European Association for Public Administration Accreditation

NISPAcee Privacy Policy

If you are, or have been, a member of NISPAcee, have contacted us by email, participated in one or more of our activities, subscribed to our newsletter or visited our website, this means that you have entrusted us with some of your personal data.
This document answers any questions you may have about who we are, how we process and protect your personal data, and what your rights are in relation to the new General Data Protection Regulation (GDPR).
What is the GDPR?

The GDPR is the new EU Regulation on the protection of personal data, which replaced Directive 95/46/EC and came into force throughout the European Union on 25th May 2018.
The purpose of the GDPR is to harmonise and strengthen the protection of privacy and personal data in the EU. To make sure that we comply with the requirements of the GDPR and that we process your data fairly and lawfully, we require your consent.
Who is NISPAcee?
The Network of Institutes and Schools of Public Administration in Central and Eastern Europe (NISPAcee), Reg. no.203/2-95/04729, is listed in the Register of Organisations with International Scope of the Ministry of the Interior of the Slovak Republic. NISPAcee’s Headquarters is located at Polianky 5, 84101 Bratislava, Slovak Republic. If you have provided NISPAcee with any personal data, then we are the processor of that data. We are therefore responsible for processing and protecting that data.

Your personal data are processed in accordance with the relevant legislation of the Slovak Republic and the new General Data Protection Regulation (GDPR).
You can contact us regarding the processing of your personal data by email at nispa@nispa.org or by post to NISPAcee, Polianky 5, 84101 Bratislava, Slovak Republic.
When and how do we process your personal data?
It is a genuine task of NISPAcee, as a Network, to collect information and contact data of relevant professionals in order to support their collaboration, mutual communication and provide them with the knowledge and experience accumulated by NISPAcee in forms of various projects and publications.

Your personal data are processed from the moment we receive them. This applies particularly when you:
• Are included into the NISPAcee databases (of individuals, experts, programmes).
• Apply for participation in various NISPAcee activities and projects.
• Attend an event organised by NISPAcee.
• Subscribe to our newsletter.
• Communicate with us.
• Visit our website.
• Enter into contract with us.
In most cases, we process your first name, surname, email address, your phone number and address and/or other personal or business contact information and CVs. These data we have generally obtained through mutual communication.
Each person registered in the NISPAcee databases has access to his/her personal data via NISPAcee’s website under the user name and password and can decide if the personal data provided is confidential and can only be used for NISPAcee’s internal use or can be open to the public.
If we have a contractual relationship with you, we process your personal data to the extent specified in the relevant agreement.
There are two levels of data processing
(A) Data for NISPAcee’s internal purposes, so-called confidential

(B) Data open to the public in the databases of institutions and other persons

Categories of publicly displayed data can be indicated in a personal profile accessible via the user account. All data relating to any personal profile can be updated directly by the person concerned at any time.
Disclosure of the data in this category is processed in two levels:
1. NISPAcee members have full access to data indicated as being public. It is one of NISPAcee’s membership benefits.
2. The general public can view the first and surname of a person, his/ her institution and country.
Why do we process your personal data?

• To provide opportunities for networking and collaboration between NISPAcee members.
• To inform you about our activities, planned and past events, new publications and send email communications (invitations and newsletters).
• To process event registrations and create the necessary documentation (attendance lists) in order to comply with the rules on publicly funded events/projects.
• To manage our website and social media accounts to enable the most relevant content to be viewed based on data testing and analysis.
• To fulfil contracts if you are in a contractual relationship with us.
• To fulfil the qualification requirements of the various NISPAcee activities and projects.

How we use your data?

In principle, we will not disclose your personal confidential data to any third party. Any other data disclose is processed with your approval. In exceptional cases we may disclose your personal data to companies that provide services to our organisation (such as, for example, IT services), which will act on behalf of and under written instruction by NISPAcee and are not allowed to use your data for their benefit or disclose this to third parties. Also, we will use your personal data for keeping you up-to-date until you unsubscribe from our recipients’ list.
How we hold the information
All the personal data we have is stored on our database in the Slovak Republic.
Our website uses cookies to monitor traffic on the various sections of the website. They keep track of how long a visitor stays on a page and what parts are viewed. The data is anonymous and cannot be used to identify specific visitors. We use analytical data to improve the content and structure of our website. You can disable cookies in your web browser.

How long do we process your personal data for?

We process your personal data for as long as necessary, depending on the purpose of the processing and until you ask us to delete it.
Securing and protecting your personal data
We protect, as much as we can, any of your personal data that we have at our disposal, in order to prevent leaks, misuse or damage. Files that contain personal data are password protected and accessed by a limited number of NISPAcee staff and co-workers trained in data handling.
Provision of personal data to third parties
In order to manage registrations for events and mass email communications, we use the designated services of other companies. They are intermediaries and they may come into contact with your personal data. They are professional companies that protect personal data to the highest level. These companies are: Google, SendGrid, Crooce.com, Floyd Studio.

Your rights
You have the following rights regarding the protection of your personal data and you can:
Ask us to delete any of your personal data that we process. Upon receiving such a request, we will delete all your personal data contained in the databases that we and our processors operate. We will do so within 30 working days of receiving your request.
Ask us to correct any personal data we process that is incorrect and any personal data that is no longer up-to-date.
Limit the scope or purposes for which your personal data are processed.
Ask us to access your personal data. Within 30 working days, we will provide you with the details of the data we process.
Opt-out of your personal data being processed for the purposes of legitimate interest and for direct marketing.
Revoke consent for your personal data to be processed. Once we receive your request, we will not process your personal data any further. Revoking consent has no bearing on the legality of the data processing undertaken before consent was revoked.
File a complaint regarding any illegal processing of your personal data. You can make a complaint to us at any time, or you can complain to the Office for Personal Data Protection of the Slovak Republic.

If you wish to exercise any of these rights, please contact us at nispa@nispa.org or by post to NISPAcee, Polianky 5, 84101 Bratislava, Slovak Republic.
Please be aware that before we can provide you with any data in this regard, we may ask you for additional information and data to verify your identity.
Office for Personal Data Protection
If you feel that we are not handling your personal data in compliance with the law, you can contact the Office for Personal Data Protection and make a complaint. However, we would encourage you to contact us first, and we will be happy to resolve any shortcomings.

We assure you that all our staff and co-workers who come into contact with your personal data are instructed on how to handle personal data in order to ensure maximum protection and are bound by the confidentiality of the personal data. This continues once our relationship comes to an end. Apart from our staff, co-workers and intermediaries, no third party has access to your personal data in category A (see above).

This statement regarding the processing and protection of personal data is valid from 25.5.2018.
Any changes to the above information will be posted on this website and, if necessary, will be communicated to you by email.