In the context of the new European legislation, General Data Protection Regulation (GDPR), we inform you of our policy regarding the processing of your personal data.

Your personal data may be processed by CSR Europe AISBL. We will always treat your personal data with the utmost care. Further on in this Privacy Notice, you will find the necessary information regarding the processing of your personal data.

If you have any questions or remarks regarding the processing of your personal data, you can contact the data protection officer:

CSR Europe AISBL

Rue Victor Oudart 7

1030 Brussels

Tel: 02/541.16.10

You can also always contact the responsible for data protection within CSR Europe at dataprotection@csreurope.org.

We may process some of your personal data.

• This is always done in the context of your relationship with CSR Europe;

• We limit it to the data strictly necessary to provide a good service;

• We may share your data with third parties; this is only done in the context of our services and with appropriate Data Processing Agreement for restricted use and data control within the framework of the services concerned.

• CSR Europe and any third parties will treat your personal data confidentially and with the utmost care.

2.1 Which Personal Data are Processed?

As part of the relationship between you and CSR Europe, the following personal data may be processed:

• Personal identification data:
  E.g. Name, First name, Address,

• Financial identification data:
  E.g. Account numbers

• Electronic identification data:
  E.g. E-mail address

• Professional identification data:
  E.g. Professional activity, current job, function,

If you are an employee of an organization or company that has a contractual relationship with CSR Europe (e.g. supplier, customer, client, ...), we will process your business data (e.g. business e-mail address, business phone number, ...) and personal data (e.g. surname, first name, ...) in the context of the execution of this contractual relationship.

2.2. Purpose of the Processing

Regarding the relationship between you and CSR Europe, personal data may be processed for the following purposes:

• Member administration and membership management

• Customer administration and customer management

• Supplier administration and supplier management

• Accounting operations and human resources management

• Execution of agreements

If you are an employee of an organization or company that has a contractual relationship with CSR Europe (e.g. supplier, customer, client, ...), we may use your data in the context of the execution of this contractual relationship.

2.3. Cookies

CSR Europe uses a cookie that collects anonymous traffic data. Your IP address is automatically logged by our web server. 

We use cookies on our website, including the use of Google and Squarespace analytics.

You can reject some or all the cookies we use on or via our website by changing your browser settings by using our cookie control tool.

 2.4. Registered User Account, Password and Security

To register for the CSR Europe website, you must complete the registration process by providing CSR Europe with current, complete and accurate information as prompted by the registration form, including Your e-mail address (username) and password. You shall protect your passwords and take full responsibility for Your own, and third party, use of Your accounts. You are solely responsible for any and all activities that occur under Your Account. You agree to notify CSR Europe immediately upon learning of any unauthorized use of Your Account or any other breach of security. From time to time, CSR Europe's (or its authorized third-party suppliers) staff may log in to the CSR Europe web site under Your customer password in order to maintain or improve service, including to provide you assistance with technical issues. You hereby acknowledge and consent to such access.

2.5. Duration of Processing

CSR Europe will only retain your data for the period necessary for the purposes of achieving and fulfilling the objectives under 2.2, unless a longer retention period is required or justified by law or another legal obligation.

In certain cases, your personal data may be passed on to third parties. More specifically:

• To companies cooperating in the framework of activities linked to the work of CSR Europe (e.g. subcontractors, service providers, etc.) and with appropriate Data Processing Agreement for restricted use and data control within the framework of the services concerned.

• To competent authorities within the framework of legal and regulatory obligations.

Within the framework of the General Data Protection Regulation, you are granted a number of rights with regard to the processing of your personal data. These are:

• Right of access and copy of data

• Right of rectification of such data

• Right to have the data deleted (right to be forgotten)

• Right to limitation of processing

• Right to transferability of data

If you have any questions about or wish to exercise these rights, please contact our responsible for data protection at .

If you are dissatisfied with our way of dealing with your personal data, you may contact our responsible for data protection or the Data Protection Authority.

CSR Europe – copyright 2018