Last updated: 21 September 2023
This data protection notice will be reviewed from time to time to take into account changes in the law and the experience of the notice in practice.
If you have any queries in relation to this data protection notice, or if you have any concerns as to how your data is processed, please contact [insert name of data protection officer or relevant contact] at [insert relevant contact details].
Founded in November 2018, the European Association of Data Protection Professionals (EADPP) was the first independent pan-European non-profit organization dedicated to individuals worldwide who are interested in the GDPR. By connecting professionals and fostering collaboration the EADPP strives to advance data privacy best practices across Europe and beyond.
EADPP is the "Data Controller" within the meaning of GDPR and we are responsible for deciding how we collect, store, use and process personal information about you.
Our registered address is
European Association of Data Protection Professionals
Thomas R. Malthusstraat 1
1066 JR Amsterdam
The Netherlands
For requests related to your rights or for any questions about this privacy notice and the processing of your personal information, please contact us at: dpo@eadpp.eu
EADPP have created this data protection notice as the controller of personal data for visitors to this website, for prospects, clients and former clients. This notice aims to demonstrate our firm commitment to privacy and to inform people dealing with us about the information we collect and process in connection with such interaction.
This notice sets out an explanation of what personal data about you we process, why we process your personal data, with whom your personal data is shared and a description of your rights with respect to your personal data.
We need to keep and process certain personal data about you to manage our business, for management purposes, to comply with our legal obligations and, where necessary, to protect our legitimate business interests. We will collect and process personal data from you during your visit on this website, during our contractual relationship and following the termination of our contractual relationship.
Personal data is normally obtained directly from you.
The information we hold and process will be used for management and administrative purposes. We keep it and use it to enable us to run our business, manage our contractual relationship with you effectively, lawfully and appropriately and protect your rights and interests. This includes using your information to enable us to manage contracts, comply with legal obligations, pursue our legitimate interests and protect ourselves in the event of legal proceedings against the company.
The uses we make of each category of your personal data, together with the lawful basis we rely on for those uses are set out in more details below.
Where there is a need to process your data for a purpose other than those set out in the appendix or otherwise outlined to you, we will inform you of this.
We handle your personal data with care and refrain from disclosing it to external parties unless we are legally obliged to do so.
More detailed information on how we share your personal data is set out below.
The website datacentre is located in Ireland,
The transfer of personal data is explained in more detail below.
Our data retention criteria are based on the statutory retention periods necessary to fulfill our legal obligations. After the end of those periods, your personal data will be securely deleted, if it is no longer necessary for the fulfilment of a contract, the initiation of a contract, or in relation to any legal proceedings. We may keep anonymized data for statistical and research purposes.
In some cases, you may decline to provide us with your personal data. If we believe that we require relevant personal data to effectively and properly manage our contractual relationship or legal obligations, we may not be able to continue our relationship with you.
We do not carry out automated decision making or any type of automated profiling.
Under the GDPR, you have rights in relation to your personal data that we hold, please note that these rights are not absolute and may have some restrictions:
Please note that your ability to exercise these rights may be subject to certain conditions.
When you open a link to a 3rd party website from our website, we passively collect the following personal data to gauge the engagement with external links we post:
Log files are kept for a maximum of 6 months.
The transfer of the website content between your browser and our server is secured through TLS 1.2 encryption. You can verify by clicking the padlock on your browser.
We use encryption at rest.
Our servers are located in ISO 27001 accredited datacentres in Ireland.
We collect
We will retain your details and query for the length of time required to handle you query.
The transfer of the website content between your browser and our server is secured through TLS 1.2 encryption. You can verify by clicking the padlock on your browser.
We use encryption at rest.
Our servers are located in ISO 27001 accredited datacentres in Ireland.
The information with only be used by relevant members of the EADPP Board to deal with your query.
When you sign in, we collect:
When you change your details or password, we collect:
We will retain the data for the contract duration.
Detailed access records (with IP address and time) are kept for 12 months for security purposes.
Summary of access by month is kept thereafter for stats purposes.
The transfer of the website content between your browser and our server is secured through TLS 1.2 encryption. You can verify by clicking the padlock on your browser.
We use encryption at rest.
Our servers are located in ISO 27001 acredited data-centres in Ireland.
The information is only used by relevant EADPP Board members.
As a data controller:
The transfer of the website content between your browser and our server is secured through TLS 1.2 encryption. You can verify by clicking the padlock on your browser.
We use encryption at rest.
Our servers are located in ISO 27001 accredited data-centres in Ireland.
Sharing of dataPersonal data processed
We collect
One year for free events.
Up to 7 years for paid events to comply with accounting legislation .
The transfer of the website content between your browser and our server is secured through TLS 1.2 encryption. You can verify by clicking the padlock on your browser.
We use encryption at rest.
Our servers are located in ISO 27001 acredited data-centres in Ireland.
We normally do not share your registration data.
When we send you the link, you may need to confirm your name with Zoom. Zoom, our call platform may collect some data to improve the call including your IP address. To check which data processors Zoom uses contact Zoom directly.
The EADPP website runs on the Bizoneo Membership e-Commerce system.