ISSA Global
Privacy, Security, and Data Protection Policy

1. Introduction
‍
At ISSA Global, we are committed to protecting and respecting your privacy. This policy explains how we collect, use, and safeguard personal data when providing our services, including organizing training courses, issuing sailing certificates, managing events for affiliated organizations and sailing schools, and running promotional campaigns. This policy complies with the General Data Protection Regulation (EU) 2016/679 ("GDPR").

2. Data Controller and Contact Information
‍
The entity responsible for determining how your personal data is used is ISSA International Sailing Schools Association Ltd, based in Nicosia, ISSA Head Office, 51 Prodromou, 2nd flor, 2063 Nicosia, Cyprus (hereinafter "We" or "ISSA"). You can contact our Data Protection Officer at:
Email: iodo@issa.global
Postal Address: ISSA Personal Data Protection Inspector,ISSA Executive Office, ul. Tadeusza Borowskiego 2, Room 27, 5th floor, 03-475 Warsaw, Poland.

3. Data Collection and Processing
‍
We collect and process personal data for the following purposes:

   • Organizing training sessions, courses, and events.

   • Issuing and verifying sailing certificates.

   • Managing memberships and affiliations with sailing schools and organizations.

   • Conducting marketing activities, including newsletters and promotional campaigns.

   • Providing user accounts on our website integrated with a CRM system.

   • Facilitating engagement through social media platforms (Facebook, Google, X, Instagram, YouTube, LinkedIn).

   • Ensuring compliance with legal and regulatory obligations.

   • Handling complaints, technical issues, and requests related to lost or renewed certificates.

   • Conducting research, quality assessment, and statistical analysis.

   • Preventing fraud, ensuring service security, and fulfilling tax or accounting obligations.

4. Legal Basis for Processing
‍
We process personal data based on:

   • Performance of a contract (e.g., issuing sailing certificates after training completion).

   • Legal obligations (e.g., tax and accounting regulations).

   • Legitimate interest (e.g., service security, customer support, research, and fraud prevention).

   • Consent (e.g., email marketing, social media data collection, cookies tracking).

5. Required Personal Data
‍
To issue a sailing certificate, we require your name, mailing address, email address, and phone number. Without this data, we cannot provide certification. Additional data may be required by law (e.g., for accounting purposes). Providing other data is voluntary.

6. Data Sharing
‍
To deliver our services, we may share personal data with trusted third parties, including:

   • Companies providing outsourced services such as accounting and IT support.

   • Affiliated organizations and sailing schools for membership management.

   • Digital marketing platforms (Google Ads, social media advertising networks) for targeted campaigns.

   • Analytical tools such as Google Search Console, Bing Webmaster Tools, SEMrush, and Ahrefs for statistical and optimization purposes.

   • Public authorities if required by law (e.g., fraud prevention).

7. Data Transfers Outside the EEA
‍
As a rule, personal data is not transferred outside the European Economic Area (EEA). If necessary, data may be transferred outside the EEA, based on standard contractual clauses approved by the European Commission.

8. User Accounts and Social Media Integration
‍
ISSA provides user accounts linked to our CRM system, which may be associated with social media accounts. This enables seamless interaction with our services and allows members to engage with our community efficiently.

9. Marketing and Communications
‍
We conduct email marketing campaigns, including newsletters and promotional offers. Users can opt out at any time by following the unsubscribe instructions provided in the emails.

10. Data Retention
‍
We retain personal data only as long as necessary to fulfill the stated purposes and comply with legal obligations. Generally:

   • Data related to sailing certificates is retained indefinitely for verification purposes.

   • Data for marketing purposes is retained until consent is withdrawn.

   • Data for fraud prevention, statistical, and archival purposes is retained for up to 10 years.

   • Data for accountability purposes is retained for legally required periods.

11. Your Rights
‍
Under GDPR, you have the right to:

   • Access your personal data.

   • Request correction or deletion of inaccurate information.

   • Withdraw consent for data processing (where applicable).

   • Object to specific data processing activities.

   • Request data transfer (where processing is based on consent or contract).

To exercise these rights, please contact us at iodo@issa.global.

12. Automated Processing and Profiling
‍
Personal data may be processed automatically, including profiling, to assess preferences and improve services. However, this will not result in decisions that significantly impact individuals.

13. Changes to This Policy
‍
ISSA reserves the right to update this policy. Any changes will be published on our website with an updated effective date.

14. Contact Information
‍
For inquiries about this policy or data protection practices, please contact:
ISSA Global
ISSA International Sailing Schools Association Ltd, ISSA Executive Office, ul. Tadeusza Borowskiego 2, Room 27, 5th floor, 03-475 Warsaw, Poland.
Email: iodo@issa.global
Phone Number: +48 787 992 888

‍