enfr

EEA Policy

Data subject rights for individuals located in the European Economic Area (EEA)

This document and the SOCAN Privacy Policy explain what data we process, why, how it is legal and your rights. The SOCAN Privacy Policy provides general information about how we process your personal data and this notice builds on the provisions in that notice and gives you more information about our processing and your rights.

USEFUL WORDS AND PHRASES

Please familiarize yourself with the following words and phrases (used in bold) as they have particular meanings in the European Data Protection Laws that apply to individuals located in the European Economic Area (EEA)and are used in the section below that sets out why we are allowed to process your personal data and sets out your rights in more detail.

 

Term

Definition

controller

This means any person who determines the purposes for which, and the manner in which, any personal data is processed.

criminal offence data

This means any information relating to criminal convictions and offences committed or allegedly committed.

Data Protection Laws

This means the laws which govern the handling of personal data. This includes the General Data Protection Regulation (EU) 2016/679 and any other national laws implementing that Regulation or related to data protection.

data subject

The person to whom the personal data relates.

personal data

This means any information from which a living individual can be identified. 
This will include information such as telephone numbers, names, addresses, e-mail addresses, photographs and voice recordings.  It will also include expressions of opinion and indications of intentions about data subjects (and their own expressions of opinion/intentions).
It will also cover information which on its own does not identify someone but which would identify them if put together with other information which we have or are likely to have in the future.

processing

This covers virtually anything anyone can do with personal data, including:

·   obtaining, recording, retrieving, consulting or holding it;

·   organising, adapting or altering it;

·   disclosing, disseminating or otherwise making it available; and

·   aligning, blocking, erasing or destroying it.

processor

This means any person who processes the personal data on behalf of the controller.

special categories of data

This means any information relating to:

·   racial or ethnic origin;

·   political opinions;

·   religious beliefs or beliefs of a similar nature;

·   trade union membership;

·   physical or mental health or condition;

·   sexual life; or

·   genetic data or biometric data for the purpose of uniquely identifying you.

 

HOW IS PROCESSING YOUR PERSONAL DATA LAWFUL

We are a controller for the purposes of the Data Protection Laws.

We are allowed to process your personal data for the following reasons and on the following legal bases:

 

  1. It is necessary for our performance of the membership agreement and/or other contracts you have agreed to enter with us. If you do not provide your personal datato us, we will not be able to carry out our obligations under the terms of your contract. The necessary information that we need from you in order to maintain your membership agreement with us is listed under the description under ‘what personal information do we collect and why we collect it’ in SOCAN’s Privacy Policy.
  2. Legitimate Interest. We are permitted to processyour personal data if it is based on our ‘legitimate interests’ i.e. we have good, sensible, practical reasons for processing your personal data which is in the interests of SOCAN. To do so, we have considered the impact on your interests and rights and have placed appropriate safeguards to ensure that the intrusion on your privacy is reduced as much as possible.  The descriptions under ‘what personal information do we collect and why we collect it’ in SOCAN’s Privacy Policy sets out the personal data processed on this basis.

You can object to processing that we carry out on the grounds of legitimate interests. See the section headed "Your Rights," below, to find out how.

  1. Legal Obligation. We are subject to legal obligations to processyour personal data for the purposes of complying with applicable regulatory, accounting and financial rules, and to make mandatory disclosures to government bodies and law enforcements.

 

  1. Consent. Sometimes we want to use your personal datain a way that is entirely optional for you.  On these occasions, we will ask for your consent to use your information. You can withdraw this consent at any time.

 

  1. Legal Claims. We need to processyour personal data if, we are required to process your personal data to defend or establish a legal claim.

 

YOUR RIGHTS

As a data subject located in the EEA, you have the following rights under the European Data Protection Laws:

  • the right to object to processing of your personal data;
  • the right of access to personal data relating to you (known as data subject access request);
  • the right to correct any mistakes in your information;
  • the right to ask us to stop contacting you with direct marketing;
  • the right to prevent your personal data being processed;
  • the right to have your personal data ported to another controller;
  • the right to withdraw your consent;
  • the right to erasure; and
  • rights in relation to automated decision making.

These rights are explained in more detail below. If you want to exercise any of your rights, please contact us (please see "How to contact us" in SOCAN’s Privacy Policy). Please note that some requests may require you to verify your identity.

We will respond to any rights that you exercise within a month of receiving your request, unless the request is particularly complex, in which case we will respond within three months.

Please be aware that there are exceptions and exemptions that apply to some of the rights which we will apply in accordance with the European Data Protection Laws. For example, if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping.

Right to object to processing of your personal data

You may object to us processing your personal data where we rely on a legitimate interest as our legal grounds for processing.

If you object to us processing your personal data we must demonstrate compelling grounds for continuing to do so. We believe we have demonstrated compelling grounds in the section above titled "How is processing your personal data lawful".

Right to access personal data relating to you

You may ask to see what personal data we hold about you and be provided with:

  • a copy of the personal data;
  • details of the purpose for which the personal data is being or is to be processed;
  • details of the recipients or classes of recipients to whom the personal data is or may be disclosed, including if they are overseas and what protections are used for those overseas transfers;
  • the period for which the personal data is held (or the criteria we use to determine how long it is held);
  • any information available about the source of that data; and
  • whether we carry out an automated decision-making, or profiling, and where we do information about the logic involved and the envisaged outcome or consequences of that decision or profiling.

To help us find the information easily, please provide us as much information as possible about the type of information you would like to see.

Right to correct any mistakes in your information

SOCAN is committed to maintaining the accuracy of your personal information and ensuring that it is complete and up-to-date. In most cases SOCAN collects your personal information directly from you.  If you discover inaccuracies in SOCAN’s data, please notify SOCAN to make the necessary changes.  If you would like to do this, please let us know what information is incorrect and what it should be replaced with.

Right to restrict processing of personal data

You may request that we stop processing your personal data temporarily if:

  • you do not think that your data is accurate. We will start processingagain once we have checked whether or not it is accurate;
  • the processingis unlawful but you do not want us to erase your data;
  • we no longer need the personal datafor our processing, but you need the data to establish, exercise or defend legal claims; or
  • you have objected to processingbecause you believe that your interests should override our legitimate interests.

Right to data portability

You may ask for an electronic copy of your personal data which we hold electronically and which we process when we have entered into a contract with you. You can also ask us to provide this directly to another party.

 

Right to withdraw consent

You may withdraw any consent that you have given us to process your personal data at any time. This means that we will not be able to carry out any processing which required use of that personal data.

 

Right to erasure

You can ask us to erase your personal data where:

  • you do not believe that we need your data in order to processit for the purposes set out in SOCAN’s Privacy Policy;
  • if you had given us consent to process your data, you withdraw that consent and we cannot otherwise legally processyour data;
  • you object to our processingand we do not have any legitimate interests that mean we can continue to process your data; or
  • your data has been processedunlawfully or have not been erased when it should have been.

Rights in relation to automated decision making

You have the right to have any decision that has been made by automated means and which has a significant effect on you reviewed by a member of staff and we will consider any objections you have to the decision that was reached.

WHAT WILL HAPPEN IF YOUR RIGHTS ARE BREACHED

You may be entitled to compensation for damage caused by contravention of the European Data Protection Laws.

COMPLAINTS TO THE REGULATOR

It is important that you ensure you have read this Privacy Notice – and if you do not think that we have processed your data in accordance with this notice – you should let us know as soon as possible. You may also complain to the competent data protection authority.  The name and contact details of the Data Protection Authorities in the European Union can be found here.

Message delivered

Thanks for contacting SOCAN, a member of our team will be in touch shortly to assist you.

Subscribe to get the top articles delivered to your inbox every two weeks.

We won’t share your data, and you can unsubscribe at any time.

No Thanks