ETSI privacy policy

This privacy policy is effective from 16 April 2018 and was last updated on 20 June 2019.

ETSI is a not-for-profit organization established under the French law of 1st July 1901 and recognized as a European Standards Organization dealing with telecommunication, broadcasting and other electronic communication networks and services.

The purpose of this privacy policy is to inform you about the way your personal data is handled and protected by ETSI in accordance with the French law and the General Data Protection Regulation EU 2016/679.

Scope

This privacy policy sets out how the ETSI Secretariat (hereafter “ETSI”) uses and protects any personal data that you give us when you use the ETSI websites and, services or when you provide ETSI with your personal data by mail or e-mail or any other means.

“Personal data” has the meaning ascribed to it in the French Data Protection Act n°78-17 dated 6 January 1978 modified in 2018 and means any information relating to an identified or identifiable person; an identifiable person being one who can be identified, directly or indirectly by reference to an identification number or to one or more elements specific to the person.

ETSI is committed to ensure that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using the ETSI websites and services, we assure you that we will only use it in accordance with this privacy policy.

This privacy policy describes what information we collect, why we collect it and what we do with it. We may change this privacy policy from time to time by updating this page (Refer to the section “Amendments to this privacy policy” below). 

Your consent

By using the ETSI websites and services or by otherwise providing your personal data to ETSI, you acknowledge and consent to our collection, use and disclosure of your personal data in accordance with the terms and conditions of this privacy policy in its latest version.

What kind of personal data we collect and why

We undertake to collect only the personal data necessary to achieve the purposes for which your personal data are collected with your consent as mentioned in a specific consent request and/or as necessary to meet our contractual and legal obligations, protect the security of our systems and our users, or fulfill other legitimate interests.
We collect your personal data only when you have provided it voluntarily when you use ETSI services and interact with us. Unless specifically requested and using the method we have specifically identified for such purpose, we ask you not to send us any confidential or sensitive personal data such as but not limited to national ID or passport number, credit card number, health insurance number, driving license number, photos, videos, birthday date or equivalent.

Cookies

We use cookies or similar technologies to collect data about your use of ETSI websites and services. Cookies are small pieces of information that are stored by your browser on your computer's hard drive.
We use cookies to capture information about your visit for the following purpose:

  • statistical or survey purposes to improve ETSI websites and services for you
  • authentication
  • to administer and provide you with the content of ETSI websites and services

Whilst these websites and services use cookies, you can set up your browser to reject cookies, but disabling their use may materially impact your interaction with ETSI websites and services.

Reasons we communicate personal data

We never sell, lease or rent your personal data.
We communicate your personal data to third parties only with your consent or when it is necessary to provide you with the service you have requested or authorized and for which you have provided your personal data.
We may also share your personal data with suppliers working on our behalf when required by law or to respond to legal process, to protect our users, to protect lives, to maintain the security of our products, and to protect the rights or property of ETSI.

Transfer of personal data outside of the European Economic Area (EEA)

By using ETSI websites and services or by otherwise providing your personal data to ETSI, you agree that your personal data may be transferred from your country to another country outside of the European Economic Area (EEA) that may not provide an equivalent level of privacy or data protection law than that obtaining in France. In such a case, we request that adequate protection for your personal data is provided by our service providers and partners.

Accuracy of your personal data

We take all reasonable measures to keep the personal data we process accurate and to delete incorrect or unnecessary personal data.

Your rights

You have rights of access, rectification, objection and erasure related to the personal data we hold about you. You may exercise your rights by contacting us or by managing your account and choices through available profile management tools available through our services. When updating your personal data, we may ask you to prove your identity before acting on your request. We may also reject requests that are repetitive, require disproportionate technical effort, conflict with legal requirements, harm the privacy rights of others or would be extremely impracticable.

Children’s privacy

Part of ETSI websites and services are open to a general audience and are designed to allow visitors to browse through the websites without providing any personal data.

However, when the collection of personal data is required or permitted, this is not intended to attract children. We do not knowingly collect personal data from anyone under the age of 13 and will immediately destroy such information from our records if we discover it.

Links to other websites

We may provide links to other websites for your convenience and information, but these websites may operate independently from ETSI and have their own privacy notice or policy which we strongly recommend that you review those organizations’ policies insofar as they apply to your visit to those websites. We are not responsible for the content of those websites and their privacy practices.

Retention

We retain your personal data as described in the present privacy policy for as long as we need it to provide you with our services or to comply with a legal request unless a longer retention period is required or permitted under the applicable law.

The security of your personal data

Wherever your personal data may be held by ETSI, we will take reasonable and appropriate measures to protect the personal data that you share with us from unauthorized access or disclosure.
You are responsible to safeguard your credentials, IDs and passwords. If you suspect that your credentials, IDs and/or passwords have been compromised, please inform us immediately, using the contact methods detailed below.

Amendments to this privacy policy

This privacy policy may be updated from time to time and without prior notice to you in order to reflect changes in our practices related to personal data.
We recommend you visit this page regularly to view the current terms and conditions, bearing in mind that the date of effectiveness will always be mentioned at the top of this privacy policy with the date of the latest update.

Contact us

If you have any questions or comments about this Privacy policy or if you would like to exercise you rights mentioned in the above section “Your rights”, please contact us by e-mail at privacy@etsi.org; you may also write to:

ETSI
Privacy and Legal department
650 Route des Lucioles
06921 Sophia-Antipolis CEDEX
France