Privacy

Objective

The aim of this privacy policy is to provide adequate and consistent safeguards for the handling of Personal Data (as defined below) by CropLife International A.I.S.B.L. (‘CropLife International’) and affiliated entities (CropLife International and all such entities being together referred as ‘CropLife International entities’) in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“General Data Protection Regulation”, or ‘GDPR’).

Scope

CropLife International is the controller and responsible for CropLife International entities’ websites. This privacy policy is issued on behalf of and applies to all CropLife International entities in the EU that process personal data. The GDPR will apply to CropLife International entities that are either 1) established in the EU or 2) offer services in the EU (whether or not for payment) to data subjects in the EU or 3) which monitor the behavior of such data subjects.

“Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to a name, an identification number, location data, an online identifier or to one or more factors specific to the person’s physical, physiological, genetic, mental, economic, cultural or social identity and includes information, that (i) relates to an identified or identifiable person (ii) can be linked to that person; (iii) is transferred to CropLife International entities and (iv) is recorded in any form. It does not include data where the identity has been removed (anonymous data).

CropLife International has appointed a contact person who is responsible for overseeing questions in relation to this privacy notice. If data subjects have any questions about this privacy notice, including any requests to exercise their legal rights, they should contact CropLife International’s contact person using the details set out below:

Raffaella Colombo
Director of Operations
CropLife International A.I.S.B.L.
326 Avenue Louise, Box 35
1050 Brussels, Belgium
[email protected]
+32 2 541 16 62
+32 475 983 421

Data subjects have the right to make a complaint at any time to the Belgian Data Protection Authority, the Belgian supervisory authority for data protection issues (www.privacycommission.be) at present. CropLife International would, however, appreciate the chance to deal with such concerns before data subjects approach the Belgian Data Protection Authority, so would be grateful if data subjects would contact the contact person in the first instance.

Principles of processing personal data

CropLife International entities respect data subjects’ privacy and are committed to protecting personal data in compliance with the applicable legislation in the EU with the desire to keep its data subjects informed and to recognize and respect their privacy rights. CropLife International entities will observe the following principles when processing personal data:

It is important that the personal data CropLife International entities hold about data subjects is accurate and current. Data subjects should keep CropLife International entities informed if their personal data changes during their relationship with CropLife International entities.

Appropriate technical, physical and organizational measures will be taken to prevent unauthorized access, unlawful processing, unlawful alteration or disclosure and unauthorized or accidental loss, destruction or damage to data. In addition, CropLife International entities limit access to the personal data of data subjects to those employees, agents, contractors and other third parties who have a business need to know. CropLife International entities will ensure personal data is processed on their instructions and subject to a duty of confidentiality.

In case of any such violation with respect to personal data, CropLife International entities will take appropriate steps to end the violation and will notify relevant data subjects and any applicable authority or regulator in accordance with applicable law and will cooperate with all such competent authorities.

Types of personal data

CropLife International entities collect data subjects’ personally identifiable information:

CropLife International entities and their third parties and data subject communication preferences. CropLife International entities do not collect any sensitive personal data (as defined in the GDPR) about its data subjects (this includes details about race or ethnicity, religious or philosophical beliefs, sex life, sexual
orientation, political opinions, trade union membership, information regarding health and genetic and biometric data). Nor do CropLife International entities collect any information about criminal convictions and offences.

Ways of obtaining personal data

The ways by which CropLife International entities obtain personal data are set out in this section. CropLife International entities do not obtain any personal information about data subjects unless the data subject has provided that information to CropLife International entities in a way that is in accordance to the established data protection rules to do so including but not limited to visiting or creating an account with respect to CropLife International entities’ websites, applying for or subscribing to CropLife International entities’ services or publications, requesting that marketing be supplied by CropLife International entities, providing feedback, entering any promotion or survey, by the completion of a written agreement, consent form, survey, or completion of an on-line or hard copy form. Data subjects may choose to submit personal, private information by facsimile, regular mail, e-mail, or electronic transmission over CropLife International entities’ internal websites, interoffice mail, or personal delivery, as each of these methods may be deemed applicable each time.

Automated technologies or interactions

When interacting with CropLife International entities’ websites, CropLife International entities may automatically collect technical data about the equipment, browsing actions and patterns of its data subjects. CropLife International entities collect this personal data by using cookies, server logs and other similar
technologies. CropLife International entities may also receive technical data about a data subject if it visits other websites employing their cookies. Please see CropLife International entities’ cookie policy below for further details.

Third parties or publicly available sources

CropLife International entities may receive personal data about data subjects from various third parties and public sources as set out below:

Use of personal data

CropLife International entities collect and use data subjects’ personal information to operate the CropLife International entities’ websites and deliver requested services. CropLife International entities also use personally identifiable information to inform on services available from CropLife International entities.
CropLife International entities may also contact data subjects via surveys to conduct research about their opinion of current services or of potential new services that may be offered.

For data subject’s specific information, the purposes of processing may include:

IP addresses, browser types, domain names, access times and referring website addresses are used by CropLife International entities for the operation of the service, to maintain quality of the service and to provide general
statistics regarding use of the CropLife International entities’ websites.

CropLife International entities keep track of the websites and pages their data subjects visit, in order to determine what services are the most popular. This data may be used to deliver customized content to data subjects whose behaviour indicates that they are interested in a particular subject area.

If CropLife International entities introduce a new process or application that will result in the processing of personal data for purposes that go beyond the purposes described above, CropLife International entities will inform the concerned data subjects of such new process or application, new purpose for which the personal data are to be used, and the categories of recipients of the personal data.

CropLife International entities will disclose data subjects’ personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the law or comply with legal process served on CropLife International entities or the sites; (b) protect and defend the rights or property of CropLife International entities; and, (c) act under exigent circumstances to protect the personal safety of data subjects of CropLife International entities, or the public.

Use of Cookies

The CropLife International entities’ websites use “cookies” that automatically track certain information about visitor activity on the sites. Cookies are data files that contain information created by a web server that can be stored on a visitor’s hard disk for use either during a particular session or for future use. CropLife International entities use cookies only to support visitor’s interaction with the site and keep it running efficiently. This information includes the browser and operating system being used, the IP address and the referring URL. CropLife International entities will not use cookies to collect personally identifiable information. However, if a visitor wishes to restrict or block the cookies which are set by their websites (or indeed any other website), this can be done through the browser settings.

Equipment and Information Security

To safeguard against unauthorized access to personal data by third parties outside CropLife International entities, all electronic personal data held by CropLife International entities are maintained on systems that are protected by up-to-date secure network architectures that contain firewalls and intrusion detection devices. The data saved in servers is “backed up” (i.e. the data are recorded on separate media) to avoid the consequences of any inadvertent erasure, destruction or loss otherwise. The servers are stored in facilities with high security, access protected to unauthorized personnel, fire detection and response systems.

Access security

The importance of security for all personally identifiable information is of highest concern. CropLife International entities are committed to safeguarding the integrity of personal information and preventing unauthorized access to information maintained in CropLife International entities’ databases. These measures
are designed and intended to prevent corruption of data, to block unknown and unauthorized access to our computerized system and information, and to provide reasonable protection of personal data in CropLife International entities’ possession. Access to the computerized database is controlled by a log-in sequence and requires users to identify themselves and provide a password before access is granted. CropLife International entities may need to request specific information from data subjects in order to help them confirm the identity of that data subject and to ensure the right of that data subject to access its personal data (or to exercise any of its other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Rights of data subjects

If a data subject fails to provide personal data

Where CropLife International entities need to collect personal data by law, or under the terms of a contract it has with a data subject and that data subject fails to provide that data when requested, CropLife International entities may not be able to perform the contract they have or are trying to enter into with that data subject (for example, to provide services). In this case, CropLife International entities may have to cancel a product or service that the data subject has with it. CropLife International entities will notify the relevant data subject if this is the case at the time.

Third party links

CropLife International entities’ websites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about the data subject. CropLife International entities do not control these third-party websites and cannot be held responsible for their privacy policy. Therefore, CropLife International entities recommend that when data subjects leave their websites that they should read the privacy policy of every website visited.

Data retention period

Data subject preferences and personal data processed for the use of any of CropLife International entities’ services will be retained for so long as is necessary to fulfil the purposes for which it was collected (including for the purpose of satisfying any legal, accounting or reporting requirements). To determine the appropriate retention period for personal data, CropLife International entities consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of the personal data, the purposes for which they process the personal data of data subjects and whether they can achieve those purposes through other means, and the applicable legal requirements. Personal data may be held for up to 5 years, after which CropLife International entities will be active in securely deleting the information.

Transfer outside the EU

In connection with the activities of CropLife International entities, CropLife International entities may transmit personal data outside the EU and more specifically to CropLife International’s additional affiliated entities worldwide. CropLife International entities ensure that the personal data of data subjects is protected, by requiring all its affiliated entities outside the EU to follow the same rules when processing the transferred personal data.

Whenever CropLife International entities transfer the personal data of any data subject outside the EU, CropLife International entities ensure a similar degree of protection is afforded to it by this privacy policy. CropLife International entities may be contacted if further information is wished on the specific mechanism
they use when transferring personal data out of the EU.