal data we collect
Depending on the nature of our relationship and interactions with you, we may collect a range of personal data. This includes your IP address, pages you visit, name, contact details (including your address, email address and phone number), date of birth, gender, nationality and organisation. If you attend one of our events, we may also take audio or visual recordings which identify you.
Why we collect personal data
The purposes for which we collect your personal data depend on the nature of our relationship and interactions with you. These purposes may include our legitimate interests to:
- generate usage statistics;
- provide for (additional) functionality of our website;
- manage our website and improve accessibility;
- undertake charitable activities;
- respond to your requests for data, complaints and other enquiries;
- market, including by informing you of activities, events and developments (as further described below);
- comply with our contractual, legal or regulatory obligations or exercising our legal rights;
- monitor, analysing or improving our business, services or website; and
- manage our relationship or interactions with you.
Legal bases for processing personal data
We process your personal data where it is in our legitimate interests to do so. We believe that our use of your personal data is within a number of our legitimate interests, including the purposes listed above under the heading 'why we collect personal data'. Given the specific purposes for which we envisage using your personal data, under the Data Protection Legislation, we are of the view that we do not need your (prior) consent to do so.
We may also process your sensitive personal data where it is in the course of our activities as a not-for-profit body.
Cookies and analytics
You may choose to remain anonymous or use a pseudonym in your communications with us where it is lawful and practicable. However, if you choose to do so, please note that we may not be able to provide you with data or goods and services, or effectively manage our relationship with you.
Storing personal data
We will protect your personal data with adequate means from misuse, interference and loss and from unauthorised access, modification or disclosure. We also endeavour to take reasonable steps to destroy or de-identify personal data that we no longer require.
We maintain physical security over paper and electronic data stores, including through the use of locks and security systems at our premises. We also maintain computer and network security such as firewalls to protect your personal data and to control access to our computer systems.
We secure communications between your browser and this website with encryption technology wherever possible. We also encourage you to exercise care in sending personal data via the internet.
Using and disclosing personal data
General use and disclosure
We may use and disclose your personal data for our legitimate business purposes, including for the purposes set out above in relation to our collection of personal data. For example, we may disclose your personal data to:
- our internal divisions, business units, departments or related entities;
- our representatives, agents or contractors who assist us in administering our business (including for data storage or processing, printing, mailing, marketing, planning, research and good or service development) or provide services to us;
- our advisors (including lawyers and accountants), insurers, auditors and financiers;
- other parties when required by law, such as law enforcement entities or regulators; and
- potential investors in, or purchasers of, any part of our business.
We use an external hosting provider to service our website. This means that your personal data will be transferred to this hosting provider (as a data processor). Any processing of your personal data will be laid down in processing agreements that are compliant with the requirements of the data Protection Legislation.
We may transfer your personal data outside of the EEA provided that the means of transfer provides adequate safeguards in relation to your data, including such safeguards as are required in accordance with Chapter V of the GDPR meaning that your personal data will be protected by appropriate safeguards such as standard contractual clauses as approved y the European Commission (and possibly required supplementary measures).
Your data protection rights
Under the data Protection Legislation you have the following rights with regard to your personal data we use and process of you:
- access to your personal data: you may ask us whether we have any personal data that relates to you and to provide you with a copy of such personal data;
- correct and erase your personal data: you may request us to correct any inaccurate personal data we process of you and to erase such personal data (in compliance with the Data Protection Legislation);
- request the restriction of processing: you may request the restriction of the processing of your personal data in specific circumstances as set out in the Data Protection Legislation;
- object to the processing: you may object to our processing of your personal data based on our legitimate interest. We will then no longer process your personal data for this purpose unless we have an overriding legitimate interest to do so. You may also opt out from processing you personal data for direct marketing purposes;
- withdraw your consent to processing your personal data: where we are processing your personal data based on your consent, you may withdraw your consent to the processing of your personal data at any time without affecting the lawfulness of the processing based on consent before your withdrawal;
- data portability: under certain conditions, you may request receipt of transmission to another organisation, in a machine-readable form, of your personal data that you have provided to us;
- lodge a complaint with the supervisory authority: as set out below, you may lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or another (European) data protection authority (e.g. in your country of residence) when you have a concern about the processing of your personal data.
How long do we keep your personal data?
Enquiries and complaints
We will consider your questions, concerns and complaints to work out what steps can be taken in response. If you make a complaint which requires detailed consideration or investigation, we may ask you to give us more data about your complaint and the outcome you are seeking. We may need to gather relevant facts, locate and review relevant documents and speak with other people involved. In any event, we will endeavour to provide you with a response within 21 days.
You also have the right to make a complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) (https://autoriteitpersoonsgegevens.nl/) or your local data protection authority, which in the UK is the Data Commissioner’s Office (www.ico.org.uk). The authorities for EU Member States are listed (along with contact details) on the European Commission website here.