Privacy and data protection policy

What this policy covers

SAPEA is committed to managing your personal data respectfully and responsibly, in accordance with national and European law and good practice. We undertake to do this when you visit our website, attend our events, communicate with us, or work with us.

This policy explains how we collect, manage and use the personal information you provide to us, whether online, via phone or in person, email, in writing or any other correspondence.

This policy explains:

  • who we are
  • what personal data we collect
  • how we may use your data
  • how we may contact you
  • how we will store and protect your data
  • the circumstances in which we share your data with third parties
  • what you should do if you would like us to change or delete the data we hold for you, or stop contacting you
  • how to make a complaint
  • how we may change this policy in the future.

Who we are

SAPEA (Science Advice for Policy by European Academies) brings together outstanding expertise in engineering, humanities, medicine, natural and social sciences from over 100 academies, young academies and learned societies across Europe.

SAPEA is part of the European Commission’s Scientific Advice Mechanism. Together with the Group of Chief Scientific Advisors, we provide independent scientific advice to European Commissioners to support their decision-making. We also work to strengthen connections between Europe’s academies and Academy Networks, and to stimulate debate in Europe about the role of evidence in policy-making.

SAPEA is funded by grant 737432 from the European Union’s Horizon 2020 programme.

There are many organisations and other partners that are connected to us, including our five Member Networks (Academia Europaea, ALLEA, EASAC, Euro-CASE, FEAM) and the academies that make up those networks, as well as the institutions of the European Union. However, this policy only covers personal information collected by SAPEA itself. Other organisations and institutions have their own policies.

What personal data we collect

We may collect personal information about you when you engage with us for a number of reasons, including when you:

  • visit our website
  • ask us for information about our work
  • interact with us on social media
  • attend an event we organise, co-organise or are connected with
  • participate in a meeting we organise, co-organise or are connected with
  • buy a product or service from us
  • collaborate with us on a project

or at any other time when you provide us with personal information that we may use to enable us to provide a service to you, enable us to perform our activities, or enhance your experience with us.

This can include information such as your name, postal address, email address, phone number, age, bank details and credit/debit card details. In addition to your personal data, we may also ask for your preferences so that we can send you information that is tailored to your interests, or ensure that we provide the right service to you.

On occasion, we may receive information about you from third parties, for example if we receive a personal recommendation that you may be interested in our work, or if you are involved with an activity carried out jointly by us and by an academy or Academy Network that is connected with us.

We do not collect ‘sensitive’ personal data from you unless there is a clear reason for doing so, such as where we need this information to ensure that we provide appropriate facilities or support. Examples of sensitive personal data we may hold would be health or disability information, to ensure that an event you attend is properly accessible.

Website users

We may gather information about you from your use of our website, such as which pages are most visited and which events or facilities are of most interest. We will use this information to improve our website and to ensure we provide the best services for our users. Wherever possible we use aggregated or anonymous information which does not identify individual visitors to our website. By submitting your details, you enable us (and where applicable any suppliers we use) to provide you with the goods, services, information, activities or online content you select and any other related services we may provide.

Our website uses cookies to help it work well and to record information about how people are using it. Cookies are individual to you but they do not store personal information such as your name or address, and they are stored on your device, not on our servers. For more information about how cookies work, what information they store and the European laws that govern their use, please visit http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm.

Newsletter subscribers

If you register to receive emailed information from us (newsletters), then the following will apply:

  • We will collect information such as your name, email address and location
  • You agree to ensure that any registration information you give to us will always be accurate, correct and up-to-date.
  • We collect and retain information about your communications with us so that we can process your communications and deal with future queries.
  • Through the use of cookies, we will receive information from your computer such as your IP address (the unique number that identifies your computer when you use the internet) and we may record this information to provide you with a good experience when browsing our website or to improve the functionality of our site.

Job applicants

If you apply to work for SAPEA, we will only use the information you give us to process your application and to monitor recruitment statistics. We treat the fact that you have applied to work for us as a piece of personal information in itself.

If we want to disclose information to someone outside SAPEA (for example, if we need a reference) we will make sure we tell you beforehand, unless we are required to disclose this information by law.

If you are unsuccessful in your job application, we may hold your personal information for up to 12 months after we’ve finished recruiting for the post you applied for. After this date we will destroy or delete your information. We keep de-personalised statistical information about applicants to develop our recruitment processes. However, no individual applicant would be identifiable from this information.

If you commence employment with SAPEA, your data will be processed in accordance with your employment contract and the law applicable in the country where you work.

Your bank details, debit card and credit card information

If you give your bank, credit or debit card details to us, for instance to pay for a ticket or so that we can pay your expenses for an event we are connected with, we will ensure that the details are passed securely and we will not keep them for longer than necessary for the purposes of the transaction.

How we may use your data

We may use your personal data for a number of purposes, including the following:

  • to provide you with the services, products or information you have requested from us
  • where you have given your consent to be contacted by email, to provide you with information which we feel may interest you
  • to provide you with information about our work or our activities by post where we have a legitimate interest in sending it to you
  • for customer service or administrative purposes (for example, we may contact you regarding a donation you have made or an event you have registered for)
  • for internal record-keeping, including managing feedback or complaints
  • to target communications and messages to you and to identify similar groups of prospective customers
  • to track user visits to our website and record navigation across our website, and to track whether our emails are opened and read
  • to invite you to participate in surveys or research
  • to use IP addresses to identify your approximate location, to block disruptive use, to record website traffic or to personalise the way our information is presented to you
  • to analyse and improve the services we offer
  • where it is otherwise authorised by law, or where we have a legal obligation to process your information
  • for the purposes of credit risk reduction or fraud prevention

Inappropriate website content

If you post or send any content that we believe to be inappropriate, offensive or in breach of any laws, such as defamatory content, we may use your personal information to inform relevant third parties such as your internet provider or law enforcement agencies.

How we may contact you

By email

We will contact you by email if you have given us your email address and we are emailing you to provide the services you have requested, such as our newsletter.

We may in addition contact you by email on other topics that we feel may be of interest to you, if you have given us your consent to do so. This may include inviting you to attend our events or meetings, or requesting your support for our activities.

By text

We will not contact you by text unless you initiate the contact.

By post and telephone

If you have provided us with your postal address or telephone number, we may send you mail or telephone you about our work, unless you have told us that you would prefer not to receive such information. For example, we may want to post you an invitation to an event we think you may be interested in, or a copy of materials about our work.

You may not have given us your data yourself. If we have received your data from a third party, we will only contact you if you have given the third party clear consent to enable us to do so.

Business to business communications

If we are communicating to you on a ‘business to business’ basis we will contact you by post or email, unless you have let us know that you would prefer us not to do so.

How we will store and protect your data

We will either store your data on our own servers or in the cloud. Accordingly, we may on occasion need to use the services of a supplier outside the European Economic Area (EEA) for this purpose, We will ensure that your information is held in compliance with the EU’s General Data Protection Regulations, even if your data is stored outside of the EU or EEA.

We will take all reasonable steps to ensure that your data is kept secure, including encryption, network level protection, strong password policies and dual authentication.

Keeping your personal data

We keep your personal data for as long as required to operate the service we are providing to you or for archival purposes and in accordance with legal requirements and tax and accounting rules. If we have not heard from you or you have not engaged with us for a period of two years and we do not need to keep your personal data for archival, legal or business reasons, we will delete or suppress your personal information. Where your information is no longer required, we will ensure it is disposed of in a secure manner.

If you have told us that you do not want to hear from us at all or by a particular channel, we will hold the minimum amount of your personal data on a suppression list to ensure we comply with your request.

Sharing your data with third parties

We may share your data with our member Academy Networks, academies, suppliers or service providers to provide the products or services you’ve requested from us. For example, we may use a separate company to deliver goods to you. Other instances where we may share your data would be for payment processing, mailing houses, database services or website hosting.

Otherwise, if you have chosen to take part in an activity we are running jointly with a third-party organisation, you will be asked explicitly if your data can be shared with these third parties.

We may also share data with such online engines as Google and Facebook to help us to identify customers who are similar to our audience and serve up adverts to them. However, we will only do so if we are satisfied that your personal data is secure and will not be used for any other purpose. The personal data shared for these purposes is pseudonymised to protect it.

We may disclose your personal information to a third party if we are under a duty to disclose your personal data in order to comply with any legal obligation (for example to government bodies and law enforcement agencies), or in order to enforce or apply our rights (including in relation to our website or other applicable terms and conditions) or to protect the RA, for example in cases of suspected fraud or defamation.

Links

This policy applies to all data we collect, including our website. If a link on our website takes to you to the website of a third party, you should refer to the privacy policy relating to that website to understand how your personal information is managed by that third party or how they use cookies. We cannot accept any responsibility or liability for the privacy practices of such third-party websites and your use of such websites is at your own risk.

Changing or deleting the data we hold

Do you want us to stop contacting you?

It is your choice as to whether and how you want to receive information about us and our work, and the ways you can get involved. You have the right at any time to ask us to amend or stop using your personal information.

You may opt out of our emails at any time by clicking the ‘unsubscribe’ link in our emails. You can also change any of your preferences at any time (including telling us that you don’t want us to contact you by telephone or send you communications by post) by contacting us directly at communications@sapea.info. In that case, we will retain your details on a suppression list to ensure that we do not continue to contact you.

Do you want to change the details we hold for you?

The accuracy of your information is important to us. If you would like to change your preferences or update the details we hold about you, please contact communications@sapea.info.

Do you want to request a copy of the information we hold for you?

You have a right to request a copy of the personal information we hold about you and to have any inaccuracies corrected or your data erased. You also have a right to data portability.

If you would like to make a request for this data (a Subject Access Request), by law we require you to prove your identity with two pieces of approved identification for these purposes. Please address requests to Toby Wardman, Head of Communications, SAPEA, Rue d’Egmont 13, 1000 Brussels, Belgium or email communications@sapea.info. We will respond to you within 30 days. Please provide as much information as possible about the nature of your contact with us to help us locate your records. We reserve the right to charge a small fee for this process.

How to make a complaint

If you would like to make a complaint about any aspect of this policy, please contact Toby Wardman, Head of Communications, SAPEA, Rue d’Egmont 13, 1000 Brussels, Belgium or email communications@sapea.info.

If you live in an EU country, you also have the right to lodge a complaint with the supervisory authority responsible for all information matters in your country. To find out the appropriate authority in your country, please visit https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-are-data-protection-authorities-dpas_en.

Changes to this policy

We may update the terms of this policy at any time.

If you have given us your personal information, we will notify you about significant changes in the way we treat that information by sending a notice to the primary email address you have provided to us or by placing a prominent notice on our website. By continuing to engage with us, you will be deemed to have accepted such changes.

Subscribe to our newsletter