COCIR Privacy Policy

This privacy policy (“Privacy Policy”) explains how COCIR collects, processes, shares and protects personal data in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. 

This Privacy Policy is part of our broader data protection framework, which includes the COCIR Internal Data Protection Policy in Compliance with the European General Data Protection Regulation, governing all our data processing activities. While the Privacy Policy focuses on our website visitors and users as well as employees of our member and partner organizations, our commitment to data protection extends across all areas of our activities.

This Privacy Policy was amended on 15 November 2024.

Data controller

EUROPEAN COORDINATION COMMITTEE OF THE RADIOLOGICAL ELECTROMEDICAL AND HEALTHCARE INFORMATION TECHNOLOGY (IT) INDUSTRY AISBL (hereafter “COCIR”, “we” or “our”) is an international non-profit making association with registered office at Boulevard Auguste Reyers 80, Schaerbeek (1030 Brussels).

COCIR acts as a data controller as defined under the General Data Protection Regulation EU 2016/679 (GDPR).

Personal data collected

We may collect personal data from you, including:

  • name
  • professional or personal email address
  • professional contact details
  • function
  • information about your attendance in COCIR meetings and events
  • invoicing data
  • IP location, device information and operating system, language support

information about your interactions and behavior on our website

How your personal data is collected and processed - purpose

  • If you visit our website. Please refer to below section on cookies for information.
  • If you log in into our members area or if you participate in our activities such as working groups open to members

On the basis of the performance of a contract to which your organisation is a party and in order to provide information and services as agreed under the COCIR membership we may process personal data, such as name, organisation, function and e-mail address, attendance in a meeting.

  • If you register for an event

On the basis of the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract, or on the basis of legitimate interest as long as it is not overridden by your own interests or fundamental rights and freedom, and in order to provide access to an event organised or supported by COCIR, we may collect personal data, such as name, organisation, function, e-mail address and invoicing data.

  • If you sign up for our news updates or if we send you spontaneously updates on our activities, we may collect your name and email address. We rely on our legitimate interest for doing so, as long as this is not overridden by your own rights and interests. You have the right to opt out at all times, by contacting us at dataprotection@cocir.org or to use the “unsubscribe” link in emails received via MailChimp.
  • If you give us your business card. Prior to using your data, we will ensure that you do not object to any further processing  
  • If we enter into an agreement or a partnership with your organisation, on the basis of the preparation or performance of such contract or partnership  

We will not use your personal data for other purposes than the ones described in this privacy policy without a prior notification and, where required, the possibility to accept or reject the use of your personal data for a different purpose.

                                                                                                

Sharing data

We may share your personal data with:

  • third parties who may process personal data on our behalf in accordance with our instructions. These third parties include service providers that provide support on aforementioned activities, particularly in terms of event management, communication and web hosting, as well as consultants, for the purpose of performance of their service contracts with us
  • administrations, regulators or judicial bodies, as required by law or a binding order.

 

Transfers of data to third countries

We transfer personal data to third countries, outside the European Economic Area (European Union, Iceland, Liechtenstein, Norway), including to countries not recognized by the European Commission as providing an adequate level of data protection (indicated by an adequacy decision by the European Commission). We ensure that such international transfers are made subject to appropriate safeguards as provided for by the GDPR, including Standard Contractual Clauses (SCCs), corporate rules, codes of conduct, and certification mechanisms. For more details about the transfers of your personal data to third countries or to exercise your data subject rights, please contact us at dataprotection@cocir.org (see also section Your rights of this Privacy Policy).

 

Data security

We take appropriate technical, physical, and organisational measures to protect your personal data against unauthorised processing, accidental loss or damage. These measures include encryption, access controls, secure storage (including protected servers and physical security of hardware), regular software updates, appropriate backup strategy, staff guidelines and training, and periodic security assessments.

 

Retention of personal data

We will not retain your personal data longer than necessary for the purposes for which the data were collected, after which it will be removed and erased unless applicable law requires a specific retention period

  • For the duration of visiting our website and in line with the expiry set by accepted cookies (refer to cookies below)
  • For the duration of your active COCIR account
  • For the duration of the communication on an event you have registered for
  • For the duration of your subscription to our news updates, unless you opt out at any time by contacting us at dataprotection@cocir.org or use the “unsubscribe” link in emails received via Mailchimp
  • For the duration of our communication with you on our activities unless you opt out at any time by contacting us at dataprotection@cocir.org or use the “unsubscribe” link in emails received via Mailchimp
  • For the duration of the contract or partnership we have with your organisation

 

Cookies

Cookies are small text files that are installed on your browser, on your computer or on your mobile device. They allow a website to recognize your device. We may use cookies for the technical and functional management and improvement of the website, to remember your login details, to collect statistical data on an anonymous basis, etc.

 

We are currently making use of the following cookies:

 

Type of cookies

Purpose and right to disable

Expiry

Essential cookies

These cookies are essential to browse on our website and use its features. Essential cookies do not require your consent and cannot be disabled.

Valid one month

Social media cookies

They are set by third-party services like YouTube, Facebook, and other social media platforms to provide additional features and capabilities, for instance enable video playback on YouTube or share content on Facebook. We do not control third-party cookies, and you should consult the respective privacy policies of third-party providers to understand how their cookies work and how to manage them. They can be disabled by you when you enter the website for the first time and may change your preferences at any time by clicking on the “Privacy settings” tab on the left side of the webpage.

Valid one month

Website analytics cookies

They are used to track website visitors and their user behaviour. This data is then used to improve the way the website works and in turn, used to improve user experience. They can be disabled by you, as explained above for the social media cookies.

Valid one month

Google analytics cookies

They are one of the most common analytics cookies set by websites. They can be disabled by you, as explained for the social media cookies.

Valid thirteen months

 

Links to other websites

COCIR website features links to other websites of interest. After you follow these links and leave our website, please be aware that we do not control the content and data protection practices of third-party websites and that they are not covered by our privacy policy. We advise you to be careful and to review the privacy policy of any website you visit.

 

Your rights

You have the right to obtain (i) access to your data, (ii) correction of inaccurate or incomplete data, (iii) the erasure of your data, (iv) the restriction of processing your data, (v) the portability of your data and (vi) the right to object to the processing of your data in general as well as to the processing of your data for direct marketing and profiling purposes. Some of these rights may be subject to conditions or exceptions.

 

If the processing of your data is based on consent, you also have the right to withdraw your consent at any time, without this affecting the legitimacy of the processing done prior to the withdrawal of your consent.

 

You can send your request by e-mail to dataprotection@cocir.org. To protect your privacy and security, we may take reasonable steps to verify your identity before processing your request. 

 

Updates to the COCIR privacy policy

We may update or change our privacy policy at any time in order to reflect our data processing activities. Our published privacy policy will always be updated or changed accordingly.

 

Contact us

For any question or comment related to this Privacy Policy or the exercising of your data subject rights, please send an e-mail to dataprotection@cocir.org.

 

Complaints

You have the right to lodge a complaint with the supervisory authority of your habitual residence, your place of work or the place of an alleged infringement of the GDPR. The Belgian Data Protection Authority is the supervisory authority for Belgium and can be contacted at contact@apd-gba.be.