- The personal data that GRC collects from you is being collected to allow GRC to serve you and the geothermal community.
- GRC may include your name, your organization’s name, your address, email, fax and/or phone number in our annual membership directory and attendees lists for GRC events you attend.
- GRC may use and process your information internally to analyze trends and statistics in the geothermal industry.
- Under the European Union’s General Data Protection Regulation (GDPR) you have a right to not have your personal information disclosed, processed or used in any manner. You may email firstname.lastname@example.org to exercise this option.
- GRC will not pass your information on to third parties without your consent. If you submit your personal data but do not notify GRC that you are not giving your consent to have your data used as described above, then GRC will treat your submission as your granting of consent to use your data as described above.
Right To be Forgotten (Under the European Union General Data Protection Regulation):
Anyone in the GRC database (current members, past members, master mailing list, etc.) has the right to obtain from the Geothermal Resources Council (GRC) the erasure of personal data concerning him or her without undue delay, and the GRC shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:
- The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- The person withdraws consent to which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
- The person objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR.
- The personal data has been unlawfully processed.
- The personal data must be erased to comply with a legal obligation in Union or Member State law to which the GRC is subject.
- The personal data has been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
If one of the aforementioned reasons applies, and the person wishes to request the erasure of personal data stored by the GRC, he or she may, at any time, contact the GRC by email at email@example.com or phone at (530) 758-2360 ext. 100. The GRC shall ensure that the erasure request is complied with immediately.
Where the GRC has made personal data public and is obliged pursuant to Article 17(1) to erase the personal data, the GRC, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers processing the personal data that the data subject has requested erasure by such controllers of any links to, or copy or replication of, those personal data, as far as processing is not required. GRC will arrange the necessary measures in individual cases.