1. Introduction

The CPMR particularly cares about data protection and your privacy in general.

The processing of personal data takes place in line with Regulation EU 2016/679 of 27 April 2016 on the “protection of natural persons with regard to the processing of personal data and on the free movement of such data”, otherwise known as the General Data Protection Regulation or GDPR effective in the European Union member states as of 25 May 2018.

The purpose of this Privacy Policy is to inform you of the type of personal data we collect and process, as well as the legal basis and purposes of such processing. The Privacy Policy also provides information about your rights as data subject.

We never sell personal data and only share it with third parties when necessary as described below (point 6.) and only if the privacy and security of your data can be assured.

2. Who we are

The Conference of Peripheral Maritime Regions (CPMR) is a not-for-profit association under French law. It is a voluntary membership organisation representing the interests of peripheral maritime regions (understood as first level subnational governments) from the European Union and beyond.

The CPMR campaigns in favour of a more balanced development of the European territory. It operates both as a think tank and as a lobby for regions.

Through its extensive network of contacts within the EU institutions and national governments the CPMR has, since its creation in 1973, been targeting its action towards ensuring that the needs and interests of its Member Regions are taken into account in EU policies with a high territorial impact.

Our administrative contact details:

CPMR

6 rue Saint-Martin
F-35700 RENNES
Tel. +33 2 99 35 40 50

Rond-point Schuman, 14
B-1040 BRUXELLES
Tel: +32 (0)2 612 17 00

Email: info[at]crpm.org
Website: https://cpmr.org

3. What personal data do we collect?

The CPMR collects, stores and processes the following categories of personal data:

  • Identification and contact data (such as name, email address, telephone numbers, job title, organisation, professional postal address)
  • Information required for the organisation of meetings for which the data subject has registered (such as ID information, date of birth and nationality for security purposes, travel information for logistics purposes)
  • CV information for recruitment of staff or election of office bearers
  • Other information you voluntarily submit when you contact us

In particular the CPMR collects personal data in various ways including through:

  • Email, postal and telephone contacts
  • Subscription to our newsletters
  • Registration to our events
  • Surveys
  • Contact forms or comments on our website
  • Business cards
  • Information available in the public domain such as institutional directories (e.g. EU Whoiswho, state government portals, etc.)

4. CPMR Website

The use of the CPMR website is possible without providing any personal data. However, some data is collected through the following functions:

Comments: When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/ . After approval of your comment, your profile picture is visible to the public in the context of your comment.

Contact forms: We use the personal data submitted through the contact forms on our website for the sole purpose of responding to messages.

4.1 Cookies

The CPMR’s website, like most websites, uses small text files called cookies. For information on what cookies are, which cookies the CPMR uses, and how they can be controlled, please refer to the website’s Cookies Statement (https://jetpack.com/support/cookies).

4.2 Embedded content and links to other websites

Our website, e-newsletters and mailings may include embedded content (e.g. videos, images, articles, etc.) or links to other sites. If you click on a third-party link you will be redirected to that site. Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These external sites are not managed by the CPMR. Therefore, we strongly advise you to review the Privacy Policy of those websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites.

4.3 Analytics

By default WordPress does not collect any analytics data. However, CPMR website uses this plugin:

Plugin Jetpack with Google Analytics. This plugin collect any analytics data from users.
https://policies.google.com/technologies/cookies?hl=en

5. Why do we collect personal data?

The processing of personal data of our subscribing member regions is necessary for the performance of our services to them.

Additionally, we may process personal data of our partners and other stakeholders with legitimate interest pursued by the CPMR for outreach activities, sharing our positions on different policy matters and advocacy on behalf of our member regions.

We may process personal data from data subjects for the following purposes, serving and addressing the interests, needs and demands of our members, partners and external stakeholders:

  • Notify you about our activities via our general and thematic e-newsletters
  • Organise, promote and send invitations to our events
  • Send postal or e-correspondence
  • Gather your input through surveys
  • Disseminate information on EU funded projects in which we are a partner, and which are related to our core activities
  • Recruit staff and elect office bearers
  • Understand your interest in our website and improve its user friendliness (to check – via analytics?)

6. With whom do we share your data?

The CPMR regularly uses cloud-based services for the processing of data, notably via on-line surveys, on-line registration forms and e-newsletters. The CPMR ensures that the platforms it uses, whether based within or outside the EU, are GDPR-compliant and committed to protecting personal data.

The CPMR may occasionally be required to share personal data with its partners for specific purposes such as events organisation or project dissemination. In these cases, the data is kept to the strict minimum required for such purposes.

7. How long do we retain your data?

The CPMR will normally keep personal data for the necessary duration for the accomplishment of the pursued purposes (cf. point 5.). In particular,

  • for the purposes of sending newsletters: as long as the data subject is subscribed
  • for the purposes of events organisation: the period required for communication and logistics related to the event in question
  • for advocacy and lobbying purposes: indefinite period
  • for the purposes of surveys: the period required to process the results of the survey
  • for the purposes of EU funded projects: the duration of the project in question
  • for the purposes of recruitment procedures: the period required to process the employment relationship with recruited candidates, and erasure six months after notification of refusal for unsuccessful candidates.

Our main database is continuously checked and updated, and obsolete data deleted.

8. What rights do you have over your data?

Within the limits set out in the GDPR, you may contact the CPMR at any time to exercise the following rights:

  • Right of access to your personal data (with the right to obtain a copy thereof)
  • Right to rectification of inaccurate personal data
  • Right to erasure (‘right to be forgotten’)
  • Right to restriction of processing of your personal data
  • Right to data portability (i.e. the right to have your personal data returned to you or transferred to a third party of your choice)
  • Objection to the processing of your personal data
  • Right to withdraw consent (including any opt-in) to the processing of your personal data
  • Right to lodge a complaint with a supervisory authority.

Furthermore, during our events pictures may be taken, and videos may be recorded. These materials could be used for communication purposes and may also be uploaded to our website and third-party supplier platforms such as Flickr, Twitter, Facebook and Google+. Should you wish not to feature in those materials, please contact us at gdpr@crpm.org.

9. How do we protect your data?

The CPMR is committed to ensuring that your personal information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, IT and internal staff procedures to safeguard and secure the information we collect, store and process.

In case of a data breach, we will take the necessary steps to notify the Data Protection Authority (DPA) within 72 hours and the affected individuals without undue delay.

10. Contact information

If you have any doubt or question regarding our privacy policy, please email us at: gdpr@crpm.org.