A. THE GENERAL DATA PROTECTION REGULATION (GDPR)
I. What is personal data ?
The term "personal data" refers to any information about an identified physical person or a physical person that may be directly or indirectly identified. Therefore, the general data Protection came into effect on the 25 May 2018 and it's a regulation that applies to everyone within EU and it ensure the protection of the usage of ones personal information. The Swedish Data Protection Authority defines GDPR as : " The General Data Protection Regulation exists to protect individuals fundamental rights and freedoms, in particular their right to protection of their personal data".
II. What personal data do we collect and when do we collect it ?
We collect information about you in a variety of ways depending on how you interact with us and our services; including through our website and social media.
III. For what purpose is your personal data collected and used ?
In addition to the purposes and uses described above, we use data in the following ways :
To identify you when you visit our website
To secure online transactions; prevent fraud and payment incidents, and manage debt collection
To send marketing and promotional materials, including information relating to our services
To manage our relationships as well as for internal administrative purposes.
In many situations we have more than one purpose. For example, we collect your personal data to perform our contract with you, but we also collect your personal data as we have legitimate interest in maintaining your information after transactions is complete so that we can quickly and easily respond to any questions about your order.
IV. How do we protect your personal data ?
No method of transmission over the internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal data from unauthorized access, use, or disclosure, we cannot guarantee the security of your personal data. In the event that we are required by law to inform you of a breach to your personal data, we may notify you electronically, in writing, or by telephone, if permitted to do so by law.
However, our website permit you to create an account. When you do you will prompted to create a password. You are responsible for any access to or use of your account by someone else that has obtained your password, whether or not such access or use has been authorized by you. You should notify us of any unauthorized use of your password or account.
B. THE MEMBERS
I.1 How long do SAIA retain your personal data ?
The members that registers within SAIA's activities are registered in the digital systems that we use daily. These digital systems have the necessary security needed to protect your personal data from unauthorized access. Only the board within SAIA can access them.
Typically, we retain your personal data for the period necessary to fulfill the purpose outlined in this privacy policy; including for the purposes of satisfying any legal, accounting, or reporting requirements, unless a longer retention period is required or permitted by law. To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of the information, the purposes for which we obtained the information and whether we can achieve those purposes through other means, as well as applicable legal requirements.
I.2 What is the lawful ground does SAIA use for the processing of personal data if you are a member in SAIA ?
The lawful ground of consent is used when SAIA register member personal data; or when we hold embassy events. The consent can be withdrawn at any time by emailing : info@ufstockholm.se.
The membership register collect the following information, email, full name, gender, if you are a university student or high school student, how you will pay your membership fee, and an additional consent to use your email you for future event. The data collected for your membership is only shared to the SAIA board members in order to confirm your membership for our events and in order to email you for future events.
When SAIA arranges embassy events, the embassies will ask for personal data information about the people attending for security measures. Each embassy will ask for different personal data and what kind of personal data that is being asked for is going to be clearly stated on the forms for embassy visits. The personal data we receive from you only be shared with the SAIA board members and the embassy.
The lawful ground of legitimate interests is used when SAIA to capture, store and use photographs taken on our events. The purpose for taking pictures and uploading them is that we want to inform about our association. SAIA are always clear to inform people attending our events that pictures are going to be taken and they might be used to inform about our association. In addition, SAIA is always inform about our attendance during our events that they have the opportunity to object to pictures being taken of them and to who to contact.
I.3 Who gets access to your personal data information ?
The board members have access to your personal data information at all times ( to see what personal data information they have access to read "point I.2"). Moreover, some organizers SAIA collaborate with during some events will ask for member information, such as embassies or associations organizations in collaboration on a specific event. During those instances where your personal data will be shared to other associations/organizations, SAIA will be clear to inform our member about it and they have a right to object to this, however they might not be allowed to attend the event if they object to it. Other than these organizations, the national board, The Swedish Association of International affairs (in swedish : Utrikespolitiska forbundet), also have access to our membership resister because of grants reasons.
In addition to this, your personal data information will only be processed within EU: In cases where personal data is processed outside the EU/EEA, there is either a decision by the Commission that the third country in question ensures an adequate level of protection or appropriate protection measures that ensure that your rights are protected.
I.4 How long we process and store your personal data ?
SAIA will only store your information for as long your are a member, afterward your personal data will be safely deleted. The organizations we collaborate with that has your personal information only store your information for the event and after the event will delete the data. The national board, The Swedish Association of International Affairs, only stores your personal data as long as you are a member.
TO CONTACT SAIA'S PERSONAL DATA CONTROLLER (PERSON RESPONSIBLE FOR PERSONAL DATA) :
Utrikespolitiska Föreningen Stockholm c/o Samhällsvetenskapliga Föreningen Frescativägen 14B, 114 18 Stockholm info@ufstockholm.se