Privacy Policy

WHO WE ARE

The Rare Earth Industry Association (REIA), an international non-profit organization having its statutory seat at EIT House, Rue Guimard 7, 1040 Brussels (Belgium) and registered with the Crossroads Bank of Enterprises under number BE0734.657.016 (hereafter referred to as we or REIA) fully commits to protecting your privacy and personal data. As data controller, we treat your personal data as confidential information and process your personal data in accordance with the General Data Protection Regulation (hereafter referred to as the GDPR) and any other applicable law relating to privacy and data protection.

 

By “processing” we mean any operation or set of operations which is performed on “personal data” i.e., information by virtue of which you as a natural person (data subject) can be directly or indirectly identified. Such processing covers the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of personal data. Other terms used in this Privacy Policy must be interpreted in accordance with the GDPR.


This privacy policy (hereafter referred to as the Privacy Policy) is intended to inform you of what personal data we process, for what purposes we process your personal data, with whom we share your personal data and what rights you have in this regard.
This Privacy Policy applies to our members, website visitors and all other customers of our services.

It does not apply to third-party websites, applications, or services.


Our website address is http://global-reia.org.

WHAT PERSONAL DATA WE PROCESS AND WHY

We process personal data about our members, website visitors and other customers.


The personal data we process covers the personal data you enter yourself through our website as well as the personal data we obtain through your use of our website, and through your use of our products and services (for example, when you purchase tickets for one of our events). On the other hand, this Privacy Policy also covers the personal data you submit to us through your registration as a (contact person or employee of a) member and membership profile.


In particular, we process the following (categories of) personal data:

  • identification data: name, surname, log-in, professional address, billing or shipping address, (professional) phone number, country of origin;
  • electronic identification data: (professional) email address, IP-address, device location, browser type and history, device operating system;
  • professional data of the employer: employer name, job title within the organisation, experience in the industry;
  • payment data: credit or debit card number, card expiration data, card verification code; and
  • Photos or videos.

We process the above personal data for the following purposes:

  • To communicate with you

If you correspond with us by email, postal mail, or other form of communication, we may retain such correspondence and the information contained in it and use it to respond to your inquiry; to notify you of our conferences, publications, or other services; or to keep a record of your complaint, accommodation request, etc. Users may opt-out of receiving certain communications by following the unsubscribe process described in an email communication, or by contacting our office directly.

 

If you leave a comment, the comment and its metadata are retained so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

 

  • To administer your membership

When you become a member, we collect information about you including (but not limited to) your name, your employer’s name, your work address, and your email address. We may also collect your personal email address, a personal mailing address, and a mobile phone number. Members may voluntarily provide additional information in their membership profile, such as information about their educational background, number of years in the industry, and the like. Members may edit their profile at any time to change, add, or remove personal information.

 

  • To inform you of our events, content and other benefits or opportunities associated with membership (marketing and publications)

We host events throughout the year, including our annual conference, webinars, and trainings. If you are a member and register for one of our events, we will access the information in your member account to provide you with information and services associated with the event. If you are not a member and you register for one of our events, we will collect your name and contact information, which we will store in our database and use to provide you with information and services associated with the event. If you are a presenter at one of our events, we will collect information about you including your name, employer, contact information, and photograph. We may also collect information provided by event attendees who evaluated your performance as a presenter. As an attendee, speaker, or sponsor/exhibitor, we will keep a record of your participation to provide you with post-event information including details on upcoming events you may be interested in.


We reserve the right to use any photograph/video taken at our events, without the express written permission of those included within the photograph/video. We may use the photograph/video in publications or other media material produced, used, or contracted including but not limited to brochures, invitations, books, newspapers, magazines, television, websites, etc. To ensure the privacy of individuals, photographs will not be identified using full names or personally identifying information without written approval from the photographed subject.


In addition to producing original content, we also subscribe to news feeds and blogs produced by others, which we often link to from our website. This means you may find yourself on our website or reading an email where we will offer you a link to another organisation’s website for additional relevant content. At these times, you will be leaving our website. We are not responsible or liable for content provided by these third-party websites or personal information they may happen to gather from you.


You may wish to subscribe to some of our publications without becoming a member. To receive our mailings/newsletters by email, you will need to create a profile with us, which involves providing us with at least your first name and last name and an email address. We do not share this information with any third party other than to store the information in our database. You may manage your subscriptions by subscribing or unsubscribing at any time. If you have any difficulties managing your email or other communication preferences, please contact us at info@global-reia.org

 

  • To provide our services or goods

We process your data to provide you with the goods or services you have requested or purchased from us, including membership services, events, publications and other content, certification, and training. We may collect and store information related to purchases if you choose to purchase goods and services from us. You may provide certain information to complete payments, including your credit or debit card number, card expiration date, CVV code, and billing address, along with your name and billing, and shipping address, to complete payment transactions. Per PCI compliance, we do not accept credit-card information via email. Credit card information received via fax, phone, or mail is entered into a secure system and then deleted and destroyed.

 

  • To better tailor our products and services to your needs

We may also use your personal information to help us understand our members’ needs and interests to better tailor our products and services to meet your needs.

 

  • To enhance your website experience and for analytics

Our website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system, and other usage information about the use of our website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyse trends, track visitor movements, and gather broad demographic information to assist us in identifying visitor preferences. Our website also uses cookies and web beacons. It does not track users when they cross to third-party websites or provide targeted advertising to them, and therefore does not respond to Do Not Track (DNT) signals.


Visitor comments may be checked through an automated spam detection service.


When visitors leave comments on the site, we collect the data shown in the comments form, and the visitor’s IP address and browser user agent string to help spam detection.


An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

ON WHAT BASIS WE PROCESS YOUR DATA

We process your personal data on the following legal bases, respectively corresponding to the purposes listed below:

 

  • your consent: in many cases, your personal data is processed by us on the basis of your consent. For example, we may request your consent to process your personal data in order to provide you with marketing information or use cookies for analytics;
  • performance of a contract: your personal data may be processed by us to establish, perform and/or terminate an agreement (e.g., for the provision of our services, membership management, invoicing, and communication);
  • our legitimate interests: we may also process your personal data because we have a legitimate business interest in doing so. This is the case, for example, when processing your personal data to communicate with you, to improve the quality of our services and manage complaints, feedback, and queries, to conduct analysis or to provide you with marketing information (including direct marketing) for similar services; and
  • our legal obligations: in some cases, it may be necessary to process your personal data because applicable laws or regulations require or permit it, such as industry regulatory disclosure requirements. For example, personal data may be processed upon request of a competent authority in the context of a sanctions screening or a criminal investigation.

WHO WE SHARE YOUR DATA WITH

Categories of recipients

We consider your personal data to be private and confidential. We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of our services, if this is necessary for the realisation of one of the purposes mentioned above. The recipients of your personal data may be:

 

  • our organisation;
  • service providers (external IT company; payment processors);
  • regulatory authorities;
  • other members: Members are allowed to share their information through our Member Directory to other members using this site. Members are invited to opt-in to have their information shared in the Member Directory. Member information will only be shared in the Member Directory if the member has opted-in to sharing such information.

As a data controller, in cases where recipients act as processors, we remain responsible for your personal data and continue to manage the personal data. We always enter into proper agreements with these third parties processing data on our behalf to ensure the privacy of our members or customers and the protection of their personal data.

International data transfers

From time to time, we may need to transfer your personal data to recipients located in third countries, including countries that do not provide adequate protection of personal data.

 

If personal data is transferred to a third country that does not provide adequate protection of personal data, we will ensure that either:

 

  • such transfer can be based on an appropriate legal basis (e.g. your explicit consent or the necessity for the performance of a contract); or
  • appropriate safeguards are provided to protect your personal data to standards equivalent to those set out in this Privacy Policy.

In any case, we remain responsible for the processing of your personal data and will take the necessary measures to protect its processing (e.g. through standard contractual clauses). The measures taken can be consulted by contacting us by e-mail or regular mail using the contact details below.

Embedded content from other websites

Articles on this site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor had visited the other website.


These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.


Our website uses interfaces with social media sites such as Facebook, LinkedIn, Twitter, and others. If you choose to “like” or share information from our website through these services, you should review the privacy policy of that service. If you are a member of a social media site, the interfaces may allow the social media site to connect your site visit to your personal data.

HOW LONG WE RETAIN YOUR DATA

Your personal data will not be kept longer than necessary to fulfil the purposes for which they are processed, unless minimum or maximum retention periods for certain personal data are established by or under applicable laws or regulations.

The retention period for your personal data will be determined according to the following criteria:

  • your (contractual) relationship with us, if any;
  •  any statutory retention period(s);
  • the civil and criminal limitation periods; and
  • the processing purposes, as mentioned in the below table.

Your personal data will be subsequently deleted from our systems.

 

 

Purpose of processing

Retention period

Communication

One (1) year after the end of the communication

Administration of membership

Five (5) years after the end of the membership

Marketing and publications

One (1) year after the end of the membership or registration for an event

Provision of services and goods

Five (5) years after the end of the membership, registration or purchase of services or goods

Tailoring of products and services

One (1) year after the end of the membership

Enhance website experience and analytics

One (1) year after the visit of the website  

 

WHAT MEASURES WE TAKE TO ENSURE THE SECURITY AND CONFIDENTIALITY OF YOUR PERSONAL DATA

We make every effort to ensure the security of your personal data through appropriate technical and organisational measures to prevent or take action against unauthorised and unlawful processing or disclosure, as well as accidental loss, alteration or destruction of personal data.


In this regard, we take – among others – the following measures:

  • prior to the introduction of new data processing methods, in particular new IT systems, technical and organisational measures for the protection of personal data are defined and implemented based on the state of the art, the risks of processing and the need to protect personal data;
  • these technical and organisational measures are regularly adapted to technological developments and organisational changes;
  • we ensure that our employees, including hired or temporary staff and any third parties directly or indirectly involved in the processing of personal data, comply with the security measures that are in place;
  • logical access controls are implemented and maintained for the duration of the processing, which are based on the need-to-know principle for a given specific data processing operation. Based on the logging of the transactions, periodic checks are made on whether the logical access is authorised; and
  • specific technical measures such as encryption of your personal data are implemented.

In the event of a personal data breach, we will take the necessary steps to comply with the GDPR, including by informing the supervisory authority if necessary and notifying you as a data subject if the data breach is likely to result in a high risk to your rights and freedoms.

WHAT COOKIES WE USE

It is possible to use our website without sharing any personal data with us. However, access to certain parts or functions of our website may be restricted to members with an account.


Upon public access of our website, a limited amount of data may be collected about your web surfing profile through the use of cookies. For more info on the use of cookies, please refer to our separate cookie policy.

WHAT RIGHTS YOU HAVE OVER YOUR DATA AND HOW YOU CAN EXERCISE THEM

Under the GDPR, you have certain rights regarding the protection of your personal data.


As a data subject, you can assert the following rights:

 

  • right of access: you have the right to obtain confirmation as to whether or not your personal data are being processed and, if so, to access your personal data and information about its processing. You can also obtain a copy of these personal data, which we will provide you on paper or digitally;
  • right to rectification: you have the possibility to have inaccurate personal data corrected, to complete your personal data and to inform the recipients to whom the personal data has been provided of the rectification. In any event, you are requested to inform our customer service in due time of any changes to your personal data. A lot of data can be changed yourself through your member account;
  • right to erasure (“right to be forgotten”): if the personal data are no longer necessary in light of the purposes of this Privacy Policy, are processed unlawfully or when required by law, you have the right to have your personal data erased. If your personal data have been disclosed, we will take reasonable steps to notify the controllers and recipients of the personal data of your request to erasure;
  • right to object: you may object to the processing of personal data on certain grounds, and you always have the right to object to processing for direct marketing purposes. Please note that you do not have the right to object to the processing of your personal data if such personal data are necessary for the performance of the contract;
  • right to restriction of processing: if you contest the accuracy of the personal data, the personal data are processed unlawfully but, instead of erasure of the data, you request restriction of the processing, or if we no longer need your personal data for our purposes but you still need them for the establishment, exercise or substantiation of a legal claim, you have the right to obtain the restriction of the processing of your personal data. This means that the personal data may only be stored and processed by us and only for limited purposes;
  • right to data portability: where we process your personal data pursuant to your consent or a contract and the processing is carried out through automated processes, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and/or to have that data sent to another controller;
  • right to withdraw consent: if you have consented to the processing of your personal data, you have the right to withdraw this consent at any time, without prejudice to the lawfulness of the processing prior to the withdrawal of your consent;
  • automated individual decision-making, including profiling: in the case of automated individual decision-making, you have the right to obtain human intervention, express your opinion, obtain an explanation of the automated decision and challenge it; and
  • right to lodge a complaint: if at any time you believe that we are violating your privacy, you have the right to file a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit) through the following contact details:

Gegevensbeschermingsautoriteit (GBA)
Drukpersstraat 35, 1000 Brussel
+32 2 274 48 00
contact@apd-gba.be
www.gegevensbeschermingsautoriteit.be

 

To exercise your rights, you may contact us by regular mail, phone or email using the contact details below. To exercise these rights, we will need to verify your identity. We will process your request within one month, unless we are forced to extend the deadline (to a maximum of a further two months) given the complexity of the request and of the number of requests we receive. In any event, we will notify you of such an extension within one month of receiving the request.

CONTACT

If you have any questions or concerns about this Privacy Policy or the way in which we process your personal data, please contact us through the following contact details:

 

  • By regular mail:

Rare Earth Industry Association (REIA)
To the attention of Dr. Badrinath Veluri
EIT House, Rue Guimard 7
1040 Brussels (Belgium)

 

CHANGES TO THE PRIVACY POLICY

This Privacy Policy will be communicated to you when you register as a member or purchase our goods or services and will also be made available on our website.


As our organisation, membership, and benefits change from time to time, this Privacy Policy is expected to change as well. We reserve the right to amend the privacy policy at any time, for any reason, without notice to you, other than the posting of the amended version on our website. Nevertheless, we encourage you to regularly review our Privacy Policy.

Scroll to Top