Privacy Policy

I. Who we are and how to contact us

International Port Community Systems Association (IPCSA) is a European Economic Interest Grouping (EEIG) governed by EEC Regulation 2137/85 and by the laws of England. The European Port Community Systems Association EEIG Contract of Formation was signed on the 15th June 2011 with an amendment agreed by all EEIG members signed on 15th August 2014 to form IPCSA EEIG as from 1st September 2014.

IPCSA Registered Office: The Chapel, Maybush Lane, Felixstowe, IP11 7LL, United Kingdom

IPCSA EEIG Number: GE000268

For any privacy related enquiries please contact us at: info@ipcsa.international



II. Data keeping purpose, categories and retention period

Internal communication with the Members in order to achieve IPSCA mission and objectives.

Specific Purpose Data categories Retention period or criteria used to determine the retention period Legal bases for data processing
E-mail correspondence between IPSCA and Member organisations E-mails might contain the personal data such as name, surname, position, phone number, address. E-mail correspondence on financial matters, including project and action implementation might contain also financial data such as data on salaries, payments, bank details etc. General e-mails: as long as the matter is relevant. E-mails related to the new Members approval: IPCSA life time. e-mails on financial matters, including project and action implementation: action and/or project life time + post implementation auditing period unless the relevant financial and accounting statutory rules require longer data storage period. Consent1 Legal obligation of controller in relation to the correspondence on financial matters.2 Legitimate interests3
Contacts on daily operational matters As long as contact details are relevant Consent4 Legitimate interests5
Surveys and Questionnaires’ might contain the personal data such as name, surname, position, phone number, address. E-mail, and opinions of organisations representative on business related matters covered by particular survey or questionnaire Survey responses will be kept for 3 years, Survey Reports for as long as they are relevant. Consent6 Legitimate interests7
Contacts for Newsletters Name, E-mail address. As long as contact details are relevant or unsubscription request is received Consent8 Contract9
Contacts for Members updates Name, surname, position, phone number, work address, E-mail. As long as contact details are relevant Consent10 Legitimate interests11
IPCSA website (Members only section- password protected access) Provides easy access to all relevant IPCSA internal documents, events, opinions etc. name, surname, position, phone As long as contact details are relevant number, work address, e- mail, password. person’s free option to add, edit and remove - personal photo, facebook, twitter, google plus, linked in and other social media accounts. Consent12 Legitimate interests13
Event invitations - Applicable in cases where IPCSA is organising, participating or invited to participate in international events. In relation to these cases IPCSA may or may not act as Your Personal Data Controller depending on actual circumstances. Whenever your personal data is requested by event host, relevant government officials and similar bodies, it would be clearly specified within information request. name, surname, position, phone number, work address, home address, nationality, any passport and or identification card details, visa details, travelling details, including air, train, bus tickets, reservations, personal insurance details, hotel accommodation details, traveling dates and any other information related to the foreign travel, including formalities necessary to obtain invitation and/or permission to enter the particular country or to obtain the permission to speak at the conference. Event duration +3 months enabling to solve out any pending issues in relation to the particular travel if such arise. Consent14
Participants lists at conferences, IPCSA meetings name, surname, position, work address, phone number and e – mail address, if provided. For conferences: as long as conference materials are relevant or where conference is organized using public project money – as long as relevant project documentation is kept. For IPSCA meetings – as long as meetings materials are relevant, for IPCSA meetings dealing with governance matters - IPSCA life time. Consent15 Legitimate interests16
IPCSA Meeting minutes, Conference Protocols etc. name, surname, position, work address, phone number and E-mail address. Meeting minutes may contain the information and any views and/or opinions on particular business matters expressed by individuals attending the meeting on behalf of their organisation. For conferences: as long as conference materials are relevant or where conference is organized using public project money – as long as relevant project documentation is kept. For IPSCA meetings – as long as meetings materials are relevant, for IPCSA meetings dealing with governance matters - IPSCA life time. Consent17 Legitimate interests18
Witness, affirmation a.o. documents signed on behalf of IPCSA Members or organisations invited to IPCSA meetings such as papers on fair competition, neutrality etc. name, surname, position, work address, phone number and e – mail address. IPSCA life time Legitimate interests19


III. IPCSA Legitimate interests

IPCSA is processing only the minimal amount of your personal information such as your name and surname, position, working address and working contact details, as well documents signed by you and/or written records on your opinions expressed in IPCSA meetings on behalf of the organisation you are representing on the grounds of legitimate interests. For details please refer to the Section 2 “Data keeping purpose, categories and retention period” of this document. The ultimate aim for such processing is to achieve the IPCSA objectives and goals as per EEIG Contract of Formation signed on the 15th June 2011 with an amendment agreed by all EEIG members signed on 15th August 2014 to form IPCSA EEIG as from 1st September 2014.

E-mails you are sending on behalf of your organisation to conform new IPSCA Member, Minutes of IPCSA Executive Committee meeting are the most typical examples of the personal data processing on the grounds of legitimate interests.

he personal information we are keeping is always related to you as a representative and/or employee of IPCSA Member orgnisation. We never hold any information on private matters on the grounds of legitimate interests. Please be aware that we will keep this information in our accounts even if you will no longer continue to represent particular IPCSA Member organisation only so far as far documents signed by you, opinions expressed by you are relevant to the IPCSA relationship with that particular organisation. If you would like to receive additional information on this matter, please do not hesitate to contact: Richard Morton, Secretary General, richard.morton@ipcsa.international, +44 (0) 7796334960.



IV. Recipients of personal data

IPCSA and its affiliated companies, IPCSA selected third party suppliers only for particular and specific data processing purposes.

Participants lists for conferences will be available to the meeting organizers’, meeting participants as well as media representatives.

We may disclose your information as required or permitted by law, or when we believe that disclosure is necessary to protect our rights, protect your safety or the safety of others, and/or to comply with a judicial proceeding, court order, subpoena, or other legal process served on us.



V. Data transfers to the third countries and safeguards

As a safeguard standard for any data transfer outside EU/EEA IPCSA follows either standard contractual clauses for transfers from data controllers to data controllers established outside the EU/EEA20 or standard contractual clauses for the transfer to processors established outside the EU/EEA21.
Available at: http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm

Specific situations:

For Surveys and Questionnaires’ we use SurveyMonkey Europe UC. Survey Monkey privacy policy is available at: https://www.surveymonkey.com/mp/policy/privacy-policy/.

For Newsletters (available only if you request this service through sign to) we use Mail chimp. MailChimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. Mail chimp privacy policy is available at: https://mailchimp.com/legal/privacy/

Easy access to the large documents on which IPCSA and its Member organisations’ are requested to provide comments via Dropbox. Within Members are on our website we use Dropbox for various working documents. Dropbox is certified and complies with the EU-U.S. Privacy Shield Program ("Privacy Shield") framework and the U.S.-Swiss Safe Harbor ("Safe Harbor") framework. Dropbox Privacy policy is available at: https://www.dropbox.com/security#privacy.



VI. Your rights:

- The right to access the data stored about you. At any time, you may request a copy of the information that IPCSA holds about you. This includes the right to request from us access to and rectification or erasure of personal data or restriction of processing concerning your data or to object to processing as well as the right to data portability pursuant to the Article 20 of the General Data Protection Regulation22.

- The right to withdraw consent at any time. You may withdraw your consent to the individual processing of your information at any time. This will not affect the lawfulness of the relevant data processing based on consent before its withdrawal. However, where your consent is withdrawn, and IPCSA has a legitimate interest to process certain data, you will be informed in writing accordingly. We will inform you on exact scope of the data we will continue to process on a bases of legitimate interests.

- The right to lodge a complaint with a supervisory authority. ICO. The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
You can report your concern online or call ICO helpline helpline: +44 0303 123 1113. More information available at: https://ico.org.uk/concerns/.



Download the latest version of our privacy policy here.

1 Article 6 (1) a of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (1) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 2 Article 6 (1) c of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (3) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 3 Article 6 (1) f of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (6) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 4 Article 6 (1) a of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (1) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 5 Article 6 (1) f of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (6) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 6 Article 6 (1) a of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (1) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 7 Article 6 (1) f of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (6) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 8 Article 6 (1) a of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (1) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 9 Article 6 (1) b of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (2) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 10 Article 6 (1) a of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (1) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 11 Article 6 (1) f of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (6) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 12 Article 6 (1) a of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (1) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 13 Article 6 (1) f of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (6) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 14 Article 6 (1) a of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (1) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 15 Article 6 (1) a of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (1) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 16 Article 6 (1) f of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (6) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 17 Article 6 (1) a of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (1) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 18 Article 6 (1) f of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (6) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 19 Article 6 (1) f of the General Data Protection Regulation (effective from May 25, 2018) Section 4(3), (6) Schedule 2 Data Protection Act 1998, United Kingdom (effective until May 25, 2018) 20 Commission Decision 2001/497/EC and Commission Decision C(2004)5721. 21 Commission Decision C(2010)593. 22 Effective from May 25, 2018.