Version: 7 May 2018
EXARC takes the private nature of your information very seriously. In this statement, EXARC explains what personal information of its members EXARC keeps and for what purposes. EXARC also explains how members can review and adjust this personal information. This statement follows the requirements of the EU General Information Protection Regulation (GDPR).
1. EXARC is a charitable association, governed by Dutch law. Our contact details are EXARC, Aloëlaan 40A, 2316 XT Leiden, the Netherlands, firstname.lastname@example.org.
2. EXARC manages the following information of its members:
a. All members:
i. Full name, affiliation to an organisation and postal address
ii. Date of membership
iii. Description of each member’s relevant experience and activities for their public profile, provided by each member upon registration
iv. ID photo and, where available, a few pictures of his/her activities as far as relevant to EXARC, also made available by the member itself.
v. Mention of any crafts and time eras with which the member is experienced
vi. Mention under which of the four EXARC themes they fall
vii. Status of payment of their annual membership fees
viii. Status regarding ICOM membership
ix. The URLs of their institutional organisations or companies and their social media profiles
b. Institutional Members:
i. GPS coordinates of their visiting address
ii. Annual number of visitors and entrance fees (where applicable)
3. This data is processed for the following purposes:
a. Full name, profile information, ID photo, crafts, time eras, the theme the member falls under and if they are ICOM member, as well as any additional photos the EXARC member made available are published on the EXARC website, open access, as Member Profile.
b. Not part of the Member Profile for individual EXARC members are their respective addresses.
c. Part of the online Member Profile of institutional EXARC members, are their visiting address, possibly aided by GPS data and their global annual number of visitors.
d. Not part of any EXARC Members Profile is their status of payment.
e. Members receive a list of members which includes: name, address, country, URLs of their institutional organisations or companies, they year they became a member, if they are member of ICOM and to which theme of EXARC they fit best
f. For our financial administration, EXARC processes the following personal information: Name and country, what financial type of member they are (Zone 1 or 2 et cetera), the status of their payment, payment method, amount and date of payment
4. Personal information of EXARC members is shared with the following third parties:
a. We share first and last names of our members with the accountant ABAB in Veldhoven (NL) for accounting purposes, i.e. making our annual financial reports.
b. We share first and last names as well as postal addresses with “the Printer” in Leiden (NL) to make address stickers for sending regular mailings to our members.
c. We share email addresses with Mailchimp (US) in order to send monthly Newsletters.
d. We have a safety copy of our data in the cloud of both Google and Dropbox.
5. Personal information is not stored outside the EU.
6. EXARC members have the right to view their own personal information and modify these.
7. Personal information of current EXARC members are stored as long as these people remain member or are contact person of an institutional EXARC member. Two years after a membership ends or after somebody stops to be a contact person of an institutional EXARC member, the personal information will be deleted from the EXARC systems.
8. EXARC is governed by Dutch Law. Every person from who EXARC keeps personal information has the right to file a complaint at the “Autoriteit Persoonsgegevens” in the Netherlands: https://autoriteitpersoonsgegevens.nl.
Registrations for EXARC activities
EXARC is host or co-host of several activities, including international conferences, festivals and workshops, hereafter referred to as “EXARC activities”. People registering for these activities are hereafter called “delegates”.
1. EXARC manages the following information of delegates:
a. Full name, affiliation to an organization, phone number, email and postal address
b. Travel information: arrival at and leaving from what airport and what date
c. The program components of the EXARC activity the delegate takes part in
d. Remarks by the delegate about him/herself and his/her partner or children, if they attend the activity as well, needed for handling their preferences, including diet requirements
2. Delegates have the option to opt-in to have this information shared with other participants of the same EXARC activity; also, delegates have the option to opt-in to be addressed by EXARC for future EXARC activities;
3. Personal information of delegates is processed for the following purposes:
a. Maintain an overview if the delegates paid their registration fees.
b. Sharing with co-organisers of the EXARC activity in order to book enough seats, meals et cetera
4. Personal information is not stored outside the EU.
5. Delegates have the right to view their own personal information and modify these.
6. Personal information of delegates is stored until two years after the EXARC activity.
7. EXARC is governed by Dutch Law. Every person from who EXARC keeps personal information has the right to file a complaint at the “Autoriteit Persoonsgegevens” in the Netherlands: https://autoriteitpersoonsgegevens.nl.