1. What is this Privacy Notice about?
This Privacy Notice explains how we process personal data in relation with events organized by GICHD (hereinafter referred to as “event”).
Information about the processing of personal data by GICHD in general may be found in our general Data Protection Notice. If you would like more information, please feel free to contact us.
The GICHD is the “controller”, i.e., the party that is primarily responsible to ensure compliance with data protection laws (also “we”):
Geneva International Centre for Humanitarian Demining
Maison de la paix, Tower 3
Chemin Eugène-Rigot 2C
P.O. Box 1300
1211 Geneva 1, Switzerland
If you have any questions regarding data protection, please feel free to contact us at the address mentioned above or dpo@gichd.org.
You may provide us with data that relates to other individuals as well (e.g., work colleagues). In this case, we understand that this data is correct and that you act within your rights when sharing it with us. Please inform these individuals about our data processing (e.g., by pointing them to this Privacy Notice).
2. Processing of personal data
To facilitate your participation in our events, we may collect and process data such as your name, affiliation, contact information, country of residence and/or operations, professional background, former trainings, details on emergency contacts, dietary and other special requirements, travel schedules, financial information, endorsement letters, CVs, photos, special requirements and disabilities, health information, insurance details, visa information, and passport copies.
This information is necessary to
- manage event registrations and organization (including dietary and health related requirements),
- facilitate your travels (including flight, hotel and other bookings, visa applications, etc.) directly through us or through a third party (e.g., travel agencies),
- prepare delegates lists to be shared with all delegates, including name, position, organization and email,
- to pay or reimburse delegate expenses,
- and communicate with you about event-related updates.
During the event, we may capture photos and make audio-visual recordings to document and promote our activities. These may include images or footage of you as a participant. Such photos and videos may be used for our internal records, on our website, across our social media channels, and in other promotional materials related to this or future events. If you have any concerns about being photographed or recorded, please contact us before the event so we can make reasonable accommodations where possible.
We may also use your contact information to send newsletters, updates on future workshops, and other information that aligns with your interests. You may unsubscribe from our newsletter at any time by clicking the unsubscribe button at the bottom of the newsletter.
We may conduct analysis to better understand the impact of our events and to identify areas for future improvement. This may involve processing data such as names, roles, and contact information. Additionally, we may collect feedback through surveys or other forms of communication. All data processed for research purposes will be anonymized as soon as possible.
In addition, we may process your personal data to comply with legal and regulatory requirements, support internal investigations and crime prevention, respond to legal proceedings, maintain and improve our IT security and infrastructure, and serve other legitimate internal purposes such as training, administration, or enforcement and defense of claims.
3. How do we work with service providers?
We may share personal data with various third-party providers from whom we receive services, especially IT services (examples are providers of hosting or data analysis services), shipping and logistics services and services from banks, the post office, consultants and advisors, travel agencies, hotels, airlines, event managers, conferencing services, interpreters, caterers, security services, etc.
4. Can we disclose data abroad?
The recipients of data are not all located in Switzerland, in particular certain service providers (especially in IT). These providers may have locations within the EU or the EEA, but also in other countries worldwide, e.g., in the USA. We may also share data with our donors and authorities abroad if we are legally compelled to do so or, for example in relation with legal proceedings or under a grant agreement. Not all these countries have an adequate level of data protection. We therefore use appropriate safeguards, in particular the EU standard contractual clauses, which can be found here. In certain cases, we may share data abroad without such safeguards, as permitted under applicable data protection law, e.g., with your consent or where the disclosure is necessary for the performance of the contract, for the establishment, exercise, or enforcement of legal claims or for overriding public interests.
5. How long do we process personal data?
We process your personal data as long as it is necessary for the purpose of processing, as long as we have a legitimate interest in storing it (e.g. if in order to enforce legal claims, for archiving and or to ensure IT security) and as long as data is subject to a statutory retention obligation. After these periods have expired, we delete or anonymize your personal data.
6. What else should be considered?
Depending on the applicable law, data may only be processed based on legal grounds. This does not apply under the Swiss Data Protection Act, but it does under the European General Data Protection Regulation (GDPR) to the extent it is applicable. In this case, our processing is based on a necessity to prepare for and perform contracts, to safeguard legitimate interests of us or third parties, e.g. statistical evaluations, that it is required or permitted by law, or that you have provided separate consent. The relevant provisions are article 6 and 9 GDPR.
You are not under an obligation to provide data to us, except in some cases such as when it is required to comply with a contractual obligation. However, we must process data for legal and other reasons when we conclude and execute contracts.
7. What are your rights?
You have certain rights, subject to conditions and restrictions under applicable law:
- You may request a copy of your personal data and further information about our data processing;
- You may object to our data processing, especially in relation with our newsletter;
- You may have incorrect or incomplete personal data corrected or completed or supplemented by a note of dispute;
- You may request receipt of the personal data that you have provided to us in a structured, common and machine-readable format;
- You may revoke your consent at any time if we process data based on your consent. The revocation is only valid for the future, and we reserve the right to continue to process data based on another basis in the event of a revocation.
If you wish to exercise such a right, please feel free to contact us (cf. sec. 1). We will usually have to verify your identity (e.g. by means of a copy of your ID card). You are also free to file a complaint against our processing of your data with the competent supervisory authority, in Switzerland the Federal Data Protection and Information Commissioner (FDPIC).