Privacy Policy

GS1 in Europe is committed to protecting the privacy of its customers and users who access this website. Therefore, it has drawn up this Privacy Policy to affirm its commitment and respect for the privacy rules and protection of personal data.

Please bear in mind that the use and navigation on our website, the completion of our forms and the direct or indirect provision of personal data imply knowledge and acceptance of the conditions of this Privacy Policy and other terms, policies and conditions specific to the services provided on this website. By providing your personal data, you authorize the collection, processing, use and disclosure of them under the rules defined herein.

Who is responsible for collecting and processing the data?

GS1 in Europe, headquartered in Galerie Ravenstein 4 box 10, 1000 Brussels – Belgium, is responsible for collection and processing of personal data, and may, within the scope of its activity, resort to entities subcontracted by it for the pursuit of the purposes indicated herein.

What is personal data?

“Personal data” is any information of any nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person.

An identifiable person is considered a person who can be identified directly or indirectly, namely by reference to an identification number or to one or more specific elements of their physical, physiological, psychological, economic, cultural or social identity.

What personal data is collected and processed?

GS1 in Europe, within the scope of its activity, collects and processes mainly under the legitimate interest principle, among others, the following personal data: name, surname, postal code, date of birth, email address, mobile or landline number, gender, address, VAT number. Please be aware that GS1 in Europe does not and will never collect or process any sensitive data like: political, religious or philosophical beliefs, racial or ethnic origin, sex life or sexual orientation or any data concerning health.

The personal data collected are processed by computer and in strict compliance with the legislation on the protection of personal data, being stored in a database that guarantees its security and confidentiality in accordance with the accepted information technology, technical and organizational measures, to protect from loss, alteration, destruction, misuse in general or that the collected data are used for any purpose other than that for which the data subject gave consent. When profiling occurs, please be aware that profiling will be fair, lawful, proportionate and always linked to institutional services/activities carried out directly by GS1 in Europe in the interest of industry stakeholders and  GS1 communities.

If you wish to subscribe to our newsletter or request more information, you will be presented with a form to collect personal data. If you fill out any of the forms available for the purposes described above, we consider that your conscious, express and unambiguous consent is given for their activation and subsequent use.

GS1 in Europe assumes that the owner of the data provided the data or that the latter has given the authorization to do so and assumes that they are true and up to date.

How are your personal data collected?

Your personal data can be collected through the following means:

  • E-mail;
  • Website;
  • Phone calls;
  • In person;

The collected data are processed and stored by computer and in strict compliance with the personal data protection legislation in force – namely the General Data Protection Regulation (Regulation No. 2016/679 of the European Parliament and of the Council, of 27 April 2016) and Law No. 58/2019, of 8 August.

What is the purpose of the data collected?

The purpose of the processing of personal data by GS1 in Europe consists in the management and processing of requested services and communication with member companies, and stakeholders, processing of information requests and complaints, statistical analysis, as well as their use for direct marketing purposes, within this context.

From time to time, GS1 in Europe may use the contact information provided to render information that deems relevant. The Data Subject is always allowed not to receive this type of information.

When collecting the data, you will be provided with more detailed information about the use we will make of your data. Data is also collected for the exclusive use of GS1 in Europe’s marketing activities to compile aggregated statistics, metrics, and general trending elements to improve and optimize advertising campaigns and other promotional and analytical purposes.

In summary, the data collected are intended to integrate personal data files that GS1 in Europe may use for the following purposes:

  • Contact list;
  • Promotion of events/invitations;
  • Suggestions and complaints;
  • Advertising;
  • Billing;
  • Fulfillment of other legal obligations.
  • What is the basis for the processing of your personal data?

The treatments associated with the purposes of items a) Contact list, b) Promotion of events/invitations, e) Advertising and h) Information to customers are based on your consent, as the data subject.

To whom do we transmit your personal data?

As a rule, GS1 in Europe does not share users’ personal data with third parties with whom it has not established a contractual relationship that provides for the confidential treatment of these data.

GS1 in Europe may transmit your personal data to third parties provided that, for this purpose, you have unequivocally obtained your consent, as Data Subject, or when:

the transmission takes place within the scope of compliance with a legal obligation, a decision of the National Data Protection Commission or a court order;

the communication is carried out to protect the vital interests of Data Subjects;

any other legitimate purpose provided for by law.

GS1 in Europe takes the appropriate measures to ensure that third parties with access to your data are reputable and offer the highest guarantees at this level, which will be duly enshrined and safeguarded in a contract to be signed between GS1 in Europe and the (s) third party(s).

Thus, any entity subcontracted by GS1 in Europe will process the personal data collected and processed, in the name and on behalf of GS1 in Europe, under the obligation to adopt the necessary technical and organisational measures to protect the personal data against accidental or unlawful destruction, accidental loss, unauthorized alteration, dissemination or access and against any other form of unlawful processing. In any case, GS1 in Europe remains responsible for the personal data collected.

How long do we keep your personal data?

The period of time during which your personal data are stored and preserved by GS1 in Europe varies according to the purpose for which the information is processed and in accordance with the obligations and legal requirements that may apply, and which require you to keep the data for a minimum period of time.

Thus, and whenever there is no specific legal obligation, your personal data will be stored and kept only for the minimum period necessary for the purposes that motivated its collection or subsequent processing, after which it will be eliminated.

We expressly remind you that you can request GS1 in Europe to delete all your personal data at any time. This request should be sent to contactus@gs1eu.org.

What are your rights as the owner of personal data?

GS1 in Europe guarantees the applicability and compliance with all the rights of the holder of personal data provided for in the GDPR and other applicable legislation in force.

Therefore, we inform you that, as the owner of personal data that has been transmitted to us, you have the right, at any time and without any charge, to request GS1 in Europe:

  • access to the personal data you have provided;
  • the rectification of your personal data;
  • the deletion of your personal data;
  • limiting the processing of your personal data;
  • to stop processing your personal data;
  • the portability of your personal data to a third party indicated by you.

You may exercise your rights free of charge unless it is a manifestly unfounded or excessive request, in which case a reasonable fee may be charged, taking into account the costs that may be generated with your request.

We will respond to your requests within a maximum period of 30 days, except for more complex requests.

You can exercise your rights through the following addresses:

Address: Galerie Ravenstein 4 box 10, 1000 Brussels – Belgium

E-mail address: contactus@gs1eu.org

However, you have the right to file a complaint with the National Data Protection Commission regarding matters related to the processing of your personal data.

Privacy Policy Update

GS1 in Europe reserves the right, at any time and without prior notice, and with immediate effect, but without prejudice to the legal rights granted to the Data Subjects, to change, add or revoke, partially or totally, this Privacy Policy.

Any changes to this Privacy Policy will be immediately posted on this same page, and we recommend that you periodically check this page to be updated on the latest version.

If you have either any questions about changes to this Privacy Policy or any reasons to object our processing your data under the legitimate interests ground or our profiling activities please send us your request for clarification via email at contactus@gs1eu.org or to the address of GS1 in Europe. You will receive an answer within 5 working days latest.

This Privacy Policy was last updated on June 20, 2024