On May 25 2018, the European regulation N° 2016/679, known as the General Data Protection Regulation (GDPR), comes into force. This regulation applies in all member states of the European Union as well as in every legal entity operating on the territory of the European Union. The main objective of the regulation is to establish a reference text for the protection of personal data, which strengthens, unifies and harmonizes data protection for all individuals in the European Union. In addition, the regulation even applies to bodies outside the territory of the European Union, which deal with data from EU nationals.
We value careful management of your personal data. This includes that we manage your personal data confidentially, that we have taken security measures to protect your personal data from loss, unauthorized access or theft, and that we will delete the data when it is no longer necessary for our assosiatif and nonprofit work.
Personal data involved
The CLA receives your personal data in a number of ways:
When you register as a member by filling out the form or membership card (see the info listed below);
When you contact us by email (email address) or phone (phone number);
when you make a donation (data provided by your financial institute).
Data we collect
The CLA favours an approach of proportionality and minimization of the data processed. We ensure that the data we collect and process is adequate, relevant and limited to what is necessary for the purposes of the treatments in question.
Unless otherwise stated, the following data is collected for each member and the person who offered/paid the membership card.
The following data is collected for the member and the person who offered/paid the membership card
postal address (Street and No., postcode, locality, country);
nationality (in accordance with the law);
Phone numbers (optional);
email address, email;
membership year (automatic when re-joining) for the member only;
financial data (bank account number, bic code).
Visit our sites
IP address and hardware/technology;
for registered members and when they are logged into our site to manage their personal data and preferences;
for CLA managers when they are connected as site administrators;
Why we process your personal data
We process your personal data as part of our missions to:
be able to process and manage your contribution/donation
be able to meet legal requirements
be able to send you our emails/information letters to members
be able to manage our financial administration in accordance with legal requirements;
to be able to establish web statistics.
Use off of CLA
The CLA does not transmit your personal data to third parties
Keeping your personal data
Your personal data is no longer kept than necessary. Some data is retained as there are some legal obligations. Our goal is to remove personal data as soon as it is no longer needed to achieve our objectives. We make your data unusable by removing it.
Processing your personal data
The CLA ensures that its treatment of your personal data is lawful. To this end, we ensure that each treatment is justified by a valid legal basis, such as the consent of the member concerned.
The CLA ensures the security of your personal data by implementing enhanced technical, legal and organisational measures
The CLA maintains a record of the processing activities it conducts..
Your rights to your personal data
You have the right to apply to view, correct or delete your personal data
You have a right to object to any use of your data for incentive purposes (which the CLA does not do)..
SIf a member no longer wants the CLA to use its data (as part of the management of members as described above), this implies the resignation of the member in question.
If you apply for the right to review, correct, delete or object, we will start by determining whether we can take your request into consideration. We cannot take your application into consideration if we cannot establish your identity or if you recently (less than six months ago) filed a similar application.
If we have taken your request into consideration, there are a number of situations in which we must reject the application. For example, we will have to reject the application if the protection of the rights of a third party weighs more heavily. This can happen if your request for review also relates to other people's personal data. If we reject the request, we are in writing, within six weeks, why we cannot meet the request.
If you do not agree with our decision regarding an application for the right to review, correct, delete or object, you can file a complaint with the National Data Protection Commission: : www.cnpd.lu
Links to third-party websites