INFORMATION ON PERSONAL DATA PROCESSING
We hereby inform on the terms, conditions and rules applicable to the processing of personal data of Association’s Members who are natural persons and personal data of employees/associates of the Association’s Members or persons entitled to represent them.
1. Who is responsible for your personal data?(Controller)
The Controller of your personal data is the employers’ association operating under the name the Association of Business Service Leaders in Bosnia and Herzegovina, ID number: 420265922004 with its registered office in Maršala Tita 28 / 71000 Sarajevo / Bosnia & Herzegovina (“ABSL”).
2. How to contact ABSL?
If you have any questions regarding the processing of your personal data by ABSL, please contact us by e-mail at firstname.lastname@example.org.
3. What data do we process, for what purposes and on what legal basis?
In connection with the decision to admit new members, implementation of our goals and tasks resulting from the ABSL Statute, we process personal data of our Members who are natural persons, in the case of legal persons – data of persons representing them, as well as data of their employees and associates for the following purposes:
Taking action in connection with the decision to admit new Members
In this respect, we process data including first and last name, business e-mail address, business telephone number, data identifying the employing entity, position held; in the case of natural persons conducting business activity, we also process data identifying the entrepreneur, i.e. business address, NIP and REGON numbers (hereinafter jointly referred to as “Contact Data”).
Legal basis for natural persons conducting business activity and persons who, under the rules of representation, are authorized to act on behalf of Members – taking action at the request of the data subject prior to the conclusion of a contract (Article 6(1)(b) of GDPR). Legal basis for employees and associates of these entities -our legitimate interest (Article 6(1)(f)of the RODO)to enable us to admit new members.
Achieving statutory objectives and tasks
In this respect, we process the Contact Data, data on activities within the ABSL and within the sector, data provided by you on your professional interests and preferences, data on your employer, in case of natural persons conducting business activity – data provided by you on your activity, in the case of participation in events and meetings, potentially also your image, voice recording and statements:
We use personal data processed in order to fulfil our statutory obligations on the occasion of:
a) carrying out the statutory obligations of the ABSL as an employers’ organization;
b) promoting intra-industry cooperation between our Members and Partners;
c) contributing to the organization of events, joint projects and initiatives,
d) sending invitations to events and meetings,
e) admitting a given person to Chapters, Clubs, Communities, Corners and other thematic groups (hereinafter referred to as the “Community”) and managing the Community contact database;
f) providing information relevant to the community;
g) sending newsletters
h) directing questions to and collecting information from the Community,
i) communication on formal and administrative matters;
Legal basis for natural persons conducting business activity and persons who, under the rules of representation, are authorized to act on behalf of Members – necessity to perform the contract to which the data subject is a party (Article 6(1)(b) of GDPR).
In this respect, we process the Contact Details, which allows us to contact you when searching for partners and sponsors and developing new forms of cooperation based on additional agreements.
Your Contact Information may also be used to reach you with communications promoting products and services of our Members, Partners or Sponsors. Please note that the ABSL does not share your Contact Data with any other entities for marketing purposes, but you may receive marketing content about third parties as part of your ABSL activity or in content you receive directly from us.
Performance of legal, tax and accounting obligations
We process data in order to fulfil legal obligations arising from tax and accounting regulations, in particular with regard to proper documentation of transactions for the purposes of tax settlements, preparation of ABSL financial statements and to fulfil obligations arising from accounting regulations.
Legal basis. Fulfilment of obligations arising from legal regulations (Article 6(1)(c)of GDPR).
Asserting or defending against claims
For this purpose, we may process personal contact information, information on how to exercise the rights and obligations of the Member or how to perform the contract between us, if the claims are related to it, other information necessary to prove the existence of the claim, including the extent of damage suffered.
Legal basis. Our legitimate interest (Article 6(1)(f) of GDPR) to establish, assert and defend against claims in proceedings before courts and other state bodies.
Archiving and ensuring accountability
We process data for archival purposes and to ensure accountability, i.e. to prove our compliance with legal obligations. Legal basis. Our legitimate interest (Article 6(1)(f) of GDPR) to enable to prove our compliance with legal obligations.
4. Recipients and categories of recipients of personal data, including3rd country recipients
Your personal data may be shared with the following recipients:
a) entities cooperating with ABSL including our contractors, Partners and service providers;
b) an entity to which ABSL has entrusted activities related to the settlement of transactions related to the fees for the participation in conferences, events and webinars organized by ABSL,
c) an entity that provides hosting services for our data processed automatically and via e-mail,
d) an entity that develops an IT application for use at conferences and other events organized by ABSL,
d) an entity with which ABSL cooperates in the scope of accounting services or legal services,
e) our members and strategic partners.
If such an obligation results from mandatory legal regulations, ABSL may also provide your personal data to the third parties, in particular to the authorized governmental authorities.
In the event that your personal data are transferred to the third countries, i.e. to the recipients located outside the European Economic Area or Switzerland, ABSL will transfer your personal data using measures that are consistent with applicable law, including, but not limited to, (1) EU Standard Contractual Clauses, (2) third-party certification of compliance with the Privacy Shield (in the event it is located in the United States), (3) where the data transfer occurs to a third country for which the European Commission issued the adequacy decision. More information about the existing security measures implemented by ABSL to ensure the processing of personal data in accordance with the relevant regulations and about the possibilities of obtaining a copy of data or about the place where the data are made available can be obtained by contacting us in the manner indicated in section 2 above.
5. What are your rights with regard to personal data?
6. How do we obtain your personal data
When contacting us in the course of your business activities, you provide your data on a voluntary basis and failure to provide your data may result in the inability to admit your company as a member to ABSL or the inability to exercise the rights you may have as a member of ABSL (or a person representing a member company).
When contacting us in the course of your activity within ABSL, you provide your data on a voluntary basis and failure to provide your data may result in the inability to benefit from our support and vide range of networking and business opportunities. We may also obtain your Contact Data from your employer or the entity with which you cooperate on the basis of a civil law contract, as well as from publicly available sources (website). We may also obtain your personal data, including the categories of data contained in public registers (in the Register of Business Operators of the National Court Register and in CEIDG), from those public sources.
7. How long do we retain your personal information? (Data retention period)
ABSL makes every effort to process your personal data in an adequate manner and for as long as it is necessary for the purposes for which they were collected. In this context, ABSL will retain your personal data for no longer than it is necessary for the purpose for which the data were collected, i.e. throughout the period of your company being our member, you being employed or otherwise associated with our member and, if relevant, for the applicable limitation period for claims; or, where necessary, for the purpose of compliance with the applicable law, in particular tax law. Additionally, we stop processing your data once you exercise the right to object to the processing of your personal data in the event we process such data in the performance of a legitimate interest and your claim is found justified under GDPR rules.
8. Automated decision-making
ABSL does not make automated decisions, including profiling, based on personal data provided by you.