This notice applies across all websites that we own and operate and all services we provide.
When we say ‘personal data’ we mean identifiable information about you, like your name, email, address, telephone number, queries, blog comments and so on. If you can’t be identified (for example, when personal data has been aggregated and anonymised) then this notice doesn’t apply.
CEFEP is firmly committed to respecting your privacy and protecting your personal data. This Privacy Policy explains how we use and protect your personal data.
Updated: 22 September 2025
When you visit our websites or use our services, we collect personal data. The ways we collect it can be broadly categorised into the following:
Information you provide to us directly: When you visit or use some parts of our websites and/or services we might ask you to provide personal data to us. For example, we ask for your contact information when you sign up for our newsletter or contact us with questions or queries. If you don’t want to provide us with personal data, you don’t have to, but it might mean you can’t use some parts of our websites or services.
Information we collect automatically: We collect some information about you automatically when you visit our websites or use our services, like your IP address, device type and geo-location. We also collect information when you navigate through our websites and services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our websites and services so that we can continue to provide the best experience possible.
Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about the types of cookies we use, why, and how you can control them, take a look at our cooke notice.
Information we get from third parties: The majority of information we collect, we collect directly from you. Sometimes we might collect personal data about you from other sources, such as publicly available materials or trusted third parties. We use this information to ensure your contact details and professional information is up to date.
Where we collect personal data, we’ll only process it:
If we don’t collect your personal data, we may be unable to provide you with our services, and some functions and features on our websites may not be available to you.
How we use your data.
First and foremost, we use your personal data to operate our websites and provide you with any services you’ve requested, and to manage our relationship with you. We also use your personal data for other purposes, which may include the following:
To communicate with you. This may include:
To support you. This may include assisting with general and technical queries or other issues relating to our websites or services, whether by email or otherwise.
To collaborate. This includes managing and monitor access to the public and/or members area of the website in order to facilitate communication and document sharing between members.
To enhance our websites and services. For example, by tracking and monitoring your use of websites and services so we can keep improving, or by carrying out technical analysis of our websites and services so that we can optimise your user experience and support you with efficient and useful service tools.
Use of Cookie Script (Consent Management Platform)
We use the Cookie Script service provided by Objectis Ltd., J. Basanavičiaus g. 26, LT-03224 Vilnius, Lithuania, to obtain and manage the consent of our website visitors to the use of cookies and similar technologies.
For this purpose, Cookie Script places a technically necessary cookie in your browser, in which your consents and revocations are stored. This information is stored for a period of up to 12 months and then automatically deleted.
The legal basis for the use of Cookie Script is Art. 6(1)(c) GDPR (legal obligation) in conjunction with Art. 7(1) GDPR (proof of consent).
The use of cookies is also based on our legitimate interest pursuant to Art. 6 (1) (f) GDPR in providing you with a transparent and legally secure option for controlling your cookie preferences.
To protect. So that we can detect and prevent any fraudulent or malicious activity, and make sure that everyone is using our websites and services fairly.
To analyse, aggregate and report. We may use the personal data we collect about you and other users of our websites and services to produce aggregated and anonymisedanalytics and reports, which we may share publicly or with third parties.
How we can share your data.
CEFEP works with the following third-party providers who may have access to personal data as part of their services
We ensure that all third-party providers implement suitable data protection measures. For data transfers to countries outside the EU/EEA, we guarantee compliance with the GDPR through standard contractual clauses.
In the context of these services, and only to the extent that this is necessary for the service they provide, these third parties may have access to the personal data processed by CEFEP. Our service providers abide by appropriate confidentiality and other safeguards protecting your personal data.
Under certain circumstances, CEFEP may need to disclose personal data to public authorities for the purposes as mentioned above, including to comply with regulatory or legal requirements.
Note on WordPress (content management system)
Our website is based on the content management system WordPress (Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA).
WordPress itself does not set any personal cookies for pure visitors, but installed plugins (e.g. for security, newsletters or statistics) may trigger cookies or other data processing. These are described in the cookie notice and privacy policy.
Our website uses the IP2Location LITE database for IP geolocation.
Controller:
CEFEP – European Association of FEF and PEF insulation manufacturers
Erlerstraße 4, 3. Floor, 6020 Innsbruck, Austria
Mail: info@cefep.eu
If you subscribe to our newsletter, we send you updates about CEFEP activities, events, publications, and related content. Subscription is voluntary.
Email address; optionally name, organization, role
Date/time of signup and confirmation (double opt-in) and IP address
Newsletter performance data: delivery status, bounces, unsubscribes, opens, clicks (via standard tracking pixels/links)
Art. 6(1)(a) GDPR – consent: sending the newsletter and measuring performance
Art. 6(1)(f) GDPR – legitimate interest: service security (e.g. suppression/bounce lists, fraud prevention, proof of consent)
You can refuse performance tracking by unsubscribing at any time. For a tracking-free option, contact info@cefep.eu.
After entering your email, you receive a confirmation email. Only by clicking the confirmation link are you added to the list. Time, IP, and content of the consent are logged as proof (Art. 7(1) GDPR).
We use Brevo (formerly Sendinblue) to deliver and manage our newsletters.
Brevo acts as our processor under Art. 28 GDPR. A Data Processing Agreement is in place.
Provider: Sendinblue / Brevo (details at brevo.com)
Processing includes list management, email dispatch, analytics, suppression/bounce handling.
Brevo primarily uses EU-based infrastructure. If personal data is transferred outside the EEA, this is done under appropriate safeguards (e.g. Standard Contractual Clauses, Art. 46 GDPR). Details are available on request.
Active subscribers: until you withdraw consent
Proof of consent & suppression lists: up to 3 years after unsubscribe/objection, unless longer is required to establish or defend legal claims
Technical logs: only as long as necessary for security and compliance
You can unsubscribe at any time via the link in every newsletter or by emailing info@cefep.eu. Withdrawal does not affect the lawfulness of prior processing.
Security is a priority for us when it comes to your personal data.
We use technical and organizational measures to protect your personal data from unauthorized access, loss or misuse. These include:
⦁ Use of modern encryption technologies for data transmissions (e.g. SSL/TLS).
⦁ Access controls and regular training of our employees.
⦁ Regularly reviewing and updating our security measures to comply with current standards.
Data about your browsing our website will be kept only for the duration of the session. However, cookies may last longer on your device so we can identify you upon your next visit. Please take a look at our Cookie Policy for more Information.
Registrations to our newsletters will be kept until after the event or until you unsubscribe from it.
Other personal data that we have will be retained for the duration that is relevant for the purpose as set out above, in accordance to internal retention periods, taking into account legal obligations and liability that we may have to keep records of our files.
It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication or send your request to info@cefep.eu.
You have the following rights in relation to your personal data:
⦁ Right of access (Art. 15 GDPR): You can request a copy of the data that we have stored about you.
⦁ Right to rectification (Art. 16 GDPR): You can request the rectification of inaccurate data.
⦁ Right to erasure (Art. 17 GDPR): You can request that your data be erased, provided there are no statutory retention obligations.
⦁ Restriction of processing (Art. 18 GDPR): You can instruct us to restrict the processing of your data.
⦁ Right to object (Art. 21 GDPR): You can object to the processing of your data, especially in the case of direct advertising.
To exercise these rights, please send an email to: info@cefep.eu
If you’re not happy with how we are processing your personal data, please let us know by sending an email to info@cefep.eu. We will review and investigate your complaint and try to get back to you within a reasonable time frame. You can also complain to your local data protection authority. They will be able to advise you how to submit a complaint.
We’re always keen to hear from you. If you’re curious about what personal data we hold about you or you have a question or feedback for us on this notice, our websites or services, please get in touch.
Our email is info@cefep.eu.
