PRIVACY INFORMATION NOTICE – EMAIL MARKETING
1. Who is the Data Controller?
Red Rocks Church US, a non-profit corporation incorporated under the laws of Colorado, with registered office at 9132 West Bowles Ave., Littleton, CO 80123, United States (“Red Rocks Church”) is the data controller and determines the purposes and means of the processing of personal data. Red Rocks Church designated Red Rocks Church ASBL, having its registered office at Chaussée de Bruxelles 196, 1410 Waterloo, Belgium and with company number 0646.891.911, as its representative within the European Union.
2. What are the categories of Personal Data collected?
When you subscribe to Red Rocks Church newsletter or other e-communications, you acknowledge that Red Rocks Church and its agents or employees, will process your name, email address, date and time of subscription and logs (the “Personal Data”).
3. How are Personal Data used?
The Personal Data will be processed by Red Rocks Church in order to send you newsletter and other marketing e-mails to which you subscribed.
4. What legal basis does Red Rocks Church rely on to process your Personal Data?
Red Rocks Church relies on your consent to process the Personal Data.
5. What are your rights and how can you exercise them?
You have the right to access your Personal Data, as collected and used by Red Rocks Church, and request their rectification, restriction of processing or erasure, as the case may be. To exercise these rights, you must send a written and signed request to Red Rocks Church at the above-mentioned address or by email at [email protected], together with the necessary elements allowing Red Rocks Church to confirm your identity.
In general, you also have the right to withdraw your consent to any processing at any time. This withdrawal of consent does not affect the lawfulness of the processing based on consent made prior to such withdrawal.
If you consider that the processing of your Personal Data constitutes a violation of the applicable legislation, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of the European Union of your usual place of residence, your place of work or the place where the violation occurred. The Belgian supervisory authority is the “Autorité de Protection des Données/Gegevensbeschermingautoriteit” and can be contacted at Rue de la Presse, 35, 1000 Brussels or by email at [email protected]
6. Personal Data retention period
Personal Data will be immediately erased after you withdraw your consent, unless Red Rocks Church has a specific legitimate interest in storing your Personal Data for a longer period (e.g. to comply with a legal obligation, such as proving that you previously consented to receiving e-mails). Any Personal Data which is contained in Red Rocks Church’s or any of its processor’s regular backups will not be deleted, provided that any such Personal Data shall remain subject to the applicable confidentiality, data privacy and security obligations until destroyed.
7. Transfer and security of Personal Data
Red Rocks Church will process the Personal Data through Red Rocks Church ASBL. The Personal Data may however be transferred to third parties for hosting and processing purposes. If necessary, the Personal Data may also be transferred to Red Rocks Church in the United States for management purposes. Personal Data are processed through MyEmma, operated by Emma Inc., 9 Lea Avenue, Nashville, TN 37210, USA and PaperlessPost, operated by Paperless Inc., 115 Broadway, New York, NY 10006, USA. Appropriate measures will be taken to ensure the security of the Personal Data with respect to such transfer, in particular outside of the European Union (e.g. conclusion of the Standard Contractual Clauses or adhesion to the Privacy Shield). A copy of such appropriate contractual measures may be obtained upon request by following the procedure described above.