Data Processing Policy for the Inspiration Awards
1. Purpose of the Policy The purpose of this Data Processing Policy is to outline how the Inspiration Awards ("IA," "we," or "our") collects, processes, stores, and protects personal data in compliance with applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR) and other relevant legislation.

2. Scope This policy applies to all personal data collected and processed by IA, including data related to applicants, nominees, participants, partners, employees, contractors, and any other stakeholders involved in the Inspiration Awards program.

3. Definitions
  • Personal Data: Any information that relates to an identified or identifiable individual ("data subject").
  • Processing: Any operation performed on personal data, such as collection, storage, use, disclosure, or erasure.
  • Controller: The entity that determines the purpose and means of data processing.
  • Processor: The entity that processes personal data on behalf of the Controller.

4. Data Controller The Inspiration Awards organization serves as the data controller for the personal data it collects and processes. If you have any questions about this policy or how your data is processed, please contact us.

5. Lawful Basis for Processing We process personal data only when there is a lawful basis to do so, including:
  • Consent: When individuals provide explicit consent for specific processing purposes.
  • Contract: When processing is necessary for fulfilling a contract with the data subject.
  • Legal Obligation: When processing is required to comply with applicable legal obligations.
  • Legitimate Interests: When processing is necessary for our legitimate interests and does not override the data subject’s rights and freedoms.

6. Categories of Personal Data Collected The following categories of personal data may be collected:
  • Contact Information: Full name, email address, phone number, mailing address.
  • Professional Information: CVs, professional achievements, and nominations.
  • Identification Data: Date of birth, nationality, passport/ID details (if required for travel or participation).
  • Financial Data: Bank account details (when necessary for prize distribution or reimbursement).
  • Communication Data: Emails, feedback, or correspondence related to the award program.
  • Technical Data: IP addresses, cookies, and usage data from website interactions.

7. Purposes of Data Processing We process personal data for the following purposes:
  • To evaluate nominations, applications, and submissions for the Inspiration Awards.
  • To communicate with participants, nominees, and partners.
  • To organize and manage award ceremonies, events, and related activities.
  • To provide payments or reimbursements when applicable.
  • To comply with legal and regulatory obligations.
  • To improve our services, communications, and website.

8. Data Sharing and Transfers Personal data may be shared with the following parties:
  • Internal staff and committee members for evaluation and communication purposes.
  • Third-party service providers (e.g., event organizers, travel agencies, payment processors) who process data on our behalf under contractual agreements.
  • Legal authorities when required by law.
Where data transfers occur outside the European Economic Area (EEA), we ensure that adequate safeguards (e.g., standard contractual clauses) are in place to protect the personal data.

9. Data Retention We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal obligations. Specific retention periods are:
  • Application and nomination data: Retained for up to 3 years.
  • Financial records: Retained for up to 7 years as per legal requirements.
  • Communication records: Retained for up to 2 years after the award event.

10. Data Security We implement appropriate technical and organizational measures to safeguard personal data against unauthorized access, disclosure, alteration, or destruction. These measures include:
  • Encryption of sensitive data
  • Access controls and authentication protocols
  • Regular audits and security reviews

11. Data Subject Rights Individuals have the following rights under data protection laws:
  • Right of Access: To request access to their personal data.
  • Right to Rectification: To correct inaccuracies in their data.
  • Right to Erasure: To request the deletion of their personal data.
  • Right to Restrict Processing: To limit how their data is processed.
  • Right to Data Portability: To receive their data in a structured, machine-readable format.
  • Right to Object: To object to certain types of data processing, including direct marketing.
  • Right to Withdraw Consent: Where consent is the basis for processing, individuals can withdraw their consent at any time.
Requests to exercise these rights can be submitted via email or written correspondence to our contact details provided in Section 4.

12. Updates to This Policy We may update this policy from time to time to reflect changes in data processing practices or legal requirements. Any changes will be communicated via our website or direct communication.

13. Complaints If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in your country or region.

Effective Date: 12/07/2021