IXP Manager logo

INEX Privacy Policy

INEX Privacy Statement

We know your personal information is important to you and it is also important to Internet Neutral Exchange Association Company Limited by Guarantee, registered in Ireland No. 253804 (“INEX”, “we”, “us”). This Privacy Statement tells you what we use your personal information for and explains your rights around how we use it. Please read this Privacy Statement to understand how and why we use your personal information.

If you give us personal information about someone else, please make sure you have their permission and please make them aware of this Privacy Statement as it also applies to them.

1. Definitions

‘The ‘GDPR’ means Regulation (EU) 2016/679 (General Data Protection Regulation).

An ‘IXP’ (Internet Exchange Point) is a network facility that enables the interconnection of more than two independent Autonomous Systems, primarily for the purpose of facilitating the exchange of Internet traffic.

The terms ‘personal data’, ‘controller’, ‘processor’ and ‘data subject’ are used in this document as they are defined in the GDPR.

2. Data Controller

For the purposes of the applicable data protection legislation, INEX is the data controller. You will find our contact details in the “Contact us” section below.

3. What personal data INEX may collect and process

Where we collect any personal data, it will be processed and stored securely, for no longer than is necessary with regard to the reasons for which it was first collected. We will comply with our obligations and safeguard your rights under the relevant data protection legislation at all times.

Below is a summary of the purposes and lawful bases we rely on to use your personal data:

Data CollectedPurposes/activityLegal basis for processing
Contact details including pronouns, name, title, phone number, email address, etc. Login records. Financial information, such as bank account details for billing.To manage and facilitate your membership and voting privileges within INEX.The processing is necessary to perform a contract (e.g. membership agreement) with you.
Usernames and passwordsTo provide members with access to secure areas of our websites such as our Members portal (IXP Manager), and our mailing list interface.The processing is necessary to perform a contract (e.g. membership agreement) with you; or to provide you with access to services you opt into such as a mailing list.
Contact details of attendees (pronouns, name, title, phone number, email address, etc), attendance date and time details. We may also collect diet / allergy related data for events where food is served, and information on disabilities if there is a need to make provision for appropriate accessibility measures.To register and accommodate the needs of an attendee for a meeting or event.The processing is necessary to perform a contract.
First and last name, Email address, telephone contact details.To contact/respond to potential members or prospects regarding business services and opportunities.Your consent.
Name, email and passwordTo provide access to INEX’s optional mailing lists which you opt-in to.Your consent.
First and last name, pronoun, email address, telephone contact details, postal address, clothing sizing.To provide merchandise such as t-shirts and other clothing on an opt-in basis.Your consent.
First and last name, pronoun, email address, location, phone number, professional qualifications, CV, references, confirmation that you are 18 or older.To process employment applications from candidates for vacancies within the organisation.The processing is necessary to perform a contract with you, or prior to entering a contract.
Website login date and time records, IP address, browser type etc.To assist the proper operation and functionality of our site.The processing is necessary to support our legitimate interests in managing our business and maintaining website security.
First and last name, email address.To notify you about changes to our Data Privacy Notice.The processing is necessary to support our legitimate interests in managing our business (to keep our records updated).

4. Who has access to this personal data?

INEX may disclose personal data to trusted third parties for the purposes set out in this privacy statement. We require all such third parties to also have appropriate technical and operational security measures in place to protect personal data, in line with Irish and EU legislation; and all are under contract. Such recipients may include:

4.1 Service providers:

Carefully selected companies contracted to provide services for or on behalf of us, such as companies contracted to assist us with network operations, IT support and website security. These providers are also committed to protecting your information.

4.2 Other parties when required by law

We may be compelled by law, legal process, or court order to disclose your personal data to other parties. INEX will comply with any such valid and verified request.

4.3 Other parties in connection with corporate transactions

We may disclose your information to a third party as part of a merger or transfer, acquisition or sale, or in the event of a bankruptcy.

4.4 Other parties with your consent or at your direction

In addition to the disclosures described in this privacy statement, we may share your personal data with third parties when you separately consent to or request such sharing.

4.5 Professional advisors and experts

We may disclose your personal data to our solicitors, accountants, auditors, insurance advisors and financial services advisors.

4.6 Public Mailing List Archives

Some INEX mailing list archives are published on the INEX web site. All subscribers of these mailing lists are notified during the subscription process that anything they post will be made public.

 

5. Security of Personal Data

INEX is committed to ensuring that all of your information, including personal data, is secure and has appropriate technical and organisational measures to safeguard and secure personal data in place to protect it against loss, damage, unauthorised access or disclosure.

Although INEX will do its best to protect personal data, we cannot guarantee the security of your personal data transmitted to us. Any transmission of data is at the your own risk. Once INEX receives personal data, we use appropriate security measures to seek to prevent unauthorised access.

6. Transfers outside of the EEA

Personal data may from time to time be processed by INEX or its trusted third-party agents and subcontractors outside of the European Economic Area (“EEA”). Data privacy laws in the countries to which personal data is transferred may not be equivalent to, or as protective as, the laws in the EEA.

INEX will always implement appropriate measures to ensure that personal data remains protected and secure when it is transferred outside of the EEA, in accordance with applicable data protection law. Because many countries to which personal data may be transferred have not received an “adequacy finding” regarding their privacy laws from the European Commission, INEX will use appropriate measures such as the Standard Contractual Clauses to transfer your Personal Data to such countries.

7. Retention of Data

We will store your personal data only for as long as necessary for the purpose(s) for which it was obtained. The criteria used to determine our retention periods include (i) the length of time we have an ongoing relationship and/or provide our services; (ii) whether there is a legal requirement to which we are subject; and (iii) whether the retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations). Please contact us if you wish to obtain further information concerning our retention periods (see ‘Contact Us’ below).

8. Rights to Your Personal Data

INEX shall vindicate all rights under Data Protection Law. Under certain circumstances you have the right to request that INEX:

Where INEX processes your data solely on the basis of your consent, you are entitled to withdraw your consent at any time. This will not affect the lawfulness of INEX’s processing before the withdrawal.
You also have the right to lodge a complaint with the Data Protection Commission at any time.

You can exercise any of your rights by making a request to INEX at the contact information provided below. The exercise of these rights might be subject to certain conditions and INEX might require further information from you before it can respond to a request. If, for some reason, these rights are denied, INEX will provide an explanation of why this is the case. INEX will process such requests within 30 days of receipt.

Vindication of these rights shall not affect any rights which INEX may have under Data Protection Law.

9. Processing of children’s data

INEX does not provide services for purchase by children, nor do we market to children. If you are under the age of 16, please do not submit any personal information through our website. We encourage parents and legal guardians to monitor their children’s internet usage and to help enforce this Privacy Statement by instructing their children never to provide personal information via our website without their guardian’s consent.

10. Changes to Privacy Statement

Our Privacy Statement may be updated from time to time. Any changes to our policy will be communicated to you either by e-mail or a notice on our website. At the bottom of this document you will find the date on which this Privacy Statement was last updated.

 

11. Contact Details

All communications concerning privacy related issues should be sent by electronic mail to privacy@inex.ie or by post to Internet Neutral Exchange Association CLG, 4027 Kingswood Road, Citywest Business Campus, Dublin D24 AX06, Ireland.

This Privacy Statement was last updated in November 2024.