Data Privacy Statement

It is important to protect your privacy when you are using our online services. We have therefore taken the necessary technical and organizational measures to ensure full compliance with the legal regulations on data protection. This privacy statement explains how ISLA International Service Logistics Association e.V. handles the personally identifiable data of people who use our website:

A. Responsible entities

1. Name and address of the entity responsible for processing:
The responsible entity under the terms of the EU General Data Protection Regulation (GDPR) is:
ISLA International Service Logistics Association e.V.
Rosenheimer Platz 4
81699 München, Germany
Phone: +49 (0)89 749826-960
Fax: +49 (0)89 749826-969
E-mail: isla@servicelogistics.info

B. General

1. Scope of processing of personally identifiable data
The use of our website is generally possible without prior registration and without providing personally identifiable data. We only collect and use personally identifiable data of our users where this is necessary in order to provide a functioning website and give you access to our content and services. If this is not the case, personally identifiable is only regularly used with the consent of the user. The only exception is in cases in which it is not possible to obtain prior consent for factual reasons and the processing of data is permitted by legal regulations.

2. Legal basis for processing
Where we obtain consent from the persons concerned for processing procedures relating to personally identifiable data, the legal basis for this is provided by Article 6 (1a) of the EU General Data Protection Regulation (GDPR).
When we process personally identifiable data required for the fulfilment of a contract where the affected person is a party to the contract, the legal basis for this is provided by Article 6 (1b) GDPR. This also applies to processing procedures necessary to implement pre-contractual measures.
Where processing of personally identifiable data is necessary to meet a legal obligation to which we are subject, the legal basis for this is provided by Article 6 (1c) GDPR.
In the event that vital interests of the concerned person or another natural person render it necessary to process personally identifiable data, the legal basis for this is provided by Article (1d) GDPR.
If processing is necessary to protect a legitimate interest of our association or of a third party, and if the interests, basic rights and basic freedoms of the concerned person do not outweigh the first-named interest, the legal basis for processing is provided by Article 6 (1f) GDPR. The legitimate interest of our association consists in the performance of our business activities.

3. Routine deletion and blocking of personally identifiable data
We only process and store personally identifiable data of the concerned person for as long as this is required to achieve the purpose of storage. Storage beyond this point is only possible if this has been provided for by the European or national legislator in legal regulations of the Union, acts or other provisions to which the entity responsible for processing is subject. As soon as the purpose of storage no longer exists or expires due to the storage period stipulated by the aforementioned regulations, the personally identifiable are routinely blocked or deleted.

4. The security of your data
We take all appropriate technical and organizational measures to ensure the protection of your data, but want to point out that transmitting data via the Internet (e.g. communication via email) is generally unprotected, with the result that data may be accessed or falsified by third parties.

C. Utilization data

1. Logfiles
Every time you call up the website, we or the page provider collect data and information via an automated system. These data and this information are stored in the logfiles of the server.
The following data may be collected during this process:

• Information on the browser type and version used
• The user’s operating system
• The user’s Internet service provider
• The user’s IP address
• Date and time of access
• Websites from which the system of the user was forwarded to our website (referrer)
• Websites that are called up by the system of the user via our website

The processing of data enables us to serve the content of our website, to ensure the proper functioning of our IT systems and to optimize our website. The data in the logfiles are always stored separately from other personally identifiable data of users.

2. Cookies
So-called “cookies” are used on a few of our pages. Cookies are small text files that are stored in the cache of your Internet browser for the duration of your browser session (so-called “session cookies”) or on your hard disk for a specified period of time (so-called “permanent cookies”). We use session cookies only. They enable us to identify registered users and allow access to the members-only content areas. These cookies are essential to the website’s functionality. You can set your browser so that the storage of cookies is only accepted with your consent. If you deactivate cookies, however, some features of our Internet pages may not be available.

D. Your personal data (inventory data)

1. What are “personally identifiable data?”
Personally identifiable data constitute information on your person that permits conclusions as to your identity or that are indirectly or directly related to your person, such as your name, your address or your telephone number. Information that does not permit conclusions as to a specific or identifiable person do not constitute personally identifiable data.

2. Your registration with ISLA
We do offer online registration to ISLA using an online input mask that collects personally identifiable data which will be transmitted to ISLA digitally via an automated process, namely contact and newsletter subscription forms. In addition, there are also PDF forms available that are supposed to be completed offline and returned via letter mail, fax or from an email account. All transferred data are stored solely for the purpose of internal use at ISLA. The data are not passed on to third parties. The only exception is when there is a legal obligation to pass on these data.
Registered persons can have the stored data deleted or changed at any time. The concerned person can receive information on the personally identifiable stored about him or her at any time. Registration is performed on the basis of our legitimate interests.
During the registration process, we request certain details from you such as name, job title, phone numbers, e-mail address and business address. The data you provide are stored by us and are used solely for the purpose of providing you with the requested services and therefore fulfilling our contracts with you – e.g. reduced fees for events such as Focus Days and the annual Service Leaders Summit as well as admittance to members-only meetings (Service Leaders Circles and the biennial General Meeting of Members).

3. Options for making contact
There is a online contact form offered to make direct contact by electronic means, but you can also contact us by clicking specified e-mail links and send a message using your personal e-mail application. The personally identifiable data transmitted can be stored by ISLA. This storage is solely for the purpose of handling the inquiry and/or getting in touch to you if desired. These data are not passed on to third parties. The data are used on the basis of our legitimate interests (Article 6 (1f) GDPR). We have an interest in providing a fast contact route for our visitors and in responding promptly to their inquiries.

4. Your rights as the affected person (“data subject”)
You have the right:

• to demand information pursuant to Article 15 GDPR about your personally identifiable data that we process. In particular, you can demand information on the processing purposes, the category of personally identifiable data, the categories of recipients to whom your data were disclosed, the planned storage duration, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right of complaint, the origin of your data where they were not collected on our website, and the existence of a system for automatic decision-making including profiling pursuant to Article 22 (1) and (4) GDPR as well as any robust information on the details of such a system. You have the right to demand information concerning whether the personally identifiable data that relate to you are transmitted to a third country or an international organization. In this connection, you can demand to be informed of the suitable guarantees pursuant to Article 46 GDPR in connection with such transmission.
• to demand correction without delay of incorrect or the completion of personally identifiable data stored by us pursuant to Article 16 GDPR.
• to demand the deletion of your personally identifiable data stored by us pursuant to Article 17 GDPR, as long as this processing is not necessary to exercise the right to freedom of expression and information, to meet a legal obligation, for reasons of public interest or to assert, exercise or defend against legal claims or for archiving purposes, scientific or historical research purposes that are in the public interest or for statistical purposes pursuant to Article 89 (1) GDPR, to the extent that the said right is likely to render impossible or seriously impair the realization of the goals of this processing.
• to demand the restriction of the processing of your personally identifiable pursuant to Article 18 GDPR, to the extent that you dispute the accuracy of the data, the processing is unlawful but you reject the deletion of these data and we no longer require these data but that you need these data to assert, exercise or defend against legal claims or you have filed an objection to processing pursuant to Article 21 GDPR; if the processing of the personally identifiable data that concern you has been restricted, these data may only be processed with your consent or to assert, exercise or defend against legal claims or to protect the rights of another natural person or legal entity, or for reasons of important public interest of the European Union or of a member state and you are informed by the responsible entity before the restriction is lifted.
• to receive your personally identifiable data that you have provided to us in a structured, common and machine-readable format pursuant to Article 20 GDPR or to demand transmission to another responsible entity, to the extent that this does not impair the freedoms and rights of others. This right to data transferability does not apply to the processing of personally identifiable data required for the performance of a task that is in the public interest or in the exercise of public powers that have been assigned to the responsible entity.
• to revoke any consent that you have given us at any time pursuant to Article 7 (3) GDPR. The consequence of this revocation is that we are in future no longer permitted to perform data processing based on this prior consent.
• to not to be subjected, pursuant to Article 22 GDPR, solely to a decision based on automated processing — including profiling — that has a legal effect with regard to your person or that seriously impacts you in similar fashion unless the decision is not required for the conclusion or fulfilment of a contract between you and us, is permissible based on legal regulations of the European Union or the member states to which the responsible entity is subject and these legal regulations include appropriate measures to protect your rights and freedoms as well as your legitimate interests or the above is based on your explicit consent. These decisions may not be based on special categories of personally identifiable data pursuant to Article 9 (1) GDPR unless Article 9 (2a or 2g) applies and suitable measures have been taken to protect your rights and freedoms as well as your legitimate interests.
• to complain to a regulatory authority pursuant to Article 77 GDPR. As a rule, you can file the complaint with the regulatory authority in your normal place of residence or employment, or at our domicile. The regulatory authority with which the complaint is filed informs the complainant of the status and outcome of the complaint including the option of a judicial remedy pursuant to Article 78 GDPR.

5. Right of objection
If your personally identifiable data are processed based on legitimate interests pursuant to Article 6 (1e or 1f) GDPR, you have the right to file an objection to the processing of your personally identifiable data pursuant to Article 21 GDPR if reasons exist resulting from your particular situation or the objection is to direct advertising. In the latter case, you have a general right to object and we will comply with this objection without being provided with details of the particular situation.
If you would like to exercise your right of revocation or objection, it is sufficient to send an e-mail to isla@servicelogistics.info

E. External links and services

Our website may contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other sites. When you go to other websites from here, we advise you to be aware and read their privacy policy. This website also uses interfaces with social media sites such as LinkedIn, Twitter, Vimeo, and others. If you choose to “like” or “share” information from this website through these services, you should review the privacy policy of that service. If you are a member of a social media site, the interfaces may allow the social media site to connect your visits to this site with other Personal Information
‍
F. Website analytics

Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage. By using this website, you consent to the processing of data about you by Google in the manner described in Google’s Privacy Policy- external site and for the purposes set out above. You can opt out of Google Analytics if you disable, disable JavaScript, or use the opt-out service provided by Google- external site.