This European Economic Area (EEA) Privacy Statement discloses information about the privacy practices with respect to personal data protected under the General Data Protection Regulation (GDPR) for the EEA, which became effective on May 25, 2018. The GDPR is a regulation adopted for the EEA that governs the use and processing of personal information. Futurepast: Inc. (FUTUREPAST) is committed to processing your EEA Personal Data in compliance with the GDPR and has prepared this statement to provide you with information about your rights under the GDPR.
In addition to this statement, other notices have been published applying to the use and other processing that may be subject to the GDPR of Personal Information (per our Privacy Policy).
The information provided in this statement applies solely to individuals whose data is subject to protection under GDPR, and defined as EEA Personal Data (see below), and the statements hereunder are subject to the terms of our Privacy Policy.
(1) Information associated with our Sites (per our Privacy Policy).
For information associated with a FUTUREPAST website, this EEA Privacy Statement should be read together with our Privacy Policy or our Sites that have linked you to this webpage. The Sites are published in the United States and are subject to the laws of the United States. If you are located in the EEA and you voluntarily submit personal information to us, your information will be used as provided in our Privacy Policy and in this EEA Privacy Statement and will be transferred to, and/or stored in, the United States.
(2) Direction to this webpage.
The general information published on this webpage is intended to supplement specific information that you may have already been given in connection with your activities related to FUTUREPAST or its affiliates.
(3) Meaning of “EEA Personal Data”
(a) Your personal information is EEA Personal Data if: it is “personal data” as defined in the GDPR; and the GDPR includes protection of the personal data in its scope.
(b) The GDPR defines “personal data” broadly. It includes “any information relating to an identified or identifiable natural person.” Examples of personal data include your “name, an identification number, location data, an online identifier [and] factors specific to [your] physical, physiological, genetic, mental, economic, cultural or social identity.” GDPR. Article 4(1).
(c) The scope of the GDPR generally applies to collecting, using or other “processing” (see below) of personal data (as provided in Article 3): (i) when the processing is part of the activities of an organization that acts in an established way in the EEA (it is not required that the processing take place in the EEA); (ii) when the processing is by an organization that is not established in the EEA and the organization offers goods or services to persons who are physically in the EEA. (A payment for the goods or services is not required.); and (iii) when the processing is by an organization that is not established in the EEA and the processing activities are related to the monitoring of the behavior of a person who is physically in the EEA, as far as their behavior takes place within the EEA. For example, if you provide personal information to FUTUREPAST when you are physically present in the EEA or while you participate in an established FUTUREPAST program occurring in the EEA, that personal information may be EEA Personal Data.
(d) “Processing” is a term used by the GDPR to cover any way of working with personal data, from collecting to using to sharing to destroying. GDPR Article 4 (2).
(4) Purpose and lawful basis under the GDPR for processing your EEA Personal Data
It is FUTUREPAST’s policy to collect, use and process EEA Personal Data about you only where we have a legal basis for doing so under the GDPR.
A legal basis under the GDPR may be, for example: (i) we need it to perform a contract with you, such as to provide you services; (ii) it satisfies a legitimate interest (which is not overridden by your data protection interests), such as to promote and provide goods and services to you and to protect our legal rights and interests; (iii) you give us consent to do so for a specific purpose; (iv) we need to process your data to comply with a legal obligation; (v) we need to process your data in connection with your or another person’s vital interest; (vi) we need to process your data in connection with the public interest; (vii) we have another legal basis permitted under the GDPR.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Unless you are told otherwise, there is no requirement to supply us with any of your EEA Personal Data.
We may process your EEA Personal Data for a variety of service- and business-related purposes, including for analyzing and improving website performance; email and other communications; processing you have requested; third-party services; and security and legal requirements.
The use of your EEA Personal Data in the manner described above and in the Privacy Policy are necessary for our legitimate interests in operating and improving our Sites, analyzing their use, and ensuring their security. The Sites collect certain EEA Personal Data and we use it in ways that are compatible with your individual rights and freedoms. Where you enter your EEA Personal Data into an online form on any of our Sites for any specified purpose, you will be told about the use we will make of that information (e.g., to send you newsletters or to enable your attendance at an event).
(5) How EEA Personal Data is kept.
Information about how long different types of information are retained is provided in our Privacy Policy.
(6) Rights respecting EEA Personal Data
These rights are specified in our Privacy Policy.
(7) Questions
(a) If you have any questions about how your EEA Personal Data is used, or wish to exercise any of your rights with respect to your EEA Personal Data, please contact us (per our Privacy Policy).
(b) If you are unsatisfied with the way your EEA Personal Data is being handled, or with the response received from us, you have the right to lodge a complaint with the GDPR supervisory authority in the EEA country where you habitually reside, where you work, or where you believe an infringement of the GDPR occurred.
(8) Changes to this Privacy Statement
FUTUREPAST and its affiliated entities reserve the right to change, modify, or otherwise amend this Privacy Statement, at their sole discretion and at any time as they deem circumstances warrant. Any such changes will be posted on this page.
Effective: July 5th, 2019