Privacy Policy: HTEC Days 2024
Pursuant to Articles 23 and 24 of the Law on Personal Data Protection (“Official Gazette of the RS”, No. 87/2018), (hereinafter: the “Law”) related to the collecting of personal data of participants in the online event “HTEC Days 2024”, HIGH TECH ENGINEERING CENTER DOO, BEOGRAD, with registered seat at the address Bulevar Milutina Milankovića 7Đ, Belgrade, CIN 20457759, TIN 105793138 (hereinafter: the “Company” or “we”), as a personal data controller, provides the following:
PRIVACY NOTICE FOR THE PARTICIPANTS IN ONLINE EVENT “HTEC Days 2024”
(hereinafter: the “Notice”)
Thank you for your interest in participating in the online event called “HTEC Days 2024“, organized by the Company on the 22 February 2024 (hereinafter: “Event“), with the intention to share knowledge and exchange the latest industry insights, technology trends, market predictions, and more.
The Company respects your privacy and is committed to protecting your personal data. The Company is a personal data controller. This means that we are responsible for deciding how we hold and use personal data about you. This notice is aimed to inform you of how and why your personal data will be used for the purposes of your registration and participation in the Event, and how long it will be retained for. It provides you with certain information that must be provided under the Law and GDPR.
Data Protection Principles: We will comply with the Law, GDPR and data protection principles, which means that your data will be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Maintained only for as long as necessary for the purposes they were collected for.
- Kept securely and protected against unauthorized or unlawful processing and against loss or destruction using appropriate technical and organizational measures.
Event participants, i.e., categories of data subjects: individuals who applied for the participation in the Event and who submitted their data to the Company for the purpose of registration and participation in the Event.
Purpose of processing: We process your personal data for the following purposes:
- To be able to process your application and enable you participation in the Event.
- To be able to communicate by email with you for the purpose of sending you the service information, notifying you of potential changes in the Event organization and sending you reminders ahead of the Event.
- To be able to send you updates about news and future events organized by the Company and its affiliated companies, provided that you have previously agreed that we may keep your data for these purposes.
- To be able to improve our activities relating to digital advertising via social media channels and/or via relevant websites that are in the pool for advertising via Google Ads platform.
- Photographs (or, screenshots) of the Event that include you we will use for the promotional purposes (e.g., in publications we distribute to the participants in the Event, reports that we distribute internally or externally (e.g., to HTEC clients), on HTEC website and/or social media profiles).
Legal Basis: We process your personal data based on your prior, freely given consent.
After we receive your data, we will process this data in order to organize your participation in the Event, as well as for the above listed purposes.
For the avoidance of doubt, by participating in the Event, participants consent that the same can be photographed and that the photographs (or, screenshots) of the Event can be used for the purposes mentioned in section 3 above.
Data subject consent withdrawal and legal consequences: Consent can be withdrawn freely at any time by the submission in writing (including in electronic form). By withdrawing the consent, processing of personal data shall stop, and the collected personal data shall be erased. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Categories of personal data:
- The data you have provided in your application, including name, surname, e-mail address, country which you come from, organization and job title;
- Photographs (or, screenshots) of the Event which include you, which were taken during the Event.
Methods of data collecting: We collect personal data about the participants from the following sources:
- Directly from the participants, from the submitted application to participate in the Event.
If you fail to provide personal data when requested, which is necessary for us to consider your application (name, surname, e-mail address and job title), we may not be able to process your application further.
Sensitive personal data: We will not process special categories of personal data about you (hereinafter: the “sensitive data”) for the above listed purposes. If you submit certain data about your health or your disability status or some other sensitive data in the application for the participation in the Event, we will not process such data, and we will destroy them in accordance with our data retention policy.
Automated decision-making: You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.
Data Retention: We will retain your personal data for a period necessary for the fulfillment of the processing purposes listed in Article 3 above, i.e., until withdrawal of your consent. If you withdraw your consent before the Event takes place, we will not be able to process your application, and you will not be enabled to participate in the Event. After this period, we will securely destroy your personal data in accordance with our data retention policy. If you have given your prior consent to keep your data (name, surname, e-mail address and job title) so that we can contact in order to send you updates about news and future events organized by the Company and its affiliated companies, information regarding open positions, as well as newsletters with general information about the Company and its affiliated companies, we will keep this data for 1 (one) year after you have gave your consent to the processing of this data for the aforementioned purposes, i.e., until withdrawal of your consent (after which we will destroy it as described above).
International data transfer: Personal Data can be transferred from one into other countries and international organizations only in accordance with the provisions of the Law, to the countries which provide for the same or higher personal data protection standards. Countries to which data may be transferred are countries that are member states of the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data and include countries of the Company’s affiliated companies: Serbia, Bosnia and Herzegovina, North Macedonia, Hungary, Romania, Bulgaria, Slovenia, Poland and the Netherlands. Personal Data may also be transferred to other countries of the European Economic Area and the USA. The Company shall in each case of international data transfer ensure that transfer of personal data is carried out with the implementation of appropriate mechanisms of protection of personal data.
Personal data users and processors: personal data is used by the persons in the Company and persons in the Company’s affiliated companies. The Company may share the data with its legal advisors in order to fulfill the purposes in accordance with law.
Data subject’s rights:
- right to be truly and properly informed on personal data collection;
- right to submit an access request to the Company relating to the data held about them, right to request for a copy of the personal data the Company holds about them, right to request a correction, an addition, an update, a removal of personal data as well as a break of processing the personal data and temporally suspension;
- right to request erasure of the personal data if the purpose of collecting the personal data is not properly defined; the purpose of collecting the personal data is changed, and conditions for collecting the personal data for this changed purpose are not fulfilled; the purpose is fulfilled, i.e. the personal data is no longer necessary for fulfillment of the purpose; the way of processing the personal data is prohibited; the collecting of the personal data is not proportional to the purpose of collecting them;
- right to object to the Company to the processing.
Right to lodge a complaint: data subject is entitled to lodge a complaint to the competent authority (Commissioner for Information of Public Importance and Personal Data Protection, Bulevar kralja Aleksandra 15, 11120 Belgrade, Serbia, email: office@poverenik.rs, phone: +381 11 3408 900) related to the personal data held about them.
Personal data protection measures: The Company undertakes adequate technical, organizational and personnel security measures and has the necessary protection mechanisms in place, in order to process personal data in accordance with the Law and GDPR and to prevent the misuse of the data or accidental, unlawful or unauthorized access, destruction, loss, alterations, disclosure or acquisition of the data.
The measures include the electronic and physical protection of the collected data on the participants in the Event.
Address for personal data protection queries: In the event of any questions, requests and information related to personal data protection as well as exercising rights of data subjects, the data subjects can contact the Company at the following e-mail address: dpo@htecgroup.com.
Terms used in this Notice shall have the meaning in accordance with the Law and GDPR.