Privacy Notice

Privacy Notice – EAACI Hybrid Congress 2023

1. INTRODUCTION

We, European Academy of Allergy and Clinical Immunology (EAACI) take protection of your personal data very seriously and strictly adhere to the rules laid out by data protection laws and General Data Protection Regulation (GDPR).

By accessing and using our Service, you signify your acceptance to the terms of this Privacy Policy. If you do not agree with or you are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access or use of our Services.

This privacy notice aims to give you information on how EAACI collects and processes your personal data through your use of this platform, including any data you may provide if you contact us regarding our services.

EAACI is committed to the protection of your personal data and guarantees it according to the EU General Data Protection Regulation (EU GDPR). All data is processed by EAACI and the platform provider. By using this platform, personal information and technical data will be collected, stored, processed (and deleted).

Data collection on our website
The data collected on this website/platform are processed by the website operator, EAACI and the platform provider.
The operator’s contact details can be found on the website’s required legal notice.

How do we collect your data?
During the registration, personal data (for example name, address, contact information, etc.) will be collected. If necessary, statistical data such as occupation, field of study, etc. are also recorded. Your data will be collected only when you provide it to us. This may be data that you enter in a contact form. Other data is collected automatically by our IT systems when you visit the website/platform. This data is primarily technical data such as the browser and operating system you are using or when you accessed the page. This data is collected automatically as soon as you enter our website.

What do we use your data for?
We will collect and store the personal data provided for the preparation and execution of the EAACI Hybrid Congress
2023.
Data collections will be used also to assess the duration of time spent on viewing the sessions for each participant on which the CME points will be granted.

2. HOW WE PROCESS YOUR INFORMATION

2.1 PROFILE- / LOG-IN DATA
To use the profile, various personal information must be provided (last name, first name, gender, nationality, email, postal address, and password). This data is required to provide individualized access to our services.

2.2 REGISTRATION
As part of the registration process, various personal information (name, address, contact details, etc.) will be collected as well as information required to complete your booking (desired booking type, participant type, etc.). Depending upon your booking type and preferences, payment data (account details, credit card details) may be collected as well. You may also be asked to provide information such as profession, field of study, etc. for statistical purposes.

2.3 CERTIFICATE OF ATTENDANCE
To provide certification, participants’ personal data (name, address, occupation, etc.) are required.

2.4 ACTIVITY CHALLENGE AND NETWORKING AREA
To participate in the activity challenge feature if provided, personal data (name, address, occupation, etc.) are required and will be collected. In case we have multiple users with the same points total, the winner will be decided as per submission time.

Each participant to establish connections, send messages and have access to the attendees list, his profile must be set to public. By default, all profiles are set to Public, and this can be changed from the Edit Profile page under the Networking area. Email addresses will be only visible when a connection is established between two participants.

Moderation is applied in the chat messages under the Networking area. Any abuse of the networking tool is monitored in real time and will be reported by the EAACI admin team. Participants will be blocked from the chat tool and/or lose access to the event digital platform.

2.5 EXTERNAL LINKS
The platform may contain, or you may be sent through the platform, or links to other websites or content belonging to or originating from third parties or links to websites and features in banners or other advertising. Such external links/websites are not investigated, monitored, or checked for accuracy, adequacy, validity, reliability, availability, legality or completeness by us.

We do not assume responsibility or liability for the accuracy, adequacy, validity, reliability, availability, legality or completeness of any information offered by third-party websites linked through the platform or any website or feature linked in any banner or other advertising.

2.6 EXHIBITION AREA
Kindly note that some content provided in the exhibition area might be limited to Medical Prescribers only or might be limited due to compliance reasons.

2.7 BUSINESS CARD EXCHANGE / LIVE CHAT FUNCTION
You understand and acknowledge that your personal data (name, address, contact details, country, etc.) will be shared with the participating delegates and exhibiting industry for the purpose of these functions (Business Card Exchange / Live Chat Function) on the EAACI Hybrid Congress 2023 platform and used in accordance with the General Data Protection Regulation (GDPR).

By using these features to collaborate and communicate with the industry, you accept that EAACI, its Board of Officers, Executive Committee Members and employees shall not be liable for any communication or content shared.

2.8 ABSTRACTS
As part of the registration, various personal information (name, address, contact details, etc.) as well as information required to complete your submission (author status, registration data, membership data, etc.) will be collected.
Furthermore, individual data and documents (scientific abstracts, application forms, supporting documentation, etc.) will be collected. This data may be made publicly accessible in print or in electronic form such as abstract books, scientific journals, conference programs, online databases, and catalogues as well as on related websites.

2.9 AUTOMATIC TECHNICAL COLLECTION OF DATA
By using this platform, various technical data will be collected automatically. Among this, but not restricted to, is the following information: operating system, browser type and version used, referrer URL, location-based data, IP address, date and time of access. This data will be saved routinely and deleted automatically after an appropriate period. This data may be linked to individual user data. The use of some services may require the acceptance of cookies (text files that may, for example, contain your preferences and login data to allow automatic log-in and extended functionality).
The usage of cookies can be configured in the settings of your computer, where you may also delete them.

2.10 PROCESSING & DISTRIBUTION
All data mentioned above will only be collected as necessary for the provision of the services described (non-optional fields). Additional data may be provided voluntarily (optional fields) to increase the quality of service. All data is being collected, saved, processed, and deleted according to GDPR. Whenever necessary for the provision of services, data may be transmitted to sub-contractors or service providers. This may include transmission of data to other countries, including countries outside the European Union. Your data may be made available to governmental authorities. Your data may also be used for communication and information related to the event. According to your preferences stated in section “Acceptance” at the end of the registration form, your data may also be used for further purposes (see further paragraphs).
For a complete list of sub-contractors, service provides and Founder sponsors, please refer to section 8 “Data Transfers and Third Parties”

3. USE OF ‘COOKIES’

Cookies are Small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. Cookies allow a website to recognize a particular device or browser. We use cookies in example to make your experience of our website better and create data for attendance certificates.

At EAACI we set and use some cookies ourselves but only on our site. These are called first party cookie. When cookies are served by another domain they are called “third party cookies”. Please see what cookies we use below:

 

4. HOW LONG DO WE KEEP INFORMATION FOR

We pride ourselves on ensuring that your personal data is retained for the period that EAACI needs it for. All personal information collect has a defined retention period, which is in-line with our retention policy. If you would like to find out how long your information is being retained, please see “additional information”, section 10 of this policy.

5. SECURITY OF PERSONAL INFORMATION

EAACI is committed to handling your personal information with high standards of information security. In order to protect and safeguard the personal data provided to us, we have implemented and use appropriate business systems and procedures. For example, your credit card information is transmitted to us through a secure server protocol, which encrypts all your personal and credit card details. The encryption method used is the industry standard “Transport Layer Security (TLS)” technology. Our TLS certificate has been issued by utn.usertrust.com.
Furthermore, we have implemented and use security procedures and technical and physical restrictions for accessing and using personal information. Only authorized employees are permitted to access personal information for performing their duties in respect of our services. Our server and network are protected by firewalls against unauthorized access and we have intrusion detection systems that monitor and detect unauthorized (attempts to) access to or misuse of our servers.

6. CHILDREN’S INFORMATION

EAACI does not knowingly collect information on children without consent from a responsible parent. If EAACI have collected personal information on a child, please see section 10 immediately, so we can remove this information without any undue delay.

7. YOUR INDIVIDUAL RIGHTS

In this Section, we have summarised the rights that you have under General Data Protection Regulation. Our summaries are not intended to provide a full explanation of the rights under the GDPR. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

Your principal rights under General Data Protection Regulation are:
• Right to Access
• Right to Rectification
• Right to Erasure
• Right to Restrict Processing
• Right to Object
• Right to Data Portability

You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee.
You as a data subject have the right to rectification, which will allow you as the data subject to modify/change any personal information to the purpose of ensuring that the information we process is up to date.
The right to erasure or right to be forgotten will allow you as the data subject to inform us that you no longer want EAACI to continually to store or process your personal information. Please be aware that we may decline your right for several reasons, which are not limited to, having a lawful basis to process your information or us needing your information for the performance of a contractual obligation.
As a data subject, you have the right to stop any processing of your personal information. Please be aware that you must provide us with a legitimate reason for us to stop processing. Any request made that does not conform to the GDPR will be rejected.

On occurrence EAACI may send you marketing emails to make you aware on new products that we believe can benefit you, the data subject. As you have the right to object, you can click the unsubscribe link on all our emails to inform us that you no longer want to receive marketing emails from us.

The right to data portability will allow you as the data subject to have your personal information securely transferred to another organisation for processing. At EAACI we place this reasonability on you the data subject. When you make this request, we will export all information about you and securely transfer it to yourself. You, the data subject will be able to give this information to your chosen organisation.
If you have any question about these rights, please see “additional information”, section 10 of this policy.

8. DATA TRANSFERS/THIRD PARTIES

8.1 PROVIDING YOUR INFORMATION TO OTHERS
EAACI may disclose your personal data to some third parties insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy. Third parties that we use are listed below.

8.2 ANALYTICS
We use third-party analytic tools to better understand who is using the website and how people are using it so we can continuously improve it. These tools may use cookies and other technologies to collect information about your use of the website and your preferences and activities. These tools collect information sent by your device or the website and other information that assists us in improving the website. This information may be used to analyse and track data, determine the popularity of certain content, and better understand your online activity, among other things.
We use Google Analytics to better understand who is using the website and how people are using it. Google Analytics uses cookies to collect and store information such as website pages visited, places where users click, time spent on each website page, Internet Protocol address, type of operating system used, location-based data, device ID, search history, gender, age, and phone number. We use this information to improve the website and as otherwise described in this Privacy Policy. Please see http://Analytic.google.com/policies/privacy/partners/ for information about how Google
Analytics uses this information, and visit https://tools.google.com/dlpage/gaoptout for information about the Google
Analytics Opt-out Browser Add-on. Google may track your activity over time and across websites.

8.3 OTHER THIRD PARTIES – WHICH PARTIES WILL RECEIVE INFORMATION
When using the Business Card Exchange and the Live Chat function (see section 2.7 of this policy) you agree that your personal data will be shared with the exhibitors in the digital platform.

8.4 INFORMATION SECURITY WITH TRANSFERS
In this Section 8.4, we provide information about the circumstances in which your personal data may be transferred to countries outside the European Economic Area (EEA).
We, EAACI do transfer personal information to third parties outside of the European Economic Area (EEA). We take steps to ensure that where your information is transferred outside of the EEA by our service providers and hosting providers, appropriate measures and controls are in place to protect information in accordance with applicable data protection laws and regulations. For example, we may share information with affiliates based outside the EEA for the purposes foreseen by this Privacy Notice. EAACI are subject to EAACI data protection policies designed to protect data in accordance with EU data protection laws. In each case, such transfers are made in accordance with the requirements of Regulations (EU) 2016/679 (the General Data Protection Regulations or “GDPR”) and may be based on the use of the European Commission’s Standard Model Clauses for transfers of personal data outside the EEA.

9. RIGHT TO COMPLAINT

We take any complaints about our collection and use of personal information very seriously.
If you think that our collection or use of personal information is unfair, misleading or inappropriate, or have any other concern about our data processing, please raise this with us in the first instance.

To make a complaint, please contact EAACI Headquarters (For raising issues directly with EAACI).
EAACI Headquarters
111 Hagenholzstrasse
8050 Zurich
Tel: +41 44 205 55 33
gdpr@eaaci.org
https://www.eaaci.org/contact-top.html
Alternatively, you can make a complaint to the supervisory official in your chosen country.

EAACI EU presentative is:
By Post: Rickert Rechtsanwaltsgesellschaft GmbH, Kaiserplatz 7-9, 53113 Bonn, Germany
By email: datenschutz@rickert.net

10. ADDITIONAL INFORMATION

Your trust is important to us. That is why we are always available to talk with you at any time and answer any questions concerning how your data is processed. If you have any questions that could not be answered by this privacy notice or if you wish to receive more in depth information about any topic within it, please contact Charalampos Kostaras via email gdpr@eaaci.org.

11. REVIEW OF THIS POLICY

We keep this Policy under regular review. This Policy was last updated on 28 December 2021.

11.1 AMENDMENTS
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.