Privacy Policy

Last Updated: December 2024

Ermal Beqiri

At ACTI, we are committed to protecting your personal data and respecting your privacy. This privacy policy explains how we collect, use, share, and safeguard your personal information in compliance with Albanian data protection laws and applicable international regulations. By using our website or interacting with us, you consent to the practices described in this policy.

1. Who We Are
ACTI is an IT and innovation association based in Albania. For the purposes of data protection laws, we act as the data controller for the information we collect.We process your personal data in accordance with Law No. 9887/2008 on the Protection of Personal Data, as amended (“ADPL”), and relevant secondary legislation, as well as principles inspired by the European Union’s General Data Protection Regulation (GDPR) when applicable.
For inquiries regarding this policy or your personal data, you can contact us at: [email protected]

2. What Data We Collect
We may collect the following types of personal data:
a) General Personal Data: Name, email address, phone number, and other contact information.
b) Special Categories of Data (if applicable): Any sensitive data, such as information about health or biometric data, will only be collected with explicit consent.
c) Technical Data: IP address, search queries, and log files to enhance website performance.
d) Membership and Transaction Data: Information related to your membership, purchases, and services requested.

3. How We Use Your Data
We process your personal data for the following purposes:
a) To provide services and information relevant to your membership or interests in the association.
b) To communicate updates, newsletters, or event details.
c) To improve our website and user experience.
d) To comply with legal obligations under the ADPL.

We process your personal data based on

4. Legal Basis for Processing
We process your personal data based on:
a) Your consent (e.g., subscription to newsletters).
b) Contractual necessity (e.g., providing requested services).
c) Compliance with legal obligations (e.g., responding to lawful requests by authorities).

5. Data Sharing
Your personal data may be shared with:
a) Authorized service providers assisting us in delivering our services.
b) Regulatory authorities, when required by law.
We ensure that any third parties processing your data adhere to the appropriate technical and organizational measures to safeguard your information.

6. Data Protection Measures
We implement technical, administrative, and physical measures to protect your data from unauthorized access, loss, or misuse. While no system is fully secure, we strive to apply best practices in data protection.
We take the following measures to protect your data:
a) Implementing technical safeguards such as encryption and secure servers.
b) Maintaining organizational policies to limit data access to authorized personnel only.

7. Your Rights
Under the ADPL, you have the following rights:
a) Right to Information: Obtain details on how your data is being processed.
b) Right to Access: Request access to your personal data.
c) Right to Rectification: Request corrections to inaccurate or incomplete data.
d) Right to Erasure: Request deletion of your personal data, subject to legal obligations.
e) Right to Object: Object to the processing of your data under specific circumstances.
f) Right to Complain: File a complaint with the Commissioner for Protection of Personal Data.
For any requests regarding your rights, contact us at [email protected]

8. Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this policy and as required by applicable laws. Specific retention periods include:
a) Membership records: Retained during membership and a reasonable period after as outlined by law.
b) Transaction records: Retained as needed for tax and auditing requirements.

9. International Data Transfers
If your personal data is transferred outside Albania, we ensure that appropriate safeguards are in place, such as contractual agreements or compliance with GDPR principles. Where applicable, we ensure these transfers comply with data protection laws, including the implementation of appropriate safeguards.

10. Data Breaches
In the event of a data breach, we will notify the supervisory authority and affected individuals in accordance with applicable legal requirements.

11. Updates to This Policy
We may update this privacy policy to reflect changes in legal or operational requirements. The updated policy will be posted on this page with the effective date.

12. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for their privacy practices, so please review their policies before providing personal data.

Supervisory Authority Contact:
Commissioner for Protection of Personal Data
Email: [email protected]
Phone: +355 69 411 8209
For further assistance or complaints, you may also contact this authority directly.
________________________________________
By using our website, you agree to the terms of this privacy policy. Thank you for trusting ACTI.