USE of your information:
ETC receives and stores information you enter on our website (and on websites of our services, such as etc-corporate.org, visiteurope.com, etc-dashboard.org, ecty2018.org, etc.), or give us by phone, email, in person, or in any other way. We collect and record in our database your contact details whenever you request information, subscribe to our newsletters, purchase ETC specific products and services, participate in our contests, or use any other services we provide. To take advantage of these services, it is necessary for you to disclose personal information, as defined in EU Regulation 2016/679 General Data Protection Regulation (GDPR), including but not limited to one or more of the following identifying information: full name, email address, date of birth, job title, company name, company address, telephone number, and credit card details. We also store your CV when you apply for a job at ETC.
We use this data for:
-Keeping you posted on the latest events regarding our organization and the air transport industry via our publications, events and meetings;
-Improving security by protecting against fraud and abuses;
-Improving our answers to our members and audience needs and expectations.
We use the information you provide to respond to your requests, communicate with you, provide information about our organization and the air transport industry, and customize and improve our services. To purchase specific publications through one of our collaborators and partners (as the
If you are an active part of a committee, taskforce or any other working group within our organisation, we might need to collect your personal data in order to facilitate the organisation and logistics of meetings of the group. This information is used exclusively for this purpose and is stored on our secured drives. You may request the deletion of such data at any point by sending us an email to [email protected] or contacting us through our contact form on etc-corporate.org, or notifying the Staff working at ETC, with whom you are in regular contact.
Whenever users visit the ETC websites, information is collected anonymously and used to report on the traffic and other general statistics of website usage, without identifying individual visitors. ETC uses this information to make its website easier to find on the Internet and to improve it by learning which pages and features are interesting to our visitors. We treat this information as non-personal information and do not attempt to connect it to personally identifiable information, except as otherwise required by law. If you are based in the European Union you have the right to make a complaint at any time to your local supervisory authority for data protection issues. The information about the supervisory authority can be found below: The Belgian Data Protection Authority at [email protected] We would, however, appreciate the chance to deal with your concerns before you approach your local supervisory authority, so please contact us first.
Information from Others: We might receive information about you from third parties whom you authorize to interact with us. That information might include your name and possibly other information used by that third party to identify you.
Sharing Your Information
We may share your information with our full members and associate members but will notify you beforehand and ask for your express consent. When using your data, these organisations have expressly declared to act in full compliance with the General Data Protection Regulation.
Third-Party Service Providers: We may share personally identifiable information with third parties only as described in this section.
ETC employs other companies and persons to perform certain business functions on its behalf, including but not limited to website development and maintenance, marketing, preparation of events, accounting and payment processing. These third parties have access to the information we collect, needed to perform their functions, but they may not use it for any other purposes. They are obliged to provide us with a certification of compliance with the General Data Protection Regulation requirements.
Survey Data: ETC may conduct industry and customer surveys. Your personal information is not stored in relation to your survey response, unless you specifically opt to provide your contact information within the survey. Your responses to the survey are reported on only in aggregate and will not be linked to any personal information, with the exception of IP address, which is stored automatically upon receipt of a new submission. Your participation in our surveys is voluntary.
Communications: ETC issues different types of communications on a regular and ad hoc basis, regarding the latest developments, trends & innovations in the tourism sector, and the broader tourism and travel industry. Provided you have subscribed, or in any other way expressed your consent to receive these messages, your personal contact details will be used by us to share the news & know-how with you.
At any point in time you can unsubscribe from our communications by clicking on the “Unsubscribe” button placed at the bottom of our emails, or by sending an email to [email protected]com.
Events: The organisation of ETC of ETC Joint or Partner Conferences is carried out in cooperation with sub-contractor companies. Invitations as well as promotional content regarding these events may be sent on behalf of ETC by these companies, duly authorised to do so by the terms of cooperation. Your contact details may be collected by these companies if you choose to attend one of the events, and stored in order to inform you about future editions of that particular conference.
All sub-contractors will ensure full compliance with General Data Protection Regulation and will submit a certificate of compliance with its requirements to ETC.
At any point in time you can unsubscribe from notifications regarding our Events by clicking on the “Unsubscribe” button placed at the bottom of these emails, or by sending an email to [email protected]com.
To view the list of ETC Events and Conferences, click here.
Website: As mentioned before, the data we collect about users when they browse through our website is used to analyse the traffic and usage of the website. This aggregate data is later used to assess and improve our website and is stored in a way that ensures full anonymity.
In case you choose to submit your personal data to be published on the public parts of our website (e.g. full members list, associate members list, organisation, partners), please note that ETC cannot take responsibility for its potential misuse.
Cookies: A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Most browsers automatically accept all cookies by default. You should be able to adjust your browser’s settings to reject new cookies, prompt you before accepting a cookie, or disable cookies. Check your browser’s help section for instructions on how to do this.
Inspectlet is fully compliant under GDPR and maintains this Privacy Impact Assessment documenting our data collection, processing, storage, and security policies. We employ industry standard data security policies to keep all customer data safe and treat the protection of user privacy and data with the care it deserves.
Data collection and retention
As a data processor, Inspectlet collects and stores the following data in its data centers on behalf of users using the service:
- Current URL
- Time zone
- Browser type and version
- Device type and version
- Operating system type and version
- Referrer URL
- Screen size
- User last seen date
- Mouse activity including pixel coordinates for mouse movements and clicks and keyboard activity typed into non-sensitive input fields.
- HTML content that isn’t marked as sensitive content
As a data controller, we also collect the following data on users registered to use our service:
- Email Address
- Name (optional)
- Time zone
The following cookies are created and stored on the client side in a visitor’s browser to aid data collection:
- __insp_sid – session cookie, deleted when visit is over
- __insp_ref – session cookie, deleted when visit is over
- __insp_scpt – session cookie, deleted when visit is over
- __insp_nv – session cookie, deleted when visit is over
- __insp_wid – session cookie, deleted when visit is over
- __insp_identity – session cookie, deleted when visit is over
- __insp_uid – long-term cookie that contains random ID assigned to visitor
All data collected is stored in the AWS US East data centers in Virginia. All customer data is stored for 1-24 months depending on the customer’s subscription plan’s retention policy (see retention policy per plan here). Data is permanently deleted from our data centers on a rolling basis when it becomes older than the retention policy for that data.
Any data collected from the webpage that is marked as sensitive is ignored by Inspectlet, therefore data entered by the user is not transmitted to our servers. You can mark both input fields (like the credit card textarea on a checkout form) and HTML content (like a tax report in a DIV or TABLE) on your page as sensitive.
Any end-user can opt-out of data collection by Inspectlet by visiting our Opt out page.
Technical and security measures
All data is encrypted during transmission and collected data is stored encrypted at rest using AES encryption. If the Customer has enabled IP address anonymization, the last two octets of the IP address will be removed and not be available to the user nor Inspectlet. Backups of data collected are made routinely and tested occasionally to verify restore procedure functionality. All data is physically stored only in AWS data centers meeting ISO 27001 compliance.
Our Security Practices
We use commercially reasonable security measures to protect our databases and information under our control against loss, misuse, destruction, unauthorized access, alteration, or inadvertent disclosure of data. We use secure sockets layer software to encrypt the information that you submit during any transaction performed online. Our customers’ financial information is kept in a secure storage facility and only accessible by authorized employees and third-party service providers who need to access the information to perform their duties.
ETC is committed to using secure data networks and data storage and management systems with IT Solution Providers fully compliant with the regulations set forth by the GDPR.
You can always choose not to give us your personally identifiable information, although this information is required if you want to take advantage of some of our services, such as subscribing to our newsletters or joining the ETC.
You may opt-out of receiving emails or other communications from us and our partners and sub-contractors at any time by clicking on the “Unsubscribe” button at the bottom of a given message or by contacting us at [email protected] or filling out this contact form.
If you request that your personally identifiable information be removed from our database, please understand that it may be impossible to remove this information completely due to backups and records of deletions. Furthermore, we will not be able to remove any personal information that we are required to retain by law (for instance, tax purposes, notices, etc.).
If you wish to remove your personally identifiable information from our database, please send an email to [email protected] with the phrase “Remove from Database” in the subject line. You will be removed from our databases usually within 14 business days of our receipt of your request, except where we are required to maintain the personal information by law. You may also request to review or amend any personally identifiable information that we maintain about you by sending a written request to us. We may take reasonable steps to confirm your identity before fulfilling any of these requests.
Applicable Law and Choice of Forum
By visiting our website, you agree that any dispute relating to or arising out of this Privacy shall be resolved exclusively under the Belgian Law.
This document was last updated on 24 May 2018.
You may also write to us at:
European Travel Commission AISBL
Rue du Marche aux Herbes 61
1000 Brussels, Belgium