1. What information do we collect?
Personal information you disclose to us
In Short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide when you express an interest in obtaining information about us or our Services, participate in activities on the Services, or otherwise contact us.
Personal Information Provided by You. Depending on context and your choices, this may include:
- Names
- Email addresses
- Mailing addresses
- Job titles
- Contact preferences
Sensitive Information. We do not process sensitive information.
Payment Data. If you choose to make a purchase or donation, we may collect data necessary to process your payment (e.g., payment instrument number and security code). All payment data is handled and stored by 4fund.com / Zrzutka.pl sp. z o.o. and Open Collective, Inc.. Please review their privacy notices for more information.
All personal information you provide must be true, complete, and accurate, and you must notify us of any changes.
Information automatically collected
In Short: Some information — such as IP address and device characteristics — is collected automatically when you visit our Services.
We automatically collect device and usage information when you visit, use, or navigate the Services. This does not reveal your specific identity (like name or contact information) but may include IP address, browser and device characteristics, operating system, language preferences, referring URLs, country, general location, and information about how and when you use our Services. This is needed to maintain security and operation of the Services and for internal analytics and reporting.
Like many businesses, we also collect information through cookies and similar technologies.
- Log and Usage Data. Service-related, diagnostic, usage, and performance information (e.g., IP address, device info, browser type and settings, pages viewed, searches, features used, date/time stamps, and device event information such as system activity and error reports).
- Device Data. Information about the device you use to access the Services (e.g., IP address or proxy, device/application IDs, location, browser type, hardware model, ISP/mobile carrier, operating system, configuration).
- Location Data. Depending on your device and settings, we may collect location data (precise or imprecise, e.g., via IP address). You can disable location sharing in your device settings; some features may not function without it.
2. How do we process your information?
In Short: We process your information to provide, improve, and administer our Services; communicate with you; for security and fraud prevention; and to comply with law. We may also process your information for other purposes with your consent.
We process your information for, for example:
- Service delivery. To provide and facilitate the Services you request.
- Administrative communications. To send important information about our Services, terms, policies, and similar.
- Orders and donations. To fulfil and manage orders, payments, returns, and exchanges made through the Services.
- Feedback. To request feedback and contact you about your use of the Services.
- Marketing (with your consent or as permitted by law). You can opt out at any time (see What are your privacy rights?).
- Vital interests. To save or protect an individual’s vital interests, such as to prevent harm.
3. What legal bases do we rely on to process your information?
In Short: We process your personal information only when necessary and when we have a valid legal basis under applicable law (e.g., consent, compliance with laws, performance of a contract, protection of rights, or legitimate interests).
Under the GDPR/UK GDPR, we rely on the following legal bases, depending on the context:
- Consent. When you have given permission for a specific purpose. You may withdraw consent at any time (see Withdrawing your consent).
- Performance of a contract. When necessary to fulfil our contractual obligations to you or to take steps at your request before entering a contract.
- Legitimate interests. When reasonably necessary to achieve our legitimate business interests, provided they do not override your rights and freedoms (e.g., to understand how our users use our Services and improve user experience).
- Legal obligations. When necessary to comply with our legal obligations (e.g., cooperating with regulators, defending legal rights).
- Vital interests. When necessary to protect your vital interests or those of a third party.
6. How long do we keep your information?
In Short: We keep your information as long as necessary to fulfil the purposes described in this Notice, unless otherwise required by law.
We retain personal information only for as long as needed for the purposes set out in this Notice, unless a longer retention period is required or permitted by law (e.g., tax, accounting). When we have no ongoing legitimate business need to process your personal information, we will delete or anonymise it; if deletion is not possible (e.g., backups), we will securely store and isolate it until deletion is possible.
7. How do we keep your information safe?
In Short: We use organisational and technical security measures to protect your personal information.
We implement reasonable technical and organisational measures to protect personal information. However, no electronic transmission over the Internet or storage technology is 100% secure. Transmission of personal information to and from our Services is at your own risk; access the Services only within a secure environment.
8. Do we collect information from minors?
In Short: We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly collect, solicit data from, or market to children under 18, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18 or that you are the parent/guardian of such a minor and consent to their use. If we learn that we have collected personal information from users under 18, we will deactivate the account and delete the data. If you become aware of any data we may have collected from children under 18, please contact staff@exconeurope.org.
9. What are your privacy rights?
In Short: In some regions (such as the EEA, UK, and Switzerland), you have rights that allow you greater access to and control over your personal information.
Depending on your location, your rights may include: (i) access and copy; (ii) rectification or erasure; (iii) restriction of processing; (iv) data portability (if applicable); and (v) not to be subject to automated decision-making. In certain circumstances, you may also have the right to object to processing. To exercise these rights, contact us (see How can you contact us?).
We will consider and act upon any request in accordance with applicable data protection laws.
If you are in the EEA or UK and believe we are unlawfully processing your personal information, you may complain to your Member State data protection authority or the UK ICO. If you are in Switzerland, you may contact the Federal Data Protection and Information Commissioner.
Withdrawing your consent
If we rely on your consent to process your personal information, you may withdraw your consent at any time by contacting us (see How can you contact us?). This does not affect the lawfulness of processing before withdrawal, nor processing based on lawful grounds other than consent.
Opting out of marketing
You can unsubscribe from marketing emails at any time by using the unsubscribe link in our emails or by contacting us (see How can you contact us?). We may still send service-related or other non-marketing communications.
Cookies and similar technologies
Most browsers accept cookies by default. You can usually remove or reject cookies via your browser settings. Doing so may affect certain features or services of our Services.
If you have questions about your privacy rights, email us at staff@exconeurope.org.
10. Controls for Do-Not-Track features
Most web browsers and some mobile operating systems/applications include a Do-Not-Track (“DNT”) setting to signal your preference not to have online browsing activities monitored and collected. No uniform standard for recognising DNT signals is finalised, and we do not currently respond to DNT signals. If a standard is adopted that we must follow, we will update this Notice.
11. Do we make updates to this Notice?
In Short: Yes. We will update this Notice as necessary to stay compliant with relevant laws.
We may update this Privacy Notice from time to time. The updated version will be indicated by the “Last updated” date at the top. If we make material changes, we may notify you by prominently posting a notice or by contacting you directly. We encourage you to review this Notice periodically to stay informed.
12. How can you contact us about this Notice?
If you have questions or comments about this Notice, email us at staff@exconeurope.org or contact us by post at:
EX//CON Europe ConferencePeter Almasi, Event Coordinator
Víg u. 5.
Kistelek 6760
Hungary
13. How can you review, update, or delete the data we collect from you?
Depending on your local laws, you may have rights to request access to the personal information we collect from you, details about how it is processed, correct inaccuracies, delete your information, or withdraw consent. These rights may be limited in some circumstances by applicable law. To submit a request, please email staff@exconeurope.org.