1. Identity of joint controllers
Cyber Conference is organised by two parties, namely:
- Scale-ups.eu NV, with registered office at Walemstraat 18, 2860 Sint-Katelijne-Waver with company number 0704.873.858 (hereinafter ‘Scale-Ups’).
- Nieuwe Media Groep BVBA, with registered office at Galileilaan 18, 2845 Niel, with company number 0454.028.888 (hereinafter “NMG”).
This privacy statement for the Cyber Conference event (hereinafter “Privacy Statement”) contains essential information on how Scale-Ups and NMG, as joint controllers, collect and process your personal data, including for what purposes, for how long and what your rights as a data subject are when you register and participate in this event. This Privacy Statement complements Scale-Ups general privacy statement, which is available here. NMG’s general privacy statement is available here.
Where both parties are referred to as joint controllers, the terminology “we”, “us” or “our” will be used.
Should you have any questions after carefully reading this Privacy Statement, please do not hesitate to contact us using the contact details in section 9 below.
2. Applicable law
Scale-Ups and NMG undertake to process and protect your personal data in accordance with applicable personal data protection legislation, in particular Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 EC (“GDPR”) as well as national or international laws or regulations introducing or complementing the GDPR and any applicable data protection legislation.
For the purposes of this Privacy Statement, terms such as “personal data”, “joint controllers”, “process”, data subject” have the meaning given to them in the applicable data protection legislation.
3. Joint activities
3.1. When and which personal data are processed?
|Completing the registration form||Name, surname, gender, position, language, e-mail address, company, company size, VAT number|
|If we contact you to become an event partner||Name, surname, function, company, phone number, e-mail address|
|Taking pictures and making videos at the event that include people||Pictures, videos|
|Requesting your feedback or review of the event you attended||Name, surname, e-mail address, content of feedback/review|
|Promoting future events similar to the event the person has already attended||Name, surname, year of birth, gender, email address, job title, company|
|Creation of badges||Name, surname, company|
3.2. Purposes and legal bases of the joint activities
In this section you can find information about the purposes and legal basis of Scale-Ups and NMG in the context of organising Cyber Conference:
|To provide you with information about the event you have registered for.||Contract|
|To reserve a place for you at the event you have registered for.||Contract|
|For the general administration and organisation of Cyber Conference, for example to contact you with information about the edition you are attending, as we need your details for planning and logistics, to invoice you, to provide you with customer service in connection with the event, and the general administration of your attendance at the event.||Contract|
|To fulfill and monitor our legal responsibilities, for example under public safety legislation.||Legal obligation|
|To request your feedback or review following Cyber Conference.||Legitimate interest|
|To compile an attendee list.||Contract|
|To film and photograph the event so that we can use this content in our future communications and advertising of the event.||Legitimate interest|
|To measure participation in certain breakout sessions and workshops.||Legitimate interest|
4. Separate activities
As part of Cyber Conference, Scale-Ups and NMG will also carry out activities that they have not jointly determined. Scale-Ups and NMG are separately responsible for these.
Scale-Ups may process your personal data to send you relevant and personalised benefits and special offers via direct marketing (e.g. about training courses & events) and inform you about products that may interest you.
NMG may process your personal data to send you relevant and personalised benefits and special offers via direct marketing (e.g. about training courses & events) and inform you about products that may interest you.
We guarantee that your data will only be shared within Scale-Ups and NMG to enable the organisation of events.
When you give your consent to receive communications from our partners, your personal data will of course also be shared with them so that they can contact you. We ensure to always sign an agreement with this party that includes safeguards for the correct and secure processing of your personal data in accordance with applicable legislation, such as the GDPR.
At Cyber Conference, breakout sessions and workshops are organised by our partners. If you participate in breakout session, your personal data will be shared with them. We also enter into GDPR agreements with them to ensure that your personal data is processed correctly and securely.
If your data is transferred outside the European Economic Area to a third country that does not benefit from an adequacy decision by the European Commission, we guarantee that we will implement appropriate safeguards to secure this international transfer, such as entering into Standard Contractual Clauses with the contracting party in the third country in question, supplemented by additional security measures if necessary.
6. How long will your data be kept?
We do not retain your personal data for longer than is strictly necessary for the fulfilment of the purposes for which we collected the data, e.g. for the performance of a contract or to comply with a legal obligation. Retention periods differ with regard to the type of processing activity and the purpose for which the personal data was collected.
For example, personal data may be kept longer if there is a legal or regulatory reason to do so, or shorter if the data subject objects to the processing of his/her personal data and if there is no longer a legitimate reason for us to keep it.
We guarantee that we will provide only limited access to archived data and that we will delete or anonymise your personal data once the retention period has expired.
7. Your rights
In accordance with the GDPR, you have the following rights:
|Right to information||You have the right to be informed about how your personal data are processed (in particular what personal data are processed, for what purposes and on what legal basis). The Privacy Statement you are reading now aims to do exactly this.|
|Right to access||You have the right to access your personal data and request a copy of the personal data.|
|Right to rectification||You have the right to have incorrect personal data corrected, or incomplete personal data completed.|
|Right to deletion||You can request the erasure of personal data held about you. The request to erase your personal data cannot always be granted, for example due to contractual or legal obligations.|
|Right to object||You have the right to object to the processing of your personal data, e.g. if the processing is carried out on the grounds of legitimate interest or the public interest of Scale-Ups and NMG processing your data. If your personal data is used for direct marketing purposes, you have an absolute right to object to this processing activity.|
|Right to restrict||You have the right to obtain restriction of processing in certain situations, for example if you dispute the accuracy of personal data, for a period of time that allows Scale-Ups and NMG to verify the accuracy.|
|Right to data portability||You have the right to receive personal data concerning you, processed by Scale-Ups and NMG, in a structured, commonly used and machine-readable format and/or to transfer such data to another controller.|
|Right to file a complaint||In case of problems, we encourage you to contact Scale-Ups and NMG to reach an amicable agreement. However, if you consider that an amicable settlement is not possible or desirable, you may exercise your right to file a complaint with the Belgian Data Protection Authority: Gegevensbeschermingsautoriteit, Drukpersstraat 35, 1000 Brussels, Tel +32 (0)2 274 48 00, e-mail: email@example.com.|
If handling your request requires unreasonable measures (e.g. it is technically or organisationally virtually impossible or extremely costly), we may charge you a reasonable fee in light of the administrative costs involved in handling the request. We may also refuse to process requests that are excessive, in particular due to their repetitive nature.
You may exercise these rights by sending an email to the following email address firstname.lastname@example.org. We will handle your request in accordance with applicable privacy laws.
We have implemented technical and organisational security measures to prevent the destruction, loss, falsification, alteration, unauthorised access or disclosure of your personal data to third parties and any other unauthorised processing of such data.
We have made every effort to ensure the confidentiality, integrity and availability of the information systems and services in which personal data are processed. All our employees and third parties engaged by us are obliged to respect the privacy and security of your data.
9. Contact details
If you have any questions regarding this Privacy Statement, please contact us at email@example.com so that we can assist you further.
 Event invoicing is done through the platform of our partner Brella. If you would like more information about Brella’s processing of your personal data, you can consult their privacy statement here.