1. Who is responsible for your data?
MILMED COE is responsible for your data. MILMED COE is accredited as a NATO centre of excellence and activated as an international military organization by the North Atlantic Council. We are the data controller of the data which we collect from you, and as such we control the ways your personal data are collected and the purposes for which your personal data are used.
Our contact information is:
Headquarters: 44 Róbert Károly körút, H-1134 Budapest, Hungary;
Postal address: H-1555 Budapest, P.O. Box: 66, Hungary;
Email address: firstname.lastname@example.org
Phone: +361 8830100
2. Data we collect about you
Automatically collected non-personal data about your device, your location and how you use our website. This data cannot be allocated to a specific person.
a) whenever you access our web site and whenever you download a file in a log file
• enquiring IP address
• exact date and time of download
• name of the downloaded file
• message whether the download was successful
• transferred data volume
• calling page (e.g. search engines or websites containing links to our website)
• used operating system and version number
• description of the used web browser type
We will not collect any other personal data unless you provide this data on a strictly voluntary basis. This can be the case, for example, during a registration requested by you
b) when you create an account with us
when you register to attend a course or any other event
when you fill in forms on our website
• your sex, name and contact details (email address, telephone number, address)
• your NATO rank, service and command/organization
• your ID number, military ID number, and passport number
c) when you register to attend a course or any other event
when you fill in forms on our website
• information about your travel (flight numbers, date and time of arrival and departure) and accommodation
d) when you fill in registration form on our website
• your spouse’s name and passport number
e) when you attend our events (e.g. courses, conferences, workshops, office calls) photos and/or videos may be taken
• photos or videos taken of you
f) when facilitating payment by card
• fact of completed payments with your credit or debit card. (Your credit or debit card details are NOT collected, stored, or processed by the MILMED COE. All payments are facilitated through our contracted partner bank, and whenever you initiate a payment, you are automatically redirected to the bank’s website.)
By providing any sensitive personal data, you explicitly agree that we may collect it and use it to provide services to you.
Certain kinds of personal data, such as data about your racial or ethnic origin, your physical or mental health, your religious beliefs or alleged commission or conviction of criminal offences, are special categories of personal data which by law require additional protection. We try to limit the circumstances in which we collect sensitive personal data of this kind, but we may collect and process it when for example:
• You have requested special assistance
• You have requested a special meal type which implies or suggests your religion (e.g. a kosher meal) or a health issue (e.g. a gluten-free meal).
3. How we use your personal data and legal grounds
We can only use your personal data if we have a proper reason for doing so. According to the law, we can only use your data for one or more of these reasons:
• When you consent to it, or
• To fulfil a contract we have with you, or
• If we have a legal duty to use your data for a particular reason, or
• When it is in our legitimate interests.
In the table below, we have set out the different ways in which we use your personal data and the reasons we rely on for using that data. If we rely on our legitimate interests for using your personal data, we will explain that to you.
|What we use your personal data for
| Legal grounds for using it
| Our legitimate interests
|To provide services (participation in our courses and conferences) to you.
Communicating with you and to send you information about our events.
To inform you about our news and offers that we think you might be interested in.
Our legitimate interests.
With your consent.
|Keeping our records up to date, working out which of our products and services may interest you.
Developing products and services and what we charge for them.
Identifying and defining types of customers for new products and services.
Being efficient about how we fulfill our contracts, provide our services.
|To promote our services and build contacts through social media channels.
|Our legitimate interests.
With your consent.
|Reaching military medical target audience and sharing our results with civil society.>
|To fulfill our administrative purposes including accounting, billing and audit.
To improve our services.
Our legitimate interests.
Our legal duty.
|Being efficient about how we fulfill our contracts, provide our services and fulfill our legal duties.
Identifying ways to improve the way we deliver services to our customers.
4. How long we keep your data
We keep your data only for as long as we need it. How long we need data depends on what we are using it for, whether that is to provide services to you, for our own legitimate interests (described above) or so that we can comply with the law.
We will actively review the information we hold and when there is no longer a customer, legal or business need for us to hold it, we will either delete it securely or in some cases anonymize it.
5. How we protect your data
We protect your personal data against unauthorized access, unlawful use, accidental loss, corruption or destruction.
We use technical measures such as encryption and password protection to protect your data and the systems they are held in. We also use operational measures to protect the data, for example by limiting the number of people who have access to our databases.
We keep these security measures under review and refer to industry security standards to keep up to date with current best practice.
6. Sharing your data
We share some of your personal data with, or obtain personal data from, the following categories of third parties:
6.1. Suppliers who provide services to us:
We will share your data with
a) the company which provides catering services during our events, for example, if you have requested a certain type of meal.
b) the company which provides IT development for us.
We will make sure that our suppliers respect your personal data and comply with data protection laws.
6.2. MILMED COE social media (e.g. official Facebook account) and official publications: during our events photos and/or videos may be taken and you may appear in these photos and/or videos. We may use these photos and/or videos to illustrate our official social media posts or
7. Your rights
You are entitled to see copies of all personal data held by us and to amend, correct or delete such data. You can also limit, restrict or object to the processing of your data.
If you gave us your consent to use your data, e.g. so that we can send you marketing emails, you can withdraw your consent. Please note that even if you withdraw your consent, we can still rely on the consent you gave as the lawful basis for processing your data before you withdrew your consent.
You can object to our use of your data where we rely on our legitimate interests to do so. We explained the legitimate interests we rely in the table above under the heading ‘How we use your personal data’.
To raise any objections or to exercise any of your rights, you can send an email to us. Our contact information can be found above.
When you get in touch, we will come back to you as soon as possible and where possible within one month. There is no charge for such requests. We may also ask you to verify your identity before we provide any information to you.
The detailed list of your rights list:
7.1. Right of access: it means a.) you have the right to know whether your data (and what kind of personal data) are being processed and b) if so, access it with loads of additional stipulations;
7.2. Right to rectification: when your personal data are inaccurate, then we need to correct them indeed, upon your request;
7.3. Right to erasure or right to be forgotten includes erasing your personal data whenever you request so and there are no legitimate ground for retaining it;
7.4. Right to restriction of processing: you can to limit the processing of your personal data
7.5. Right to be informed:
7.5.1. you are entitled to be provided with all the following information: a) person and contact info of data controller and data processor
b) purpose and legal ground of data processing
c) if the legal ground of data processing is someone’s legitimate interest description of such interest
d) addressees of personal data if data are shared
e) if your persona data are sent outside of the European Economic Area.
7.5.2. Furthermore, you are entitled to be informed about
a) duration of data processing
b) your rights concerning the data processing, such as right to access, erase, ask for correction, limit the data processing, object, and right to data portability
c) your right to withdraw your consent to data processing
d) your right to complain
e) whether the legal ground of data processing is contractual obligation or based on laws
f) decisions based solely on automated processing, if any
7.6. Right to data portability: you ask the data processor to give back the personal data as required and allow the transfer to another data processor.
7.7. Right to object: you can object to the processing pf special conditions apply. Also, quickly respond and demonstrate legitimate grounds. Simply said, you can say you do not want the personal data processing to be done or going on.
7.8. Right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
If you have any complaints concerning our data processing, please contact us by using one of our contact details written above.
JOIN US ON FACEBOOK!