Data Protection
Responsible for the processing of data is:
European Industrial Hemp Association
Rue Montoyer 31
1000, Brussels, Belgium
info@eiha.org
Thank you for visiting our online presence. Protection of your privacy is very important to us. Below you will find extensive information about how we handle your data.
1. Access data and hosting
You may visit our website without revealing any personal information. With every visit on the website, the web server stores automatically only a so-called server log file which contains e.g. the name of the requested file, your IP address, the date and time of the request, the volume of data transferred and the requesting provider (access data), and documents the request.
These access data are analysed exclusively for the purpose of ensuring the smooth operation of the website and improving our offer. This serves according to Art. 6 (1) 1 lit. f GDPR the protection of our legitimate interests in the proper presentation of our offer that are overriding in the process of balancing of interests. All access data are deleted no later than seven days after the end of your visit on our website.
Third-party hosting services
Data are also processed by a third-party provider that we have engaged to render hosting and website presentation services on our behalf. This provider processes on its servers all data that are collected in the manner specified below when you visit our website or fill in forms made available for this purpose in our online shop. Data are processed on other servers only in the scope described herein. This service provider is based in an EU or EEA member state.
2. Data collection and use for processing the contract, making contact and for opening a membership account
We collect personal data that you voluntarily submit to us when you place an order, contact us (e.g. via contact form or by email) or open a membership account with us. Mandatory fields are marked as such because we absolutely need those data to perform the contract or process your contact request or open your membership account, and you would otherwise not be able to complete your order and/or create your membership account or send the contact request. It is evident in each input form what data are collected.
We use the data that you disclose to us to perform the contract and process your enquiries according to Art. 6 (1) 1 lit. b) GDPR. Upon completion of the contract or deletion of your customer account, any further processing of your data will be restricted, and your data will be deleted upon expiry of the retention period applicable under relevant regulations, unless you expressly consent to the further use of your data or we reserve the right to further use your personal data in the scope and manner permitted by law, of which we inform you in this notice. Your customer account can be deleted at any time. For this purpose you can either send a message to the contact option specified below or use the relevant function available in the customer account.
3. Transfer of data
Depending on the payment service provider you have selected during the ordering process, we disclose the payment details collected for order processing purposes to the bank commissioned to handle the payment and, as the case may be, to the payment service provider commissioned by us or to the selected payment service. Some of those data are collected by the selected payment service providers themselves if you open an account with them. In such a case, during the ordering process, you must register with your payment service provider using your access data. In this respect, the privacy notice of the relevant payment service provider applies.
We use the services of a payment provider, which has its registered office outside the EU. Personal data are disclosed to that company only to the extent required to perform the contract.
4. Email newsletter
E-mail advertising if you subscribe to the newsletter
If you subscribe to our newsletter, we will regularly send you our e-mail newsletter based on your consent according to Art. 6 (1) 1 lit. a) GDPR, using the data required or disclosed by you separately for this purpose.
You may unsubscribe from the newsletter service at any time. For this purpose you can either send a message to the contact option specified below or use the opt-out link in the newsletter. Upon unsubscription, we will delete your email address unless you have expressly consented to the further use of your data or we reserve the right to further use your personal data in the scope and manner permitted by the law, of which we inform you in this notice.
The newsletter is sent to you by our service provider who processes data on our behalf and to whom we disclose your email address. This service provider is based in an EU or EEA member state.
5. Cookies and web-analysis
In order to make a visit to our website attractive and to enable the use of certain functions, to display suitable products or for market research, we use so-called cookies on various pages, provided that you have given your consent to do so in accordance with Art. 6 (1) 1 a GDPR.
Cookies are small text files that are automatically stored on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognise your browser during your next visit (persistent cookies).The duration of storagecan be seen in the cookie settings of your web browser.
You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or whether to exclude the acceptance of cookies in certain cases or in general (detailed information on the settings options of your browser can be found below).
If cookies are not accepted, however, the functionality of our website may be restricted. Below we present information on cookies we use and how you can customise your browser in that respect.
How can I configure the cookie settings of my browser?
Each browser is different in the way it manages cookie settings. This is described in the help menu of each browser, which explains how to change your cookie settings. You can find these for each browser under the following links:
Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™
What types of cookies are being used?
Necessary cookies: These cookies are necessary to enable you to use our website. This includes e.g. cookies that enable you to log into the customer area or add items to your shopping cart.
If you have given your consent in accordance with Art. 6 (1) 1 a GDPR, you can also revoke your consent at any time by sending a message to the contact option described in the privacy policy.
6. Online Marketing
Google Fonts
This website contains the script code “Google Fonts”. Google Fonts is an offer from Google Ireland Limited, a company incorporated and operated under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland (www.google.co.uk). This serves to protect our legitimate interests in a uniform presentation of the contents on our website in accordance with Art. 6 (1) 1 lit. f) GDPR.
This will establish a connection between the browser you are using and Google’s servers. This gives Google knowledge that our website has been accessed via your IP address.
Where information is transmitted to and stored by Google on servers located in the United States, the U.S. company Google LLC is certified under the EU-US Privacy Shield. A current certificate can be viewed here. As a result of this agreement between the US and the European Commission, the latter has established an adequate level of data protection for companies certified under the Privacy Shield.
Further information about data processing by Google can be found in Google’s privacy policy.
Google reCAPTCHA
For the purpose of protection against misuse of our web forms as well as against spam by automated software (so-called bots), Google reCAPTCHA collects data (IP address, time of visit, browser information as well as information on your use of our website) and performs an analysis of your use of our website by means of a so-called JavaScript and cookies. In addition, other cookies stored in your browser by Google services are evaluated. Personal data is not read out or stored from the input fields of the respective form.
7. Social Media
Our online presence on Twitter, Instagram, LinkedIn
If you have given your consent to the respective social media provider in accordance with Art. 6 (1) (a) GDPR, when you visit our online presence on the social media mentioned above, your data will be automatically collected and stored for market research and advertising purposes, from which user profiles are created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are usually used for this purpose. For detailed information on the processing and use of data by the respective social media provider, as well as a contact option and your rights and settings options for the protection of your privacy, please refer to the provider’s privacy policies linked below. Should you still require assistance in this regard, please contact us.
Twitter is provided by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland (“Twitter”). The information automatically collected by Twitter about your use of our online presence on Twitter is generally transmitted to and stored on a server at Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission.
Instagram is provided by Facebook Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (hereafter “Facebook Ireland”) The information automatically collected by Facebook Ireland about your use of our online presence on Instagram is typically transferred to and stored on a server at Facebook, Inc, 1601 Willow Road, Menlo Park, California 94025, USA. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission. Data processing in the context of a visit to an Instagram fan page is based on an agreement between joint controllers in accordance with art. 26 DSGVO. Further information (information on Insights data) can be found here.
LinkedIn is provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”). The information LinkedIn automatically collects about your use of our online presence on LinkedIn is generally sent to a server at LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA and stored there. There is no adequacy decision for the United States by the European Commission. Our cooperation is based on standard data protection clauses adopted by the European Commission.
8. Contact possibilities and your rights
Being the data subject, you have the following rights according to:
art. 15 GDPR, the right to obtain information about your personal data which we process, within the scope described therein;
art. 16 GDPR, the right to immediately demand rectification of incorrect or completion of your personal data stored by us;
art. 17 GDPR, the right to request erasure of your personal data stored with us, unless further processing is required
to exercise the right of freedom of expression and information;
for compliance with a legal obligation;
for reasons of public interest or
for establishing, exercising or defending legal claims;
art. 18 GDPR, the right to request restriction of processing of your personal data, insofar as
the accuracy of the data is contested by you;
the processing is unlawful, but you refuse their erasure;
we no longer need the data, but you need it to establish, exercise or defend legal claims, or
you have lodged an objection to the processing in accordance with art. 21 GDPR;
art. 20 GDPR, the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transmission to another controller;
art. 77 GDPR, the right to complain to a supervisory authority . As a rule, you can contact the supervisory authority at your habitual place of residence or workplace or at our company headquarters.
If you have any questions about how we collect, process or use your personal data, want to enquire about, correct, restrict or delete your data, or withdraw any consents you have given, or opt-out of any particular data use, please contact us directly using the contact data provided in our supplier identification.