Data Protection Policy

Data Protection Policy

At ASA Kerala, we are committed to protecting and respecting your privacy. This Data Protection Policy explains how we collect, use, and safeguard your personal information in compliance with applicable data protection laws and regulations.

1. Introduction

ASA Kerala ("we", "us", "our") is the controller of your personal data under relevant data protection legislation. This policy outlines our practices regarding the collection, processing, storage, and protection of personal data we obtain through our website, services, events, and other interactions.

2. Legal Basis for Processing Data

We process your personal data on the following legal grounds:

• Consent: When you explicitly agree to the processing of your personal data for specified purposes.
• Contract: When processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
• Legal Obligation: When processing is necessary to comply with a legal obligation to which we are subject.
• Legitimate Interest: When processing is necessary for our legitimate interests or those of a third party, except where such interests are overridden by your fundamental rights and freedoms.

3. Data We Collect

We may collect the following types of personal data:

• Identity Data: Name, gender, date of birth, membership number.
• Contact Data: Email address, postal address, phone number.
• Professional Data: Organization, job title, professional history, educational qualifications.
• Technical Data: IP address, login data, browser type and version, device information, operating system, and other technology on the devices you use to access our website.
• Usage Data: Information about how you use our website, products, and services.
• Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.
• Financial Data: Payment information for program registrations or membership fees.

4. How We Use Your Data

We use your personal data for the following purposes:

• To register you as a member or program participant.
• To manage our relationship with you, including notifications about changes to our terms or policies.
• To provide you with information, products, or services you request from us.
• To administer and protect our organization and website.
• To measure or understand the effectiveness of our services and improve our operations.
• To make suggestions and recommendations to you about events or services that may interest you.
• To comply with legal and regulatory obligations.

5. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and applicable legal requirements.

6. Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorized way. We limit access to your personal data to employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

7. Data Sharing

We may share your personal data with:

• Service Providers: Third parties who provide services to us, such as website hosting, IT support, payment processing, and event management.
• Professional Advisers: Including lawyers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
• Regulatory Authorities: Government bodies, regulators, and other authorities who require reporting of processing activities in certain circumstances.
• Program Partners: In cases where programs or services are delivered in partnership with other organizations, but only to the extent necessary for program delivery.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

8. International Transfers

As we operate in the context of Indo-Japanese relations, we may transfer your personal data to countries outside of India. When we do, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards, including standard contractual clauses approved by relevant data protection authorities.

9. Your Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to:

• Request access to your personal data.
• Request correction of incomplete or inaccurate personal data.
• Request erasure of your personal data.
• Object to processing of your personal data.
• Request restriction of processing of your personal data.
• Request transfer of your personal data to you or a third party.
• Withdraw consent at any time where we rely on consent to process your personal data.

You can exercise these rights by contacting us using the details provided at the end of this policy. Please note that these rights are not absolute and may be subject to certain conditions and exceptions under applicable law.

10. Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this policy. If you have any questions about this policy, including any requests to exercise your legal rights, please contact our DPO using the details provided below.

11. Complaints

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details below. You also have the right to complain to the relevant data protection authority in your jurisdiction if you are not satisfied with our response.

12. Changes to This Policy

We may update this Data Protection Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website with a revised effective date. Please check this page periodically for updates.