Purpose
The purpose of this policy is to set out how the International Olive Council (IOC) safeguard any information disclosed to the IOC or that may be collected by the IOC through its website and social media (herein shortly “site”). Any personal data received by the IOC will be treated in accordance with this policy.
Scope
This policy extends to all processing of personal data. This privacy policy also applies to the use of IOC’s social media sites (Twitter and LinkedIn platforms). Anonymised data, e.g., for statistical evaluations or studies, is not subject to this policy.
Social media platforms collect and process personal data when you visit them, and the IOC has no control over this.
Personal data
“Personal data” includes any information relating to an identified or identifiable natural person (herein after “user” of “visitor”). This means any individual who can be identified directly or indirectly by reference to an identifier such as name, identification number, location data, online identifiers (e.g. IP addresses – if they can be used to identify), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.
The IOC recommends that users do not disclose sensitive personal data via site, such as information relating to racial or ethnic origin, political opinions, religious or other beliefs, physical or mental health, criminal background, etc.
Collection and use of user’s personal data
On accessing IOC’s web pages, the user may have an opportunity to provide IOC with personal data, such as name, email address, home address, telephone number, social media account ID, among others. This includes, for example, information provided when participating in social media features on a site, entering a contest, promotion, or survey, or filling out a form or reporting a problem with a site.
Personal data collected by IOC will only be used for the purposes for which it was provided by the user.
IOC recommends that users read this policy carefully to understand its personal data practices and how IOC treats it.
The categories of personal data IOC may collect, the purpose and the lawful basis
Personal Data collected from users include the following:
| Categories of Personal Data | Purpose | Legal basis |
|---|---|---|
| Application data (e.g. name, CV, contact details) | Processing of this personal data is required to enable IOC to administer the recruitment process, including the creation of an electronic applicant HR file, managing user applications, organizing interviews. | Processing is necessary to evaluate the dossiers and, if the application is successful, to enter into a contract with the user. |
| Contact information in general (e.g., full name, postal address, e-mail address, employer/business and professional information, job titles, telephone number) | Managing and responding to user queries. | Contract performance and legitimate interests – it’s important that IOC is able to respond to user enquiries. |
| Browsing information (IP address, browser information) and information processed via cookies and analytic tools (see details below in article 10 Use of Cookies) | Monitoring and producing statistical information regarding the use of IOC platforms and analysing and improving their functionality. | Legitimate interests – IOC performs this monitoring to ensure that the IOC sites are functioning properly, to diagnose any problems with the IOC server, and to administer the IOC sites. |
| Contact Information for dissemination of information (Email address; name, profile and sector information) | Sending Newsletters and informative bulletins, sending survey questions to get feedback on user needs and updates on the Olive’s market and strategies, if you have subscribed and consented to receive such information or participate in promotional and marketing activities. | User explicit consent. |
| Personal data included in business correspondence and related documents, e.g., name, e-mail address, postal address, phone number, query details | Communicating with IOC current and prospective suppliers, and business associates (in particular via e-mail), e.g., during commercial negotiations, in contemplation of or during the performance of a contract, or to address a query. | Performance of contract and IOC legitimate interests to conduct business with you. |
| All information | Establishing and enforcing IOC legal rights and obligations and monitoring to identify and record fraudulent activity. Complying with instructions from law enforcement agencies, any court or otherwise as required by law. For IOC general record- keeping and customer relationship management. Resolving any complaints from or disputes. |
Legitimate interests |
IOC does not collect or retain users´ personal data longer than is necessary for the purposes for which it was collected or as required by IOC policy and procedures.
Keeping users informed and communication
With the user’s consent and where appropriate, IOC will keep user’s name, address and/or contact information (including telephone numbers and/or email addresses) in IOC’s databases and may from time to time use this information to inform users of IOC activities and publications that may be of interest to them. For this purpose, IOC may contact the users in writing, by telephone or email for this. If, at any time, a user decides not to use his or her contact information for these purposes, he or she is requested to inform IOC (see “How to contact us” section).
Right of access, rectification and erasure
Users have the following rights under IOC data privacy regulations:
- the right to request access to the Personal Data IOC hold about users.
- the right to rectification including to require IOC to correct inaccurate Personal Data.
- the right to request restriction of processing concerning user´s Personal Data,
- the right to request the erasure of user´s Personal Data where it is no longer necessary for IOC to retain them.
- the right to withdraw consent to any processing for which user have previously given that consent.
Users are requested to contact IOC in case they want to exercise any of these rights.
Disclosure of personal data to third parties
The IOC will not disclose user´s personal data to any third parties, except as described in this policy.
The IOC may disclose user´s personal data to third parties, including, but not limited to, the following:
- To third parties who provide services to IOC and who help the IOC carry out its activities. For example, a third party may have access to the user´s personal data in order to support IOC’s information technology or to manage mailings on behalf of IOC.
- To IOC’s legal and other professional advisors.
- As necessary to comply with a legal requirement, to protect vital interests, to safeguard the security or integrity of IOC’s databases or this site, to insure against legal liability.
and
- IOC may engage third parties to manage the site and provide other services in connection with the site, such as the collection and analysis of data. Such third parties may have access to certain personal data provided by the user as necessary to perform such services on IOC’s behalf; provided, however, all such third parties are required to protect such personal data in accordance with this Privacy Policy.
Keeping user’s information secure
We endeavour to use appropriate technical and physical security measures to protect personal data which is transmitted, stored or otherwise processed by us, from any unlawful destruction, loss, alteration, unauthorised disclosure of, or access, in connection with IOC sites. These measures include computer backups and secured files and facilities. IOC’s service providers are also carefully selected and are required to use appropriate protective measures.
In particular, IOC endeavour to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including as appropriate:
- pseudonymisation (such as where data is separated from direct identifiers so that linkage to an identity is not possible without additional information that is held separately) and encryption,
- ensuring the ongoing confidentiality, integrity, availability and resilience of systems and services used to process user´s personal data,
- ensuring the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
- ensuring a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational security measures.
Notwithstanding the foregoing, IOC cannot guarantee the security of any information that the user transmit to a Site and user do so at user´s own risk. If the user has reasons to believe that their interaction with IOC is no longer secure, then s/he is requested to notify IOC immediately of the suspected problem.
Collection of non-personal data, use of cookies
IOC may from time to time use cookies on its sites. Cookies are small text files that user´s web browser leaves on user´s hard drive, in order to recognize the user as a regular user of the IOC site, to track the user´s use of the IOC site and to target advertising. This allows for personalization of certain aspects of user´s visit to IOC site. Information gathered from cookies in this way is only used on an aggregate basis. Unless a visitor specifically provides their identity to IOC, e.g., by registering at IOC sites, providing information through an online form or sending IOC correspondence from the Sites, IOC will not know the identification of individual visitors. The aggregated information collected permits IOC to analyse traffic patterns on IOC site. This helps IOC provide users with a better experience by improving the content and making IOC site easier to use.
Users can disable cookies by using their Internet browser settings. Users are requested to consult their browser’s help function to find out how to disable cookies. Users must note that if they disable cookies, some features of the IOC sites may not function properly.
Commitment to data security
The IOC is committed to respecting the privacy of those who use its website, IOC controlled social media pages and any other form of electronic communication. The IOC website currently includes a common and a private area (limited access).
Amendments to this Policy
The IOC reserves the right in its sole discretion to amend this Privacy Policy at any time, and users are requested to regularly check this Policy for any amendments.
How to contact IOC
For any other questions or concerns about IOC privacy policies and practices, users can send an e-mail at dataprotection@internationaloliveoil.org.
