PRIVACY POLICY
Version: 2.1
Approved on: August 28, 2024.
This Privacy Policy (hereinafter - the Policy) defines the policy regarding the processing of personal data and provides information about the requirements for the protection of personal data implemented by the Controller.
This Privacy Policy (hereinafter referred to as the Policy) defines the policy regarding the processing of personal data and provides information on the requirements for the protection of personal data in the process of organization and holding the Conferences by Organizer. The Conference Organizer acts as the Controller.
At Conference one of our main priorities is the privacy of our visitors. This Policy document contains types of information that is collected and recorded by us and how we use it.
If you have additional questions or require more information about our Policy, do not hesitate to contact us support@internals.tech.
1. TERMS AND DEFINITIONS
1.1. Website means the Organizer’s, website, or https://internals.tech or https://conf.ontico.pro.
1.2. Controller shall be understood herein as the Organizer of the Conference (“Organizer”, “Controller”, “We”), registered in the country of Conference’s location in accordance with terms set below.
Organizer (Legal entity):
COB LIMITED LIABILITY COMPANY (4 Luxembourg 1st lane, apt 46, Nork-Nork, Yerevan, Armenia, zip code: 0090, Legal entity registration number: 286.110.1231458)
1.3. Data subject (User / YOU) means a natural person using the Website or interacting with the Controller or third parties through its personal data.
Terms not specified in this Policy shall be interpreted in accordance with the provisions of the Terms of Use, the applicable law (GDPR), by analogy and in accordance with customary practices.
2. GENERAL PROVISIONS
2.1. The Policy regulates the processing of personal data when we interact with the User in connection with the use of the Website.
2.2. The current version of the Policy is a public document and available to any User on the Website. We have the right to modify the Policy. In case changes are made to the Policy, we shall notify you and post the new version of the Policy on the Website not later than 10 days before such changes become effective.
2.3. We process the personal data in according to the following principles:
2.3.1. lawful purposes and methods of personal data processing;
2.3.2. good faith;
2.3.3. the purposes of personal data processing meet the purposes determined in advance and declared at the time of personal data collection as well as to the Controller’s powers;
2.3.4. the scope and nature of the personal data being processed and the methods of personal data processing meet the purposes of personal data processing;
2.3.5. it is unacceptable to unify personal data bases created for incompatible purposes.
2.4. Processing of personal data is limited by specific, predetermined, and legitimate purposes. Processing of personal data incompatible with the purposes of personal data collection shall not be permitted.
3. INFORMATION WE COLLECT
Depending on which services of the Website you use, we collect different kinds of information from or about you:
We collect the content and other information you provide when you use our Website, including when you fill in a registration form or communicate with us. This include personal information, such as: name, surname (also used by “Registration and Accreditation Systems LLC” to receive a badge – accreditation document for admission to the Event); email addresses (E-mail); a name of your company (also used by “Registration and Accreditation Systems LLC” to receive a badge – accreditation document for admission to the Event); job position (also used by “Registration and Accreditation Systems LLC” to receive a badge – accreditation document for admission to the Event); residence (city, region); phone numbers; date of Birth; user photo (avatar). If you don`t provide information mentioned above, we will not be able to register you for the conference.
We also collect information about how you use our Website, such as the types of content you view or engage with or the frequency and duration of your activities.
We collect information from or about the computers, phones, or other devices where you access our Website, depending on the permissions you’ve granted. We may associate the information we collect from your different devices, which helps us provide consistent service across your devices. Here are some examples of the device information we collect:
3.1. We do not collect special categories of personal data (data related to racial or ethnic origin, political opinions, religion or philosophical beliefs, genetic data, data concerning health or data concerning sex life etc.).
3.2. We process data for as long as it is necessary to provide products and services to you and others, including those described above. Information associated with you will be kept until it is deleted, unless we no longer need the data to provide products and services.
4. PURPOSES FOR DATA PROCESSING
|
PURPOSE |
DATA SUBJECTS AND LIST OF PERSONAL DATA |
LEGAL BASIS |
STORAGE PERIOD |
|
To provide a service for purchasing tickets to conferences via website |
Participants: |
Contract |
before the end of the provision of a service and the expiration of the contract |
|
To register a personal account on the website |
Participants, Speakers: |
Contract |
before the end of the provision of a service and the expiration of the contract |
|
To provide a communication related to the purchase of tickets and participation in the Conference |
Participants: |
Contract |
before the end of the provision of a service and the expiration of the contract |
|
To organize an event access system for verification of participants |
Participants: |
Legitimate interest in participant verification and evidence of service provision to the proper participant |
before the end of the conference |
|
To organize potential communication between participants and partners |
Participants: |
Consent |
3 months after the end of the conference |
|
To organize and conduct a conference |
Speakers |
Contract |
before the end of the provision of a service and the expiration of the contract |
|
To publish of information about conferences in the media, social networks, on the website |
Participants, Speakers |
Legitimate interest in promoting the conference |
5 years after the end of the conference |
|
To publish of information about the speaker on the website |
Speakers |
Legitimate interest in increasing the interest of potential participants |
before the end of the conference |
|
To handle and boost client experience by enhancing our understanding of our clients |
Users, Participants, Speakers |
Consent |
in accordance with the cookie storage periods provided in the cookie policy |
|
To send marketing emails |
Users, Participants |
Consent |
Until you withdraw consent |
5. USER’S RIGHTS
5.1. We would like to make sure you are fully aware of all of your data protection rights. Every data subject is entitled to the following:
The data subject have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
a. the purposes of the processing;
b. the categories of personal data concerned;
c. the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
d. where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
e. the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
f. the right to lodge a complaint with a supervisory authority;
g. where the personal data are not collected from the data subject, any available information as to their source;
h. the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
5.3. The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
a. the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
b. the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing;
c. the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);
d. the personal data have been unlawfully processed;
e. the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
f. the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).
a. the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
b. the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
c. the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
d. the data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.
The data subject have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on point (e) or (f) of Article 6(1), including profiling based on those provisions.
Where personal data are processed for direct marketing purposes, the data subject have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Where personal data are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89(1), the data subject, on grounds relating to his or her particular situation, have the right to object to processing of personal data concerning him or her, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
a. the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1); and
b. the processing is carried out by automated means.
5.8. The right to withdraw the consent to processing personal data - You have the right to withdraw the consent to processing personal data at any time.
5.9. The right to lodge a complaint - You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you (the data subject) considers that the processing of personal data relating to you infringes GDPR.
5.10. If you would like to exercise any of these rights, please contact us.
Registration provider:
А5000LIMITED LIABILITY COMPANY (4 Luxembourg 1st lane, apt 46, Nork-Nork, Yerevan, Armenia, zip code: 0090)
CCPA Privacy Rights (Do Not Sell My Personal Information)
5.11. Under the CCPA, among other rights, California consumers have the right to:
5.12. Request that a business that collects a consumer’s personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.
5.13. Request that a business delete any personal data about the consumer that a business has collected.
5.14. Request that a business that sells a consumer’s personal data, not sell the consumer’s personal data.
5.15. If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
5.16. We don`t make automated individual decision-making, including profiling.
6. INFORMATION ON SECURITY MEASURES
6.1. We take necessary legal, organizational and technical measures and ensure their adoption to protect your personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, distribution of personal data as well as from other unlawful actions in relation to personal data, which are in particular (but not limited to):
6.1.1. Designation of a person responsible for the processing of personal data;
6.1.2. Limited list of employees, having access to personal data;
6.1.3. Software identification of Users and recording their actions;
6.1.4. Implementation of anti-virus control and other protection measures against malicious software impacts;
6.1.5. Use of information backup and recovery tools;
6.1.6. Regular updating of software used in processing of personal data to ensure security of processed data;
6.1.7. Implementation of encryption during transmission of personal data on the Internet;
6.1.8. Adoption of measures related to admission of only appropriate persons in places where technical means are installed;
6.1.9. Application of technical means for protection of premises, where technical means of personal data information systems and places of storage of tangible media of personal data are located.
7. CONFIDENTIALITY
7.1. We who obtained access to personal data are obliged not to disclose to third parties and not to distribute your personal data without your consent, except in cases stipulated by this Policy and by the applicable law.
8. CROSS-BORDER PROCESSING
8.1. Personal Data Transfers
When we transfer personal data to third parties, we make sure that they have sufficient guarantees to implement the appropriate technical and organizational measures. We transfer personal data to third parties with whom we have concluded the appropriate types of contracts with the required obligations regarding the protection of personal data at the level defined by us.
When we need to transfer personal data to a third country, we transfer the data to third country which ensures an adequate level of protection . If we transfer the data to third country which does not ensure an adequate level of protection, we implement appropriate safeguards in place (Standard Contractual Clauses approved by the European Commission).
We monitor compliance with the principles of personal data processing and application of the appropriate security measures by third parties. We control that cross-border transfer of personal data is limited by the purposes for which the data was collected.
In addition, in order to transfer personal data to third parties abroad we conduct TIA (Transfer Impact Assessment) to the activities, where necessary.
8.2. Information about companies involved in data sharing is provided below.
8.2.1. IT solution provider whose services the Company uses for sending marketing emails.
Ireland
|
Data subjects |
Purpose of Transfer |
The role of the third party |
The basis of interaction with a third party |
|
Users, Participants |
to send marketing mailings |
Processor |
Contract that includes security measures |
8.2.2. IT hosting provider for website
USA - commercial organisation participating in the EU-US Data Privacy Framework
|
Data subjects |
Purpose of Transfer |
The role of the third party |
The basis of interaction with a third party |
|
Users, Participants, Speakers |
to operate the website |
Processor |
Contract that includes security measures |
8.2.3. IT solution providers whose services the Company uses to analyze cookies
USA - commercial organisation participating in the EU-US Data Privacy Framework
|
Data subjects |
Purpose of Transfer |
The role of the third party |
The basis of interaction with a third party |
|
Users, Participants, Speakers |
Cookie analytics for the Company’s purposes |
Processor |
Contract that includes security measures |
8.2.4. Partners of the Conference
EEA
|
Data subjects |
Purpose of Transfer |
The role of the third party |
The basis of interaction with a third party |
|
Participants |
For potential communications between participants and partners |
Controller |
Contract that includes security measures |
9. INQUIRIES
9.1. You can send your inquiries regarding the use of the personal data to us.
9.2. We undertake to consider and respond to your inquiry within 1 month after it is received.
9.3. To withdraw the consent you (or your representative) can send us a written demand in a free form, in a way that allows to reliably determine the person who signed and sent the correspondence as well as the grounds for the representative’s authority.
10. FINAL PROVISIONS
10.1. Changes to this privacy policy
We may update this Privacy Policy from time to time so please review it occasionally. If we make material changes, we will take steps to notify you. The date of the most recent revisions will appear on the top of this page.
10.2. Third Party Privacy Policies
COB International’s Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options.
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers’ respective websites.
10.3. Children's Information
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
COB International does not collect any Personal Identifiable Information from children under the age of 18. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
10.4. Contact us
If you have any questions or concerns about this Privacy Policy or our privacy practices generally, or if you would like to exercise your statutory rights, you can contact us at support@internals.tech