International Sugar Organization – Privacy Policy

Who we are

The International Sugar Organization (ISO) is an intergovernmental organization devoted to improving conditions on the world's sugar market through debate, analysis, special studies, transparent statistics, seminars, conferences and workshops. The ISO is governed in accordance with the International Sugar Agreement, 1992 (ISA, 1992).

Purpose

This policy explains ISO’s approach to the personal information we handle in fulfilling our objectives as required by ISA, 1992.

Our commitment

ISO is fully committed to handling personal information in accordance with data protection legislation and best data protection practices (GDPR). This means that your personal information will be:

1. Processed lawfully, fairly, and in a transparent manner.
2. Collected for specified, explicit and legitimate purposes.
3. Only collected so far as required for our lawful purposes.
4. As accurate and up to date as possible.
5. Retained for a reasonable period of time, in accordance with retention policies.
6. Processed in a manner which ensures an appropriate level of security.

Whether through this notice or otherwise, we hope to ensure that everyone has a good understanding of why ISO processes personal information and, where we do, the rights they have.

Why does ISO need to process personal information?

The ISO exists to represent the interests of our member countries and to promote our objectives (as stated in ISA, 1992) which include collecting and providing information on the world sugar market and encouraging increased demand for sugar.

As explained in this notice, there are various ways in which ISO must process personal data to allow us to fulfil our role.

How does ISO collect personal information?

Like most organizations that handle personal information, there are various ways in which ISO collects information from the people we deal with.

• Email and written correspondence.
• Telephone discussions.
• Visitors to the ISO website.
• Direct contact at ISO’s office and elsewhere.

In all instances, it should be obvious to you that ISO is collecting your personal data.

What personal information does ISO collect?

ISO collects personal information to fulfil its role and as there are many different aspects to this role, the information requested and collected will vary from person to person. 

From our members’ nominated representatives, alternates or advisers:
 The personal information most commonly collected is as follows:

• Title
• Full Name
• Contact details (including addresses, email, telephone numbers and fax)
• Job Title
• Country Designation

From non-members:
 The personal information most commonly collected is as follows:

• Title
• Full Name
• Job Title
• Contact details (including addresses, email, telephone numbers and fax)

What is the lawful basis for ISO processing activities?

ISO will only process personal information where we believe we have a lawful basis to do so. The basis for processing will vary from activity to activity. In some instances, processing may have more than one lawful basis.

The following information below summarizes the basis on which we process personal information.

• processing is necessary for ISO to meet its legitimate interests as an intergovernmental organization, including: the maintenance of our membership contacts database and other services (including conferences and publications) that we provide to members and non-members.
• consent has been given to ISO for using personal information as described in this notice;
• the use is necessary to perform a contract between an individual and ISO or to take steps which an individual requested us to take before entering into a contract;
• the use is necessary to comply with a legal obligation to which ISO are subject;
• the use is necessary for the purposes of understanding visitors to our website which is in our legitimate interests.

Does ISO share personal data with third parties?

Some of the processing activities on the ISO website requires us to share personal information with third parties. Whenever we share personal data, we take all reasonable steps to ensure it will be handled appropriately and securely by the third party.

How long does ISO retain personal information?

The periods for which ISO retains personal information depend on the purpose for which the information was obtained but, in general terms, we will retain personal data for so long as required by law, or as may be required for record keeping and ISO official member purposes.

Where does ISO store personal information?

Personal information is mostly processed by ISO’s staff at our office in the UK. To allow us to operate efficiently, digital and online processes are carried out through our web developer’s (OSCURA) server which is also located in the UK.

Cookies and IP addresses

ISO may collect information about the computer or device which is used to access www.isosugar.org. We use this information to improve the user experience, and to help us better understand the ways in which our website is used.

Cookies are very small text files that are stored on your computer when you visit some websites.

We use cookies to help identify your computer so we can tailor your user experience providing you with the correct details in our members area. We also use Google Analytics who use Cookies to track your page visits.

You can disable any cookies already stored on your computer, but these may stop our website from functioning properly. If you disable cookies you may not be able to use a members account, shopping basket, and payment system. Other areas of the website do not require cookies to function correctly.

We do not store credit card details nor do we share customer details with any third parties.

Your rights where ISO is processing your information

The law in the UK gives certain rights to individuals whose information is being processed by a third party. The following is a quick summary of these rights:

• Access to your information – you have the right to request a copy of the personal information about you that ISO holds.
• Correcting your information – ISO wants to make sure that your personal information is accurate, complete, and up to date, and so you may ask ISO to correct any personal information about you that you believe does not meet these standards.
• Deletion of your information – You have the right to ask ISO to delete personal information about you where:
  • You consider that ISO no longer requires the information for the purposes for which it was obtained
  • ISO is using that information with your consent and you have withdrawn your consent – see ‘withdrawing consent to using your information’ below.
  • You have validly objected to ISO’s use of your personal information – see ‘objecting to how we may use your information’ below.
  • ISO’s use of your personal information is contrary to law or ISO’s other legal obligations.
• Objecting to how we may use your information – you have the right at any time to require ISO to stop using your personal information for direct marketing purposes.
• Restricting how we may use your information – in some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to ISO’s use of your information. The right might also apply if ISO no longer has a basis for using your personal information but you don't want ISO to delete the data. Where this right is validly exercised, ISO may only use the relevant personal information with your consent.
• Withdrawing consent using your information – where ISO uses your personal information with your consent, you may withdraw that consent at any time, and the ISO will stop using your personal information for the purpose(s) for which consent was given.

Please contact ISO in any of the ways set out in the contact information and further advice section if you wish to exercise any of these rights.

General

ISO is not responsible for the content or the privacy polices of websites to which it may provide links.

Changes to our privacy policy

ISO keeps this notice under regular review and will place any updates on our website. Paper copies of the privacy statement may also be obtained by emailing info@isosugar.org or in writing to our office at 1 Canada Square, Canary Wharf, London E14 5AA.

This privacy statement was last updated in May 2018.

Contact information and further advice

If you have any questions which are not covered in this notice, we suggest that you email us info@isosugar.org. If you would prefer to submit your questions in writing, please write to our office at 1 Canada Square, Canary Wharf, London E14 5AA.

Complaints

While ISO seeks to resolve directly all complaints about how we handle personal information, you also have the right to lodge a complaint with the Information Commissioner's Office.