The Kurdish Institute attaches great importance to the protection of your personal data (and that your privacy is respected).
In this privacy statement we want to provide clear and transparent information about how we handle personal data. We make every effort to ensure your privacy and therefore handle personal data carefully.
The Kurdish Institute always complies with applicable laws and regulations, including the General Data Protection Regulation (EU 2016/679 Regulation).
This implies that we at least make sure that we:
- Process your personal data in accordance with the purpose for which they were provided, these goals and type of personal data are described in this privacy statement;
- The Processing of your personal data is limited to only those data that are minimally required for the purposes for which they are processed;
- Ask for your expressed consent if we need it for the processing of your personal data;
- Have taken appropriate technical and organizational measures to ensure the security of your personal data;
- Will not transmit personal data to other parties, unless this is necessary for carrying out the purposes for which they were provided;
- Are aware of your rights regarding your personal data, to point this out to you and to respect them.
As the Kurdish Institute, we are responsible for the processing of your personal data. If, after reading our privacy statement, or in a more general sense, you have questions about this or wish to contact us, please contact us using the following contact details:
Koerdisch Instituut vzw
Bonneelstraat 16 1210 Sint-Joost-ten-Node
Tel: +32 (0)2 230 34 02
To whom is this privacy statement aimed at?
This privacy statement applies to people who show or have shown an interest in our activities or theme that we work for, as well as participants in our activities.
What for do we process which personal data?
Your personal data will be processed by the Kurdisch Instituut for the following purposes and legal grounds:
- Sending information about our activities, newsletters and invitations (justified interest);
- To be able to participate in the activities of the Kurdish Institute.
Insofar as the processing of personal data takes place on the basis of permission, you always have the right to withdraw the consent given.
For the above purposes we can request and/or process the following personal data:
- Personal identity details: name, first name, e-mail;
- Visual Material (photos, videos, recordings, …).
We only collect personal data that you provide to us in various ways (including registration forms, fill-in and contact forms on our website, personal/ telephone/e-mail contact, …). We do not collect personal data via third parties, with the exception of the information received from the affiliated associations/clubs or federations.
We use the collected data only for the purposes for which we obtained the data.
Whether or not you provide data yourself
The information provided must, if applicable, be provided in order to participate in activities of the Kurdish Institute or to be kept informed of current events. With the exception of:
- Visual material (for public relations);
- Contact details (for direct marketing);
The consequence of not providing the data is not publishing specific photos of you, and not receiving unsolicited commercial mails.
Provisioning of personal data to third parties – processors
We may provide the data that you provide to us to third parties if this is necessary for the execution of the purposes described above.
For example, we use a third party (external service provider) for:
- Saving and processing data in the Cloud (through a Cloud Service Provider);
- Taking care of the internet environment (web hosting, mail hosting, ..);
- Providing IT infrastructure (including IT network, servers, …);
We never pass on personal data to external service providers (processors) with whom we have not entered into a processor agreement (or the same provisions have been included in the contract conditions).
We naturally make the necessary arrangements with external service providers (processors) to ensure the security of your personal data.
Provision to third parties – receivers
We do not share personal data with external parties
We will not pass on the information you provide to other third parties unless this is legally required and permitted. An example of this is that the police will request (personal) data from us in the context of an investigation. In such a case, we must cooperate and are therefore obliged to provide this information.
At no time will we sell or rent your personal data to third parties. We never pass on your contact details to third parties for commercial purposes.
We may share personal data with other third parties if you give us permission (in writing) for this. You have the right to revoke this permission at any time, without this affecting the lawfulness of the processing for the cancellation thereof.
We do not provide personal data to parties which are located outside the European Economic Area.
The Kurdish Institute does not store personal data longer than necessary to realize the purpose for which they were provided, taking into account the period that is necessary to comply with the legal requirements (in the area of accounting, among other things). However, retention periods may differ for each purpose.
The Kurdish Institute undertakes not to keep the data for longer than a maximum of 5 years after the last use (or termination of the cooperation).
Security of the data
We have taken appropriate technical and organizational measures to protect your personal data against unauthorized access, use, loss, infringements, unlawful processing or disclosure.
For example, we have taken the following measures:
- All persons who are able to access your data on behalf of the Kurdish Institute are obliged to maintain their confidentiality;
- We use a username and password policy on all our systems;
- We use a virus scanner and update it systematically in a timely fashion, and installed a ‘Firewall’;
- We systematically back up the personal data in order to be able to restore it after physical or technical incidents;
- We test and evaluate our measures at regular intervals, and adjust if necessary;
- Our employees are informed (and educated) about the importance of protecting
personal data. They follow a number of clear guidelines for this and are trained by moderate basic training and awareness of their responsibilities;
- These employees will be given access to your data insofar as they need to perform their tasks properly;
- For new projects that may have an impact on your privacy, an extensive analysis to ensure your rights, the security and protection of your personal data will be executed.
Should an incident occur where your data is involved, you will be personally informed in the circumstances provided for by law.
Your rights regarding your data
You have the right of access and copy of the personal data relating to you.
You are entitled to improvement and supplementation if your information is incorrect or incomplete.
You have the right to data change (and deletion) of the personal data we have received from you and which are no longer strictly necessary for the purposes for which they were processed. We reserve the right to determine whether your request is justified.
You have the right to limit data processing: if you object to the processing of certain data, you may request to stop this processing.
You can also file an objection against the way in which certain personal data are processed. You have the right to oppose the use of your personal data for direct marketing purposes (via unsubscribe options in e-mails).
You also have the right to have the information provided by you transferred by us to yourself or by order of you directly to another party.
Through the address at the top of this privacy statement you can contact us to exercise your rights, accompanied by a motivation for your question.
We can ask you to identify you before we can comply with the aforementioned requests. (To prevent misuse, we can ask you to adequately identify you). To check your identity, we ask you to add a copy of the front of your identity card to your application. We strongly advise you to make your passport photo invisible and to mention that it is a copy.
No category of persons is subjected to any form of automated decision-making or profiling.
If you have a complaint about the processing of your personal data or about the exercise of your rights, we ask you to contact us directly.
You always have the right to file a complaint with the supervisory authority in the field of privacy protection:
Drukpersstraat 35, 1000 Brussel
Changes to our privacy statement
The Kurdish Institute can always adjust its privacy statement. We will make an announcement of this change on our website. The last change was made on May 29, 2018.