Terms and Conditions for Registered Users

1. General Information

These terms and conditions govern the use of the website operated by the European Society for Trauma and Dissociation (ESTD), headquartered at:

European Society for Trauma and Dissociation (ESTD)
Lijsterstraat 11
3514 TA Utrecht
The Netherlands

2. Data Controller

The ESTD Board of Directors is the data controller responsible for processing personal data. For any inquiries related to data protection, please contact:
Email: info@estd.org

3. Data Protection Officer

The Data Protection Officer (DPO) of ESTD is Barbara Puchalska. She can be contacted at:
Email: assistant@estd.org

4. Legal Basis for Data Processing

Personal data is processed based on the following legal grounds under Article 6 of the General Data Protection Regulation (GDPR):

• Performance of a contract (Article 6(1)(b) GDPR) – necessary for maintaining user accounts and providing membership services.

• Legal obligations (Article 6(1)(c) GDPR) – required for processing payments and complying with tax regulations.

• Legitimate interests (Article 6(1)(f) GDPR) – used for administrative purposes, security, and communication with members. ESTD’s legitimate interest includes ensuring the proper functioning of the website, maintaining membership services, preventing fraud, and improving user experience.

• User consent (Article 6(1)(a) GDPR) – where applicable, for additional communications or marketing.

5. User Accounts

The website provides different types of user accounts, including:

• Member accounts

• Board member accounts

• National representative accounts

• Technical administration accounts

6. Data Access Permissions

• National Representatives: Have access to the personal data of members from the country they represent, including full name and address.

• Board Members: Have access to full personal and billing data of all members.

• Technical Administrators: Have full access to all data for the purpose of maintaining website functionality.

7. Purpose of Data Processing

Personal data is processed for the following purposes:

• Maintaining user accounts on the website.

• Informing users about events, including national events.

• Processing payments and ensuring compliance with legal and tax obligations.

8. Retention Period for Billing Data

Billing data is retained for a minimum period of 7 years, in accordance with Dutch tax regulations. (business.gov.nl)

9. Third-Party Access to Data

The following external entities have access to personal data to the extent necessary for service provision:

• Legal and accounting service providers

• IT service providers

• External hosting providers

These entities are obligated to ensure the confidentiality and security of the data in compliance with applicable regulations.

10. Security Measures

To ensure the security of personal data, ESTD has implemented the following measures:

• The website uses an SSL certificate to encrypt data transmission and protect user information.

• The hosting provider has its own security measures in place to prevent unauthorized access, data breaches, and cyber threats.

11. User Rights

Users have the following rights regarding the processing of their personal data:

• Right to access their data

• Right to rectify inaccurate data

• Right to request data deletion

• Right to restrict data processing

• Right to data portability

• Right to object to data processing

Users have the right to request the deletion of their personal data. Requests for data deletion can be submitted to the Data Controller (info@estd.org) or the Data Protection Officer (assistant@estd.org). Upon receiving a request, the data will be deleted within 30 days, unless there are other legal obligations requiring its retention (e.g., tax obligations).

12. Complaints and Supervisory Authority

Users have the right to lodge a complaint regarding data protection practices with the relevant supervisory authority. In the Netherlands, complaints can be filed with:
Autoriteit Persoonsgegevens (Dutch Data Protection Authority)
Website: www.autoriteitpersoonsgegevens.nl

13. Changes to the Terms and Conditions

ESTD reserves the right to modify these terms and conditions as needed. Any changes will be communicated in advance through an updated version published on the website.

14. Contact Information

For any questions or concerns regarding these terms or data processing, please contact:

• Data Controller: info@estd.org

• Data Protection Officer: assistant@estd.org

By using this website, users acknowledge and agree to these terms and conditions.