Privacy Statement – May 2020
Introduction
At SWIFT, we are committed to protect and respect your personal data.
This Statement explains how we use personal data collected from you on our websites, including swiftinstitute.org.
We invite you to carefully read this Statement to understand our data processing practices.
For the purpose of the Belgian Act on Privacy Protection in relation to the Processing of Personal Data of 9 December 1992 (the Belgian Act), the data controller for personal data collected on our websites is S.W.I.F.T SCRL, Avenue Adèle, 1, 1310 La Hulpe, Belgium (‘SWIFT’ or ‘We’ in this Statement).
We may modify this Statement from time to time. Please check it periodically for changes, in particular when you submit personal data on our websites.
This Statement only applies to the processing of personal data collected by us on our websites.
SWIFT Purposes
We process personal data collected on our websites for the following purposes (together “SWIFT Purposes”):
- SWIFT governance
- The provision of SWIFT services and products
- Organisation of Sibos and other events
- Newsletters and other customer communications
- The operation of our websites (IP addresses, cookies, web acceleration)
More information on the use of your personal data (as a SWIFT customer) for SWIFT governance and for the provision of SWIFT services and products is available in the SWIFT Personal Data Protection Policy.
More information about the use of your data for the other purposes is given below.
Newsletters and Other Customer Communications
We may use personal data that we collect on our websites to provide you with newsletters and to invite you to participate in customer consultations and satisfaction surveys.
We only send you newsletters, customer consultations or satisfaction surveys that relate to SWIFT services and products.
In each mailing, we remind you about your right to opt-out of our newsletters, customer consultations or satisfaction surveys mailing lists.
You may opt-out or unsubscribe from the above mailings at any time by sending an e-mail to:
- Registration.SWIFT.Institute@swift.com and typing ‘unsubscribe’ in the subject line of your email.
Some of these newsletters and communications are sent to you on our behalf by suppliers specialised in mass mailings. We request those suppliers to provide us with the appropriate data protection and data security commitments (see ‘Sharing Data’ section below).
Operation of our Websites
IP Addresses
When you browse our websites, you do so anonymously. For our internal purposes, we may use IP addresses (the Internet address of your computer) stored in web logs to generate aggregate statistics on surf behaviour, such as traffic patterns and time spent on a page.
Cookies
Cookies are small pieces of information that are stored by your browser on your computer’s hard drive or in your browser memory. We use cookies for authentication purposes (for example to access the secure area of http://www.swift.com ), to track user sessions (for example login information on both the secure and public areas of http://www.swift.com ), to repopulate fields (for example to access the Sibos Exhibitor Guide), or to track online acceptance (for example to track acceptance of the disclaimer of our translation service over the last 24 hours) or language preference.
The information stored with cookies may include your name, first name, registration number on http://www.swift.com , language preference, login ID, and IP addresses. Cookies stored in your browser memory are deleted when closing your browser.
Data Security
We are committed to protect your personal data against accidental or unlawful destruction, accidental loss, alteration, and unauthorised disclosure or access.
Please be aware that we cannot ensure the security of your data on your computer or during transmission over the Internet. In this regard, we advise you to take every possible precaution to protect personal data stored on your computer and transiting on the Internet.
Data Submitted on Behalf of Someone Else
When you provide us with personal data relating to someone else, please make sure to collect and supply such personal data in accordance with local applicable law.
For example, you may have to inform that other person about parts of this Statement in order to comply with local applicable law.
Your Rights
With regard to personal data collected on our websites, you may use the e-mail addresses provided in this Statement to:
- exercise your access and correction rights
- object to the processing for direct marketing purposes
We will handle all requests with care and diligence, and take corrective actions in accordance with the Belgian Act.
Privacy Officer
The SWIFT Privacy Officer carries out internal supervision in connection with our responsibilities under this Statement.
You may exercise your rights and address any questions to the Privacy Officer:
- by letter to S.W.I.F.T. SCRL, attention of Privacy Officer, Avenue Adèle 1, 1310 La Hulpe, Belgium
- by e-mail to privacy.officer@swift.com.
Sharing Data
We will not allow third parties to use your personal data for their own purposes without your consent.
When required for the SWIFT Purposes, we may share your data with other offices in the SWIFT group (see the SWIFT Offices page), carefully selected suppliers, or other selected third parties (typically SWIFT partners or sub-contractors).
Before sharing your data, we require such third parties to only process your personal data on our instructions and to provide sufficient guarantees in respect of the technical and organisational security measures protecting the data processing activities.
Such SWIFT offices or third parties may be located in or outside the European Economic Area (EEA), including in countries that do not offer a level of data protection considered as adequate under the Belgian Act.
In the latter case, we ensure the lawfulness of such transfers by:
- agreeing with other SWIFT offices on the standard contractual clauses approved by the European Commission Decision 2004/915/EC of 27 December 2004
- agreeing with third parties on the most appropriate statutory, contractual, or self-regulatory basis (for example Safe Harbor adherence) to allow such transfers.