Privacy Policy
I. GENERAL INFORMATION
Welcome to the East x West Summit website. We respect your privacy and take steps to protect your personal data (hereinafter: "Data"). This Privacy Policy (hereinafter: "Policy") explains what Data we collect, how we use it, with whom we share it, and what rights you have with respect to your Data - under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (general data protection regulation, hereinafter: "GDPR").
The Policy is for informational purposes and is intended, in particular for:
a. persons using the website at https://exwsummit.com/ (hereinafter: "Site"); b. people attending our events, including the East x West Summit;
c. our business contractors;
d. contact persons.
II. DATA CONTROLLER AND CONTACT INFORMATION
1. The Controller of the Data is Bridge Foundation with its registered office in Wrocław (50-024), Świdnicka 40 Street, registered in the register of associations, other social and professional organizations, foundations and independent public health care facilities by the District Court for Wrocław Fabryczna in Wrocław, VI Economic Department of the National Court Register under KRS number: 0001110537, NIP: 8971939014, REGON: 528903101 (hereinafter: "Controller").
2. The Controller can be contacted at at the following email address: maciek@exwsummit.com
III. FOR WHAT PURPOSES AND ON WHAT BASIS ARE THE DATA PROCESSED? 1. WEBSITE
If you use the Site, the Controller may process your Data for the following purposes:
a. providing electronic services to give users access to the content available on the Site - the legal basis for the processing is the necessity to perform the contract for the provision of electronic services or to take action prior to its conclusion at your request (Article 6(1)(b) GDPR);
b. managing and administering of the Site, including troubleshooting, data analysis, testing, research, and for statistical and analytical purposes - the legal basis for the processing is the Controller’s legitimate interest in the form of analysis of your activities, as well as your preferences in order to improve the functionalities used and services provided (Article 6(1)(f) GDPR).
In connection with your use of the Site, the Controller may process, in particular, such Data as your IP address, browser version and type, time zone settings, browser plug-in types and versions, operating system and platform and other technologies used on the devices you use to access the Site, as well as other identifiers and information collected through cookies or other similar technologies (files that can identify your browser or device).
2. EVENT PARTICIPANTS
If you participate in events organized or co-organized by the Controller, including the East x West Summit, the Controller may process your Data in order to enable you to participate in these events, including registration for the events, ensuring participation in the events according to the rules and regulations of the individual events, ensuring the proper organization of the events, including safety rules during the events - the legal basis for the processing is the necessity to perform the contract concluded with the Controller or to take action before its conclusion at your request (if you are a party to the contract) (art. 6(1)(b) GDPR) and fulfillment of the Controller's legal obligations (Art. 6(1)(c) GDPR). Exceptionally, if there is a threat to life or health during an
event - the basis for processing may be the necessity to protect the vital interests of the Data Subject or another natural person (Article 6(1)(d) GDPR).
In connection with the promotion of events organized or co-organized by the Controller, promotional materials, including those containing the image of participants, may be created from the events - depending on the scope of their use, the legal basis for the processing may be the Controller' legitimate interest in promoting the events and the Controller's image (Article 6(1)(f) GDPR) - particularly if your image is only a detail of the whole, or your consent (Article 6(1)(a) GDPR).
In connection with the organization of events, the Controller may process, in particular, such Data as Identification Data, Contact Data, image and other Data obtained in the course of organizing events.
3. DONORS
When you make a donation to the Controller, Data will be processed for the following purposes:
a. handling the process of concluding and executing the donation agreement - the basis for processing is the necessity to execute the agreement concluded with the Controller or to take actions prior to its conclusion at your request (if you are a party to the agreement) (Article 6(1)(b) GDPR);
b. settlement of the concluded donation agreement - the legal basis for processing is the implementation of obligations imposed on the Controller by law, including accounting and tax obligations (Article 6(1)(c) GDPR).
In connection with the donation, the Controller may process the following Data: Identification Data, Contact Data and other Data provided in connection with the donation.
4. BUSINESS CONTRACTORS
In connection with business relationships, the Controller may process Data for the following purposes:
a. establishing cooperation and concluding and performing a contract- the legal basis for processing is the necessity to perform the contract concluded with the Controller or to take actions prior to its conclusion at your request (if you are a party to the contract) (Article 6(1)(b) GDPR), and in the case of contractor's representative Data, the basis for processing is the Controller's legitimate interest in the form of the need to ensure the proper performance of the contract (Article 6(1)(f) GDPR);
b. settling the concluded agreement, including issuing and storing settlement documents - the basis for processing is the implementation of obligations imposed on the Controller by law, including accounting and tax obligations (Article 6(1)(c) GDPR).
In connection with the business relationship, the Controller may process the following Data: Identification Data, Contact Data, Data regarding job position and professional qualifications , and other Data provided to the Controller in connection with the cooperation.
5. CONTACT
When you contact the Controller, the Data will be processed in order to contact you for the purpose of handling your request sent via email, among other things, to contact you in connection with our contract or other arrangements, to conduct further correspondence with you - the legal basis for processing is the Controller's legitimate interest in contacting you, including conducting correspondence (Article 6(1)(f) GDPR).
In connection with the initiation of contact, the Controller may process the following Data: Identification Data, Contact Data and other Data provided to the Controller in connection with the initiation of contact.
6. MARKETING ACTIVITIES
Your Data will be processed for the purpose of marketing activities (including informing you about the Controller's services, news and events) - the legal basis for processing is the Controller's legitimate interest in direct marketing (Article 6(1)(f) GDPR).
Marketing activities via email address or telephone number, are carried out only after obtaining your consent to use the appropriate communication channel to receive such information (including by providing an email address or telephone number for this purpose) - in this regard, the legal basis for processing is your consent (Article 6(1)(a) GDPR).
In connection with marketing activities, the Controller may process the following Data: contact details, including e-mail address and other Data obtained in connection with marketing activities.
7. OTHER PROCESSING PURPOSES
The Controller may also process your Data for the following purposes:
a. fulfillment of legal obligations imposed on the Controller - the legal basis for processing is the necessity to fulfill a legal obligation imposed on the Controller (Article 6(1)(c) GDPR); b. fulfillment of the Controller's internal administrative purposes - the legal basis for the processing is the Controller's legitimate interest in the form of the need to fulfill the Controller's internal purposes (Article 6(1)(f) GDPR);
c. for statistical or analytical purposes (e.g. surveying customer opinions and satisfaction, analyzing them for optimization of service processes or improvement of service quality) - the legal basis for processing is the Controller's legitimate interest in the form of statistical and analytical purposes (Article 6(1)(f) GDPR),
d. for the purpose of establishing, investigating or defending against claims - the legal basis for processing is the Controller's legitimate interest in establishing, investigating or defending against claims (Article 6(1)(f) GDPR).
In connection with other processing purposes, the Controller may process the following Data: Identification Data, Contact Data and other Data obtained from external sources
IV. DATA SOURCE
The Data may have been obtained directly from you or another entity (e.g., a provider of systems that monitor your activity on the Site) or come from publicly available sources.
V. DATA PROCESSING PERIOD
1. The Controller will not use or store your Data for longer than necessary to achieve the aforementioned purposes, and the collected Data will be deleted after the expiration of the period necessary to achieve the purposes of processing:
a. in the case of processing of your Data in order to provide access to the content collected on the Site - the Data will be processed for the period necessary to provide the functionality of the Site;
b. in the case of processing your Data for the performance of a contract - the Data will be processed for the period of time necessary for the performance of the concluded contract (e.g. partnership agreement);
c. in the case of processing your Data on the basis of a legitimate interest - the Data will be processed until we have this legitimate interest or until you successfully file an objection; d. in the case of processing your Data on the basis of consent - the Data will be processed until the consent is withdrawn or the Data is no longer up-to-date or no longer useful for the specified purposes.
2. In addition, in each case, the Data may also be processed for the time necessary to:
a. implementation of the Controller's obligations under applicable laws;
b. establish, exercise or defend against claims - for the period of their limitation period specified by applicable law.
3
3. Depending on the scope of the Data and the purposes of its processing, the Data may be stored for different periods. In each case, the longer period of retention of the Data shall be decided.
VI. DATA RECIPIENTS
1. Data is collected with due diligence and properly protected from unauthorized access. 2. Recipients of Data processed by the Controller may be, in particular:
a. entities that support the Controller in its operations, in particular, entities to which the Data is transferred for the purpose of organizing events and conferences;
b. entities that provide support and operation of the Controller's tools and information systems, including, in particular, providers of hosting, registration forms, and entities that support the Controller in maintaining and improving the Site;
c. legal or tax advisors, accounting and HR service providers, postal operators, electronic payment system providers;
d. if the obligation to provide Data results from mandatory legal regulations - the recipients of the Data may also be the competent state authorities.
3. Data stored in some cookies may be accessed by entities whose technologies we use, or entities whose plug-ins are on the Site.
VII. RIGHTS OF DATA SUBJECTS
1. You have the right to access the Data, including the right to obtain a copy of such Data, to request their rectification, deletion or restriction of processing, to object to their processing (to the extent that the Data are processed based on the legitimate interests of the Controller), to transfer them to another controller, as well as the right to lodge a complaint to the President of the Office for Personal Data Protection - under the terms of the law.
2. If the processing of Data is based on consent, you have the right to revoke it at any time without affecting the lawfulness of the processing carried out on that basis before the withdrawal of consent.
VIII. DATA TRANSFER TO THIRD COUNTRIES
As a general rule, the Data is not transferred outside the European Economic Area (hereinafter: "EEA"). Exceptionally, the Controller may transfer Data to processing partners outside the EEA, but only to the extent necessary, related to the provision of services by these partners to the Controller. In such cases, the Controller shall ensure the protection of the Data, in particular, by applying standard data protection clauses adopted pursuant to a decision of the European Commission or transfer to countries on which the European Commission has issued a decision finding an adequate level of protection. In such cases, you may obtain a copy of the safeguards in place by contacting the Controller (contact information indicated above).
IX. AUTOMATED DECISION-MAKING, INCLUDING PROFILING
The Controller does not carry out activities involving automated decision-making, including profiling, with respect to individuals whose Data is processed.
X. THE NEED FOR DATA
As a rule, providing Data is voluntary, but it may be necessary in order to fulfill one of the above mentioned purposes, including, for example, taking part in organized events, enabling you to use the Site, or conducting correspondence in a selected form. Refusal to provide Data may result respectively in inability to participate in organized events, use the Site or conduct correspondence.
XI. SECURITY DATA
We take reasonable measures to protect Data from unauthorized access, use or disclosure. However, despite our efforts, no data transmission over the Internet or data storage system can be guaranteed to be completely secure.
XII. UPDATE POLICY
The Controller may update the Policy from time to time. Changes will be effective upon publication on the Site. We encourage you to review this page regularly for any changes.
Thank you for choosing East x West Summit. The Controller is committed to ensuring the protection of your privacy and the security of your Data.