Effective Date: October 24, 2021
- Use of the Service by Participants
- SIOG Undertakings with Respect to Personal Data
- Personal Data We Collect
- Email Tools
- SIOG’s Use of Personal Data
- Sharing, Transfer and Disclosure of Personal Data
- User Rights to Personal Data
- International Transfers of Personal Data
- Contacting Us
- Requests to Delete Personal Data
- Links to Third Party Websites
USE OF THE SERVICE BY PARTICIPANTS
The Service is provided SIOG to manage events, manage memberships, conduct e-mail campaigns, manage financial matters and interface with CRM systems; and by event participants or members as the case maybe (“Users”) to access event information, membership services, purchase tickets and for other purposes within the scope of the Service.
SIOG UNDERTAKINGS WITH RESPECT TO PERSONAL DATA
SIOG represents and warrants that its use of the Service, and the collection and use of any Personal Data collected in connection with the Service, will comply with all applicable laws and regulations (including with respect to privacy, cyber security and data protection).
PERSONAL DATA WE COLLECT
I. INFORMATION YOU PROVIDE TO US
We collect Personal Data from you when you use the Service, including when you register for access to the Service, contact us with inquiries, use our mobile applications, respond to one of our surveys or browse any of our websites.
The Personal Data we may collect includes:
- basic information: including name, date of birth, gender, address, personal phone number and email address;
- network identification information: including IP address;
- personal Internet access records: including website browsing records, software usage records and click records;
- information on computer equipment: including hardware model, device MAC address and operating system;
- employment and background information: including current employer, industry, current job title, and professional training background; and
- information specific to you that may be assigned by our partners: including your advertising ID assigned by our partners.
- identification information: including ID card and passport information;
II. YOUR LOCATION
Our mobile applications may or may not include location-based services, including on-site services at events. To provide such location-based services through mobile applications, we collect, use and share precise location data, including the real-time geographic location of your mobile device. If you permit one of our mobile apps to access location services through the permission system used by your mobile operating system, we may collect the precise location of your device when the app is running in the foreground or background. Using your mobile device settings, you can control the location information you share.
III. OTHER INFORMATION COLLECTED FROM YOUR USE OF THE SERVICE
Whenever you interact with the Service, we may automatically receive and record information on our server logs from your browser or device, which may include your IP address, device identification information, Cookie information, the type of browser and/or device you’re using to access the Service, and the page or feature you requested (“Usage Data”). We may also transfer small files to your browser or device (“Cookies”) that allow us to collect certain information. We also use third-party services to collect usage information to better understand and improve the user experience. Usage information collected using third-party services is stored on the servers of the third-party service providers.
We use our email tools to contact SIOG Users r, so you may receive emails from our system. You can opt-out of receiving certain types of promotional emails – but in such case you may not receive the full benefit of the Service. Opting-out can be done under the Subscription function following the instruction.
SIOG’S USE OF PERSONAL DATA
We may use your Personal Data for purposes including the following:
- to operate and maintain the Service (including for the purposes of fixing malfunctions and testing our security systems);
- to provide you with the features, functions and benefits of the Service;
- to enhance, improve and further develop the Service (including creating new features or functions, refining the user experience, and increasing Service technical performance);
- to provide you with notices related to your use of the Service;
- to provide you with promotional emails (you can opt-out of receiving certain types of promotional emails – but in such case you may not receive the full benefit of the Service; opting-out can be done under Settings when you are logged in to your Service account);
- to help personalise the Service experience for you (including remembering your information so you will not have to enter it each time you use the Service);
- and for the other purposes references in SIOG membership benefits.
Aggregated Personal Data.
SHARING, TRANSFER AND DISCLOSURE OF PERSONAL DATA
I. SHARING YOUR PERSONAL DATA
We will not share your Personal Data with companies, organisations or individuals other than SIOG affiliates (event organisers), except in the following circumstances:
- Sharing with explicit consent. We will share your Personal Data with other parties with your explicit consent.
- Sharing as required by laws or contractual obligations. We reserve the right to access, read, preserve, and disclose any information that we believe is necessary to comply with any law or court order; enforce or apply our Terms of Service and other agreements, or protect the rights, property, or safety of SIOG, our employees, our users, or others.
- Sharing with our affiliates. Your Personal Data may be shared with our affiliates. We will only share necessary Personal Data (for example, in order to facilitate your use of the products or services of our affiliate with your SIOG account, we will share your account information as necessary with such affiliate), and if we intend to share your Sensitive Personal Data, or if the affiliate changes the purpose of using and processing your Personal Data, we will obtain your authorisation and consent again. (“Sensitive Personal Data”) includes, without limitation, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, personal biometric information, genetic data, bank account numbers, financial information, transaction information, and personal information of children age 14 and under.
- Sharing with authorised partners. Certain services of ours will be jointly provided together with our authorised partners solely for the purposes stated herein. We may share certain Personal Data of yours with our partners to provide better membership service and user experience. We may also share your Personal Data with our partners so they can provide you with their services. We will only share your Personal Data for lawful, proper, necessary, specific and explicit purpose to the extent required for providing partner services. Our partners have no right to use the shared Personal Data for any other purposes other than providing their products or services to you.
- We may anonymise your Personal Data so that you are not individually identified, and provide that information to our partners. We may also provide aggregate usage information to our partners, who may use such information to understand how often and in what ways people use the Service, so that they, too, can provide you with an optimal online experience. However, we will never disclose aggregate information to any third party in a manner that would identify you personally, as an individual.
Except for the purposes described above, we will not transfer your Personal Data to any company, organisation or individual, except in the following circumstances:
- we may transfer your Personal Data to other parties with your explicit consent; or
III. PUBLIC DISCLOSURE
We will disclose your Personal Data to the public only under the following circumstances:
- you have explicitly authorised us to disclose your Personal Data;
- disclosing your Personal Data is in the interest of national security; public health, or another major public interest;
- your Personal Data is relevant to any criminal investigation, prosecution, judgment, or enforcement;
- disclosing your Personal Data is necessary to protect yours or another individual’s life, property or other major lawful right;
- Personal Data is disclosed voluntarily by you to the public;
- Personal Data is collected from public channels, such as news reports or from public government documents.
Pursuant to applicable laws, sharing and transfer of aggregated data which cannot be recovered by the recipient to re-identify individual Personal Data does not constitute sharing, transfer and disclosure of Personal Data, and therefore it may be stored and processed without notice to you and without your consent.
USER RIGHTS TO PERSONAL DATA
I. THE RIGHT TO ACCESS AND CORRECT PERSONAL DATA
If you are a registered user of the Service, we provide you with tools to access or modify your Personal Data and other profile information.
II. THE RIGHT TO REQUEST THAT YOUR PERSONAL INFORMATION BE TRANSFERRED
Subject to the limitations of applicable laws, where processing Personal Data is necessary for entering into or performing our obligations under a contract with you or is processed with your consent, you may request that your Personal Data be transferred to you or another designated party (where technically feasible).
III. THE RIGHT TO CHANGE YOUR AUTHORISATION SCOPE OR WITHDRAW YOUR AUTHORISATION
To the extent you have authorised us to collect and process your Personal Data, you may withdraw that authorisation by deleting information, turning off device functions, or changing privacy settings on our website or in our software. You may also stop using the Service so that we cannot continue collecting your Personal Data. Please note that some parts of the Service may not function properly if you remove our authorisation to collect your Personal Data.
We take various precautions to protect your Personal Data from loss, misappropriation and misuse, and from being accessed, disclosed, modified or destroyed without permission. In order to ensure the safety of your Personal Data, we have established strict information security provisions and procedures to protect your Personal Data.
In the event of any Personal Data security breach, we will, in accordance with the requirements of applicable laws and in all cases within 30 days, notify you of the basic information and possible consequences of such security breach, actions we have taken or will take in response to the breach, suggestions on how you may prevent and reduce risks on your own, and actions we will take on your behalf. We will notify you of the relevant information through email, letter, phone, or push notification, or by publishing an announcement to www.siog.org. Any such notice will be issued in compliance with all applicable laws.
INTERNATIONAL TRANSFERS OF PERSONAL DATA
I. THE LOCATION OF YOUR DATA
If you are using the Service through siog.org, Personal Data collected and generated within Switzerland, applicable law will be the EU General Data Protection Regulation (GDPR).
II. EEA, SWITZERLAND AND UK ONLY
- The EU General Data Protection Regulation (“GDPR”): In May 2018, a new data privacy law known as the EU General Data Protection Regulation became effective. The GDPR requires us to tell you about the legal grounds we are relying on to process any Personal Data about you. The legal grounds for us processing your Personal Data in conjunction with the Service will be that: (i) you provided your consent; (ii) the processing is necessary for our contractual relationship; (iii) the processing is necessary for us to comply with our legal or regulatory obligations; or (iv) the processing is in our legitimate interest in providing you with the Service.
- Transfers of Personal Data: SIOG is an international non-profit society; thus, we may need to transfer your Personal Data outside of the country from which it was originally collected. This may be intra-group or to third parties that we work with who may be in jurisdictions outside the EEA, Switzerland and the UK, that have no data protection laws or laws that are less strict than those in the EEA, Switzerland and the UK. Whenever we transfer Personal Data outside of the EEA, Switzerland or the UK, we take all legally required steps to make sure that appropriate safeguards are in place to protect your Personal Data.
- Personal Data Retention/Rights: We retain your Personal Data for as long as necessary to provide you with the Service, comply with applicable laws, resolve disputes and enforce our agreements. If you have an account with us, we will typically retain your Personal Data for a period of 90 days after you have requested that your account is closed, or for up to seven years after your account becomes inactive but is not closed.
- Data protection laws provide you with rights in respect to Personal Data that we hold about you, including the right to request a copy of the Personal Data, the right to request that we rectify, restrict or delete your Personal Data, and the right to unsubscribe from promotional communications.
You can exercise these rights by contacting us using the contact information set out in Section 12.
If you have a complaint about how we handle your Personal Data, please contact us as set forth in Section 12. If you are not happy with how we have attempted to resolve your complaint, you may contact the relevant data protection authority.
We do not knowingly collect or solicit personal information from anyone under the age of 14. If you are under 14, please do not attempt to register for the Service or send any personal information about yourself to us. If we learn that we have collected personal information from a child under 14, we will delete that information as quickly as possible. If you believe that a child under 14 may have provided us with personal information, please contact us at email@example.com.
If you have any questions or concerns regarding our privacy policies, please send us a detailed message by email to firstname.lastname@example.org.
REQUESTS TO DELETE PERSONAL DATA AND OTHER ISSUES
I. THE RIGHT TO DELETE YOUR PERSONAL DATA
You can delete your account by contacting the SIOG system administrator at email@example.com. If a User initiates a data deletion request, to the extent permitted under applicable law, SIOG is authorised to delete or anonymise Personal Data of the requesting User from the Service.
II. RETENTION OF PERSONAL DATA
Even after you remove information from your profile or delete your account, Personal Data may be retained by us on back-up servers indefinitely, subject to and in compliance with applicable laws. We may retain your Personal Data for a period of time consistent with the original purpose of collection. We determine the appropriate retention period for Personal Data on the basis of the amount, nature and sensitivity of your Personal Data processed, the potential risk of harm from unauthorised use or disclosure of your Personal Data and whether we can achieve the purposes of the processing through other means, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).
We may also indefinitely retain and use any aggregated data derived from or incorporating your Personal Data, but not in a manner that would identify you personally.
14.LINKS TO THIRD PARTY WEBSITE