This is the privacy declaration (hereinafter referred to as ‘Privacy Declaration’) of **update info here**
XXXX cares deeply about your privacy. We strive to protect the privacy and the confidentiality of personal data we process. Hence, we do everything in our power to comply with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereafter the ‘Regulation’) or any applicable data protection legislation (hereinafter collectively with the Regulation referred to as the ‘Data Protection Law’).
The words ‘personal data’, ‘controller’, ‘processor’, ‘process’, ‘processing’, ‘profiling’, ‘data subject’ and all its derivatives used in this Privacy Declaration shall have the meaning set out in the Regulation.
1. Identity of the controller and contact details
XXXXX info about CERN. We are the controller of the personal data that is used to organize these conferences.
Where CERN is deemed to be the controller, CERN will comply with this Privacy Declaration.
2. The personal data we collect and process
We process several categories of personal data, for instance identification data (e.g. name, surname, employer,…) and contact data (e.g. address, email address) financial data (e.g. bank account number, VAT number). These personal data may relate to you in your capacity as a customer or supplier of our company, but also to you as a business relationship of one of our clients, and/or as one of the attendees of our conferences.
We collect and process personal data that you provide to us directly (e.g. by registering online for one of our conferences), as well as data that we obtain through another route, for example via a public source or provided by one of our clients or exhibitors.
We do not use automated data processing or so-called “profiling”.
3. Purposes of and legal basis for the processing personal data
3.1 In General
We process your personal data for various purposes, including conducting our general and financial administration, the organisation of our (future) conferences, to keep you updated about our (future) conferences, managing our customer and supplier base, providing a correct service and the proper execution of our agreements and direct marketing activities (e.g. sending newsletters).
Article 6.1 of the Regulation indicates the legal grounds on the basis of which personal data may be processed. Below we give you a brief overview of the legal grounds we rely on for the processing of personal data.
Your personal data may be processed:
3.2 Attending our conferences
CERN occasionally organises community conferences. Organising these conferences requires a lot of administration. Nevertheless we try to keep it very simple for our attendees.
(a) Buying an entrance ticket for one of our conferences
Registering for one of our conferences takes only a few steps. First of all we ask you to fill in an online form. In this form we ask you for several types of personal data, like identification data (name, surname, company you’re connected to) and contact details (address, email address) of the attendee(s). For the avoidance of the doubt, if a third party buys a ticket for someone else (e.g. an employer for its employees) we will ask and process data from the attendees for whom a ticket will be bought.
After you’ve been registered, we will ask you to pay for your entrance ticket(s). Therefore, we may ask you for your bank account number, card number, name of the card holder, the due date of the card, VAT number,… The processing of these data is a necessary step prior to entering into a contract with us. Without the processing of these data you will be unable to attend (one of) our conferences.
(b) Sharing your personal data with the exhibitors
We share the identification data and contact details of the attendees of our conferences with the exhibitors at our conferences. More information about our exhibitors can be found here.
Attendees of our conferences choose the exhibitors we share their personal data with. At the entrance of our conferences attendees receive a QR-Code. The exhibitors are able to scan this QR-code. Attendees who have this QR-code scanned by one or more exhibitors give their explicit consent to share their personal data with the exhibitor(s) in question.
3.3 Direct marketing activities
We also process personal data for reasons of direct marketing.
We deem it to be one of our legitimate interests to communicate with our customers. Therefore, we may send you information about our products, services and future conferences if we consider you as a part of our customer base. This will be the case if you visited one of our previous conferences, or if you contacted us by mail or subscribed to our newsletter, or if you’re a customer of one of our business relationships or exhibitors of (one of) our conferences.
If you no longer want to receive our communications, you can unsubscribe by clicking the unsubscribe link contained at the bottom of any marketing email we send to you and following the instructions which appear in your browser following your clicking on that link.
4. Who has access to your personal data?
Only a limited number of people, companies, organisations or other entities have access to the personal data we’ve collected and process.
Our employees and staff, have access to the personal data we process. To guarantee the protection of your personal data, they are subject to a series of (contractual) obligations. For example, all employees and employees of our company are bound by confidentiality..
CERN does not share your personal data with third parties for any other purpose than mentioned in this Privacy Declaration, unless you’ve given us your explicit consent to do so or when we are required to do so by law or for the purposes of prevention of fraud or other crime.
We do however pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (e.g. to process payments and back-up storage). CERN only discloses the personal data to its sub-processors that are necessary for the execution of their services. CERN enters into a written agreement with each processor in which obligations are imposed to keep your information secure and to prevent your data is used for other purposes (for example the processor’s direct marketing purposes).
If we transfer personal data to countries outside the EEA, we will, in all circumstances, take appropriate safeguards and establish legal grounds justifying such transfer.
5. How long do we keep your personal data?
We keep your personal data as long as required to comply with our legal obligations and to provide our services in a correct manner or because we have a legitimate interest to keep your personal data (longer).
At any moment you have the possibility to object against a further processing of your personal data.
6. How do we protect your personal data?
CERN takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification. If you have the impression that your data is not properly secured or there are indications of abuse, please contact our customer service or via **Add email here**
7. What rights do you have regarding the processing of your personal data?
The Regulation provides you with various rights regarding the processing of your personal data. If you wish to invoke your privacy rights, please contact email@example.com. We will normally respond to your request within 30 days. This period can be extended by a further two months if the request is complex or if you send us several requests. We will notify you of this extension within 30 days after we’ve received your request.
Under the circumstances en conditions set by the Regulation, you also have the following rights regarding the processing of your personal data.
If processing of your personal data is based upon your explicit and prior consent, you can revoke your consent at any time.
In principle you can exercise these privacy rights free of charge. We ask to be as specific as possible when directing your request. In addition, we ask you to include a copy of the front and back of your identity card with every request.
If we are unable to resolve an inquiry or request, you have the right to lodge a complaint with the supervisory authority:
Information Commissioner’s Office (ICO)
0303 123 1113 (local rate)
01625 545 745
8. Update Privacy Declaration
CERN is entitled to update this Privacy Declaration by posting a new version on the website. As such, it is strongly recommended to regularly consult the website and the page explaining the Privacy Declaration, to make sure that you are aware of any changes.
9. Questions, requests or complaints
If you have any questions regarding this Privacy Declaration or CERN’s privacy practices, or if you want to submit a request you can contact us using the following contact details:
CERN *address details here**