Website Privacy Policy
1. General Information
a) Introduction
Thank you for your interest in our website and our online services. Protecting visitors data and using it only in the way our visitors expect from us is our highest priority. Thus, the following policy is designed to inform you about the processing of your personal data and your rights regarding this processing according to the General Data Protection Regulation (“GDPR”) and other data protection laws.
b) Controller
We, MESA International, are the controller according to the GDPR and therefore responsible for the data processing explained herein.
c) Person Responsible for Data Protection
You can contact our Executive Director at any time by using the following contact details: 1800 E. Ray Rd., STE. A106, Chandler, AZ, 85225 USA Phone: +1 (480) 893-6883 e-mail: brandy@mesa.org
For individuals based in the European Union:
Since we do not have an establishment in the European Union, we have appointed an EU based representative to serve as a direct contact for data protection authorities and individuals on our behalf, who can be contacted at mesainternational@mcf.ie or MCF Legal Technology Solutions Limited, Riverside One, Sir John Rogerson's Quay, Dublin 2, Ireland.
2. Processing of Personal Data during Your Use of Our Website
Your visit to our website and/or use of our online services will be logged. The IP address currently used by your device, date and time, the browser type and operating system of your device, the pages accessed and geographical location may be recorded. This data is collected for the purposes of optimizing and improving our website as well as our online services. The processing is legally based on legitimate interest as it is in our legitimate interest to protect our website and to improve the quality of our services. Additionally, your personal data is only stored if you provide it to us on your own account, e.g. as part of a registration, a survey, an online application or for online purchase (performance of a contract). We have taken appropriate measures to ensure that the data provided to us during the registration is adequately protected. These measures include, but are not limited to, encryption, access control, segregation of duties, etc.
a) Newsletter Registration
If you wish, you can subscribe for our newsletter on our website by filling out the registration form provided there. The personal data that is collected in the registration form will only be processed for sending newsletters to your e-mail address and only if you have given your consent to this data processing. Your personal data will be processed until you unsubscribe from the newsletter by clicking the link “unsubscribe” which is provided in each newsletter you receive from us. Please note that you will not receive any newsletters from us anymore after you unsubscribe.
b) Membership Registration
You can use our online form and place an order to purchase a membership by visiting the link https://mesa.org/join/. All personal data you have given during your membership registration will only be used for the purposes of purchasing and/or delivering of our products, services and content. Without your personal data, we will not be able to process your order. Your personal data will stored as long as it is necessary for us to fulfill our obligations towards you including but not limited to delivery of the products or services, downloading content, accessing the website, support, etc., except where we are legally obliged to further store your data for the purposes of submitting it to public authorities, for example to tax authorities. This storage and transfer of your personal data to public authorities is based on fulfilling a legal obligation.
c) Member/User Account Registration
If you join MESA as a member per section b above, you create an account on our website during the membership sign up process. If you join MESA, you will not have to send us your personal data every time you are using our website or when you try to access information/materials intended only for registered members. The personal data that you provided in the registration form will only be processed for creating and maintaining your member account. Your personal data will only be stored until you delete your account. If you delete your account, your personal data will be deleted without undue delay except where we are legally obliged by law to further store your data. Please note that you will not be able to use your account anymore, after it has been deleted.
d) Cookies
To make your visit to our website more pleasant and to enable the use of certain functions, we may use “cookies” on various pages. Cookies are small text files that are stored on your terminal device. Some of the cookies we use are deleted after the end of the browser session. Other cookies remain on your device and enable us or our partner companies to recognize your browser on your next visit. You can set your browser in such a way that you are informed about the setting of cookies separately and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or generally. For more information, see the help function of your Internet browser. If cookies are not accepted, the functionality of our website may be limited.
To find out more about how we use cookies you can access our “Cookie Policy”
e) Data Recipients
We may use third party service providers to process your personal data. These service providers may be located in countries within and outside the European Union (EU) and the European Economic Area (EEA). We ensure that these service providers process personal data in accordance with European data protection legislation to guarantee an adequate data protection level, even if personal data are transferred into a country outside the EEA for which no adequacy decision of the EU Commission exists. Volunteers for MESA may receive your information if they lead an initiative and have a legitimate interest in contacting you about association activities. We partner with sponsors on some activities and you will be notified when you sign up on an activity-by-activity basis if your information will be provided to a sponsor before signing up. Transfers of personal data to other recipients is not performed, except where we are obliged to do so by law. For more information about appropriate safeguards for the international data transfer or a copy of them, please contact our Executive Director.
f) Retention Period
Personal data provided to us via our website will only be stored until the purpose for which they were processed has been fulfilled. Insofar as retention periods under commercial and tax law must be observed, the storage period for certain data can be up to 10 years. However, storage periods may also be amended due to our legitimate interest (e.g. to guarantee data security, to prevent misuse or to prosecute criminal offenders).
3. Your Rights
As a data subject, you can contact our Executive Director at any time with a notification under the contact information mentioned above under Section 1 to make use of your rights. These rights are the following:
- The right to receive information about the data processing and a copy of the processed data;
- The right to demand the rectification of inaccurate data or the completion of incomplete data;
- The right to demand the erasure of personal data;
- The right to demand the restriction of the data processing;
- The right to receive the personal data concerning the data subject in a structured, commonly used and machine-readable format and to request the transmittance of these data to another controller;
- The right to object to the data processing;
- The right to withdraw a given consent at any time to stop a data processing that is based on your consent;
- The right to file a complaint with the competent supervisory authority: Data Protection Commission (DPC) in Ireland.