Information Clause
General Information
In accordance with Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter "GDPR"), we inform you about the processing of your personal data in connection with your participation in CMS Conf.
Purpose and Scope
This Information Clause applies to all individuals who register for and participate in CMS Conf, including attendees, speakers, partners, volunteers, and other event participants.
This document provides detailed information about the processing of personal data of event participants, including registration, participation management, and post-event communications.
Information on Controller
Detailed information about the data controller can be found in our Privacy Policy.
Information on Data Protection Officer
For matters related to data protection, you can contact the data protection team. Detailed information about the data controller and data protection team can be found in our Privacy Policy.
You can contact the data protection team by sending an email to: hello@cmsconf.com or by sending correspondence to our registered office address: Openweb s.c., Data Protection Team, Starowiejska 16 lok. 2, 81-356 Gdynia, Poland.
Information About the Purposes, Legal Basis and Period of Personal Data Processing
| Purpose of Processing | Processing Legal Basis | Processing Period |
|---|---|---|
| Event registration and participation management | Performance of a contract (Art. 6(1)(b) GDPR) | For the duration of the event and 3 years after its completion |
| Communication regarding the event (organizational information, updates, changes) | Performance of a contract (Art. 6(1)(b) GDPR) | For the duration of the event and 1 year after its completion |
| Marketing activities (information about future events, newsletters) | Consent (Art. 6(1)(a) GDPR) or legitimate interest (Art. 6(1)(f) GDPR) | Until consent withdrawal or objection |
| Networking and matchmaking services | Consent (Art. 6(1)(a) GDPR) | Until consent withdrawal |
| Photography and video recording during the event | Legitimate interest (Art. 6(1)(f) GDPR) - event documentation and promotion | Indefinitely, for archival and promotional purposes |
| Fulfillment of legal obligations (tax, accounting) | Legal obligation (Art. 6(1)(c) GDPR) | As required by law (typically 5-7 years) |
| Establishment, exercise or defense of legal claims | Legitimate interest (Art. 6(1)(f) GDPR) | Until the expiration of limitation periods for claims |
| Statistical surveys and analytics | Legitimate interest (Art. 6(1)(f) GDPR) | Until data anonymization or removal request |
Categories of Personal Data Processed
We process the following categories of personal data:
- Identification data: First name, last name, title
- Contact data: Email address, phone number, mailing address
- Professional data: Job title, company name, industry, professional background
- Registration data: Registration date, ticket type, payment information, dietary preferences, accessibility requirements
- Event participation data: Sessions attended, networking activities, feedback and evaluations
- Image and voice data: Photographs and video recordings taken during the event
- Technical data: IP address, device information, browser type (for online components)
Image and Likeness Rights
By participating in CMS Conf, you acknowledge and agree that:
- You may be photographed and/or recorded (audio and video) during the event
- The Organizer, Openweb s.c., and any entities resulting from the transformation of Openweb s.c.'s conference organization activities into another form (such as a company, organization, or foundation) have the right to use, process, reproduce, and disseminate your image and likeness
- Your image and likeness may be published in all media, including but not limited to websites, social media, print publications, television, radio, and online platforms
- Your image and likeness may be used in all fields of exploitation, including advertising, promotion, marketing, and commercial purposes
- Your image and likeness may be used for promotion of future events organized by Openweb s.c. and any entities resulting from the transformation of Openweb s.c.'s conference organization activities
- This consent is granted without time limitation and without the need for additional approval or compensation
The rights granted above extend to:
- Openweb s.c. and its current operations
- Any future entities that may result from the transformation, reorganization, or restructuring of Openweb s.c.'s conference organization activities, including but not limited to companies, organizations, foundations, or other legal entities
- All partners, sponsors, and service providers authorized by the Organizer for promotional purposes
If you do not wish to be photographed or recorded, you must inform the Organizer in writing before the event begins. However, please note that this may limit your ability to fully participate in the event, as photography and recording are integral parts of event documentation and promotion.
Information on Personal Data Recipients
Your personal data may be shared with the following categories of recipients:
- Event partners and sponsors: Only if you have consented to sharing your data for networking purposes, and only to the extent necessary for networking and matchmaking
- Service providers: Companies providing technical services necessary for event organization (registration platforms, payment processors, email services, hosting providers)
- Venue operators: If required for event logistics and security
- Photographers and videographers: For event documentation purposes
- Legal and regulatory authorities: When required by law or to protect our rights and the rights of our participants
All service providers are bound by appropriate data processing agreements and are required to process your data only for the purposes specified by us and in accordance with applicable data protection laws.
Personal data may be made available to data recipients authorized by law, only to the extent and for the purpose of exercising their right under the law.
Information About Transfer of Personal Data Outside the European Economic Area
Some of our service providers may be located outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place to protect your personal data, including:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions by the European Commission
- Other appropriate safeguards as provided for in GDPR
If you would like more information about the specific safeguards applied to transfers of your personal data, please contact us.
Information About Exercised Rights of Data Subjects
We provide all possible and available technical and organizational measures so that data subjects can exercise their rights without obstacles. Therefore, we ask you to send all notifications and requests regarding the exercise of rights to the Data Protection Team.
In justified cases, due to the proper identification of the person, we may ask you to provide additional information or deliver necessary documents confirming your identity.
Under GDPR, you have the following rights:
- Right of access - You can request information about what personal data we process about you and receive a copy of your data
- Right to rectification - You can request correction of inaccurate or incomplete data
- Right to erasure - You can request deletion of your data in certain circumstances (note: this may affect your ability to participate in the event)
- Right to restriction of processing - You can request restriction of data processing
- Right to data portability - You can request transfer of your data in a structured format
- Right to object - You can object to processing based on legitimate interests (e.g., photography, marketing)
- Right to withdraw consent - If processing is based on consent, you can withdraw it at any time
- Right to lodge a complaint - You can lodge a complaint with the supervisory authority: President of the Personal Data Protection Office (Urząd Ochrony Danych Osobowych - UODO), ul. Stawki 2, 00-193 Warsaw, Poland, email: kancelaria@uodo.gov.pl, website: https://uodo.gov.pl
We will respond to your request within one month. If your request is complex or we receive multiple requests, we may extend this period by an additional two months, and we will inform you of any such extension.
Right to Object to Direct Marketing
When personal data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
You can exercise this right by contacting us at hello@cmsconf.com or by using the unsubscribe link in any marketing communication.
Right to Freely Express or Withdraw Consent for Data Processing
Every data subject has the general right to freely express or withdraw consent for the processing of personal data. In cases where personal data is processed on the basis of granted consent, we will provide the possibility to withdraw it at any time.
Withdrawal of consent will have immediate effect from the moment of this action and will not affect the lawfulness of processing based on consent before its withdrawal. The withdrawal of consent does not affect the processing of data that took place before its withdrawal.
Withdrawal of consent does not entail any negative consequences, except that it may prevent us from providing certain services that require consent (e.g., networking services, marketing communications).
Obligation to Provide Personal Data
Providing personal data is necessary for:
- Event registration and participation
- Receiving important event-related communications
- Fulfillment of legal obligations (e.g., tax, accounting)
Failure to provide required data (such as name, email address, payment information) will prevent you from registering for and participating in the event.
Providing additional data (such as professional background, dietary preferences, networking consent) is optional and allows us to provide you with a better event experience.
Automated Decision-Making and Profiling
We do not make automated decisions that produce legal effects concerning you or similarly significantly affect you, except for automated security measures that are necessary for the performance of the contract (e.g., payment processing, fraud prevention).
We may use profiling for marketing purposes (e.g., to tailor event communications to your interests) based on your consent or our legitimate interest. You have the right to object to such processing at any time.
Rules for Changing and Updating the Document
According to our needs and applicable privacy principles, we may change, supplement and adapt this Information Clause at any time.
We will inform you of any significant changes by email or by posting appropriate information on our website. Continued participation in the event after such changes constitutes acceptance of the modified Information Clause.
Contact
If you have any questions about this Information Clause or the processing of your personal data in connection with your participation in CMS Conf, please contact us. Detailed contact information can be found in our Privacy Policy.
For data protection matters, you can also contact the data protection team. Detailed information about the data protection team can be found in our Privacy Policy.