Luxembourg Impact Investing Association Privacy Notice
Version last updated on 20 October 2024.
This data protection notice is addressed to all individuals (i.e., data subjects) having regular or punctual contacts with Luxembourg Impact Investing Association (LIIA) in the course of its activities such as (without being exhaustive) its members, board members, suppliers, customers, speakers, and invitees to events, whether or not prospective, while in the context of legal entities, such individuals being the representatives, employees, agents, officers, or proxy holders (“you” or “your”).
1. Controller and Contact Details
Processing of personal data relating to you as described below is made under the control of Luxembourg Impact Investing Association a.s.b.l. (“LIIA”, “we”, “us” or “our”), a not-for-profit association established under the laws of the Grand Duchy of Luxembourg, with its registered office at 24, Place du Parc, L-2313 Luxembourg and registered with the Luxembourg Trade and Companies Register under number F14645.
For any enquiry you may have under this privacy notice, please email us at the contact details referred to in section 8.8 below.
2. Personal Data Processed
The information we collect for the purposes set out hereunder in Section 3 includes mainly your contact details such as your first name, last name, profession, position, professional title, company, professional and/or personal phone number, address, and email address, curriculum vitae, and any other relevant information you may provide us with, such as information disclosed in emails (signature block, subject line, and body), payment information (including bank account details), and photograph or video footage (in the context of events).
You provide most of the information we process about you directly to us, notably in the following situations:
You apply for membership or sponsorship with LIIA;
You are one of the contact persons of one of our members, partners, customers, or suppliers;
You are a manager of or work for LIIA (either as an employee or otherwise);
You have contacted us or otherwise shown interest to interact with us;
You have registered to speak at, attend, or have attended one of our events;
You have subscribed to receive our newsletters.
We do not request any sensitive personal data from you, nor do we wish to process such data. Sensitive personal data refers to data relating to your racial or ethnic origin, political opinion, religious or philosophical convictions, trade union membership, health and sexual life, and genetic data.
Therefore, we request that you do not include such sensitive personal data about yourself or other persons in your communication and/or documents sent to us. Otherwise, we will consider that we have received the consent to use such personal data for the purposes of responding to your query.
3. Purposes and Legal Bases
LIIA processes personal data for the following purposes on the following legal bases:
Purpose
Legal Bases
Data Subjects Concerned
Manage our relationship with you, including maintenance of our contact database up to date
Performance of contract or requested pre-contractual steps
Members, board members, suppliers, customers, speakers, and invitees
Communicate in relation to our corporate object, including via transmission of publications, be it electronic or printed media, including press releases and social media
Performance of contract or requested pre-contractual steps
Members, board members, customers, speakers, and invitees
Direct marketing material such as our newsletter (with opt-out faculty at any time)
Consent (opt-in) in relation to our products and services and those of our service providers or commercial partners
Members, prospective customers, speakers, and invitees
Organize events, including travel arrangements, accommodation, and dietary restrictions management
Performance of contract or requested pre-contractual steps
Members, board members, suppliers, customers, speakers, and invitees
Governance of the association
Performance of contract or requested pre-contractual steps
Members, board members
Invoicing and bookkeeping
Compliance with legal obligations
Members, board members, suppliers, customers, speakers, and invitees
Enforcing legal rights/managing complaints
Legitimate interest
Members, board members, suppliers, customers, speakers, and invitees
4. Recipients of Your Personal Data
We may share your personal data with the following recipients to the extent we deem such disclosure or transmission to be necessary or desirable for satisfying the aforementioned purposes:
4.1 Administrative or Business-related Recipients (mainly located in Benelux)
Legal, financial, and business advisors;
Participants in the LIIA community, such as members and customers;
Social media subscribers;
Administrative, regulatory, and judicial bodies (in Luxembourg or abroad as the case may be);
Press/journalists;
Event organizers, photographers, caterers, and other service providers;
Other relevant third parties.
4.2 IT Service Providers
LIIA uses services from the following companies established in and outside of the EEA:
Dropbox, Inc.
Eventbrite, Inc.
Google, Inc.
Microsoft Corporation
Slack
WPEngine Inc.
Zoho Corporation B.V.
Zoom Video Communications, Inc.
These providers have their own privacy policies, which you can find at their respective websites.
5. Duration of Retention of Your Personal Data
We will not keep your personal data for longer than the time necessary for satisfying the aforementioned purposes, subject to the legal periods of limitation and to the situations where applicable laws require or allow personal data to be retained for a certain period of time after the termination of a contractual relationship (such as the legal obligation to keep accounting documents for a period of 10 years). Without prejudice to the generality of the foregoing:
(a) Personal data processed for the purpose of administration and management of any contractual relationship with our members, suppliers, customers, and sponsors will be kept for a period of 10 years after the termination of our contract with you;
(b) Personal data processed for the purpose of contacting you will be kept for 10 years after the termination of contract or service provision;
(c) Invoices will be retained for a minimum period of 10 years after their issuance.
We may also keep and process personal data after the termination of our contractual relationship for specific purposes such as compliance with legal obligations or the establishment, exercise, or defense of legal claims.
6. Direct Marketing Communications
For the purpose of organizing events or gatherings dedicated to impact investing topics and/or to promote LIIA’s activities, we may use your email address to send you direct marketing communications.
We have obtained your email address either directly from you or indirectly from business partners who may have their own contact databases. Such a business partner may therefore either act as a (joint) controller with LIIA or as a processor acting on behalf of LIIA.
7. Cookies
We use the following first-party cookies with a view to improving our website and services:
Name of Cookie: cookie_notice_accepted
Type of Cookie/Duration: 30 days
Purpose: Record the acceptance of the cookie banner
We use the following third-party cookies to collect analytics and statistics with a view to improving our website and services:
Name of Cookie: Google Analytics
Type of Cookie/Duration: Performance cookie (temporary)
Purpose: Collect analytics to distinguish users
As regards Google Analytics, we have opted for the anonymization of the IP address of the users of this website. Therefore, cookies from Google Analytics do not collect identifying information other than part of the IP address used to connect to our website but allow us to use anonymous connection data for statistical purposes.
8. Rights Granted to Data Subjects
Subject to the limits set out in the applicable data protection laws, in particular the General Data Protection Regulation (GDPR) 2016/679, you may benefit from the following rights:
8.1 Your Right of Access
You have the right to ask us for confirmation as to whether or not personal data relating to you are being processed, and, where that is the case, access to the personal data and relevant information in that regard.
8.2 Your Right to Rectification
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
8.3 Your Right to Erasure
You have the right to ask us to erase your personal information. However, LIIA can refuse to erase your personal data if we have a legal obligation to keep such personal data.
8.4 Your Right to Restriction of Processing
You have the right to ask us to restrict the processing of your information.
8.5 Your Right to Object to Processing
You have the right to object to processing that we carry out based on legitimate interest. However, we may process your information if we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.
8.6 Your Right to Data Portability
Where relevant, you have the right to request to receive personal data concerning you in a structured, commonly used, and machine-readable format and to transmit it to another controller.
8.7 No Automated Decision Making
No automated decision making or profiling is conducted.
8.8 Your Right to Complain
If you have queries or concerns, please contact us at info@liia.com, and we will respond. If you remain dissatisfied, you can make a complaint to the CNPD (Commission Nationale pour la Protection des Données) in Luxembourg.
8.9 Your Right to Withdraw Consent
Where processing relies on your consent, you can withdraw it at any time.
9. Links on Our Website
Where we provide links to websites of other organizations, this privacy notice does not cover how that organization processes personal information. We encourage you to read the privacy notices on the other websites you visit.
10. Changes to this Privacy Notice
Changes may occur in the way we process information about you. In case these changes oblige us to update this data protection notice, we will do our best efforts to bring this to your attention and may do so by any means such as by email, letter, hyperlink to our intranet, or otherwise. The latest version will always be available here: https://liia.com/privacy.