Last updated: Mar 21, 2022
INFORMATION WE COLLECT THROUGH OUR SERVICES
As used in this Policy:
- “Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identify of that natural person.
- “Cookie(s)” means a small piece of software that may be placed on a Visitor’s machine during the use of our websites.
- “Data Subjects” refers to Website Visitors, Conference Registrants, Suppliers, Event Participants, Event Sponsors, Event Speakers, Employees, Business Contacts, Members, Member Applicants, Billing Contacts and other people the association has a relationship with or may need to contact.
1. What type of Personal Data do we collect?
SS may collect the following categories of Personal Data to the extent necessary to achieve the purposes outlined in this policy:
- Identification data, such as first name, name, pictures, IP address, cookies, photographs;
- Contact data, such as email address, telephone number, postal address;
- Personal information, such as age, date of birth, gender, marital status, citizenship;
- Payment information, such as credit card details for purposes of online payment;
- Education and profession and employment data, such as university, specialization, function, employers;
- Other data that you have provided while contacting us, especially using the contact us or sign-up forms on our website and services.
To improve our websites and services, we also collect data sent by your web browser, e.g., information about your browser, your IP address, and your operating system, as aforementioned. In some circumstances, we also collect and process special categories of data, such as passport information for the purposes of issuing visa invitation letters on behalf of our clients. In most instances, we collect personal data directly from the Data Subject, but we may sometimes obtain Personal Data from third parties (such as the Data Subject’s employer or from a public authority).
2. Why do we process Personal Data and on what basis?
We process your Personal Data only if you have granted express consent for its stated purposes. SS processes Personal Data for the following purposes:
- For contract management purposes: SS has legitimate interest in the processing of Personal Data of representatives and contact persons of entities and associations which SS contracts (e.g. with respect to services agreements, consultancy agreements, sponsorship agreements, funding agreements).
- For marketing purposes: SS processes Personal Data from individuals who register themselves on either SS or client websites and give their express consent to receive updates from SS or clients. You may revoke your consent to being contacted by email for promotional purposes any time, by clicking on an unsubscribe link in the footer of the SS or client email alerts or replying directly stating your wish to unsubscribe. SS updates may include the following: newsletters, event updates, and information about future events.
- For communications purposes with delegates during events: If you use our registration system, SimpleSignup, to ensure communications with participants during an event via an event registration portal (Portal), the Portal will store details of all events such as program, notifications, messages, Personal Data of delegates, list of participants, etc. When you download or use the Portal, you may choose to provide Personal Data for your registration and/or profile as follows: Name, email, photo/profile image, company, position/title, gender, phone number, and/or website;
- For organizing seminars and conferences: SS processes Personal Data from individuals who register online to participate in seminars and conferences organized by Event Managers for the purpose of managing the registration and participation to such events based on the necessity for the event organizer to meet its obligations as organizer of the events under the general terms and conditions that are expressly accepted by the individuals and/or based on consent for certain Personal Data. Event organizers using SS may also use third party suppliers and vendors, such as hotels, catering services to meet obligations as organizer of the events under the general terms and conditions that are expressly accepted by the individuals and/or based on consent for certain Personal Data.
- For website administration purposes: When you visit our website, our system automatically collects information about your visit, such as your browser type, your IP address and the referring website. See below for descriptions about the cookies used on our websites and how you can opt out from them:
- Required Cookies: enable the navigation and basic functionality of the website, e.g., access to protected areas of the websites.
- Opt-out: You can configure your browser to disable these Required Cookies. This may reduce the functionality of the website.
- Opt-out: Download the browser plugin “Google Analytics Opt-out Browser Add-on here.
How to control and delete cookies
Note that if you set your browser to disable cookies, you may not be able to access certain parts of our Service and other parts of our Service may not work properly. You can find out more information cookie settings at third-party information sites, such as www.allaboutcookies.org.
3. How long do we store Personal Data?
SS will only keep Personal Data for the time that is strictly necessary to achieve the purpose(s) for which they were collected, e.g. for the duration of a contractual relationship or of a project/event, and for a period of time thereafter if so required by applicable law or if in the primary interests of the Data Subjects. All data is stored on servers located in Canada.
4. How do we store and secure your Personal Data?
SS is committed to safeguarding your Personal Data. We employ reasonable administrative, physical and electronic measures designed to protect your information from unauthorized access. Our cloud service providers implement industry standard security measures to protect your Personal Data when in storage and/or at rest. Our employees are provided with context-specific access to our systems and servers and your Personal Data are subject to contractual obligations to access and use your Personal Data only as required to deliver Services to you. While our Services use cloud infrastructure, our cloud provider places technical and procedural safeguards in place to limit their access to any of our business information, including your Personal Data. Any changes to the treatment of Personal Data are reviewed and approved by SS management.
5. How do we share your Personal Data?
In addition to the sharing through usages described above, we may engage third parties, such as hosting companies, security auditors, or analytics providers, to support us in activities relating to hosting and operating our websites, marketing, analytics, improving the websites and other platforms, and sending email newsletters. These processors may be located outside the European Union. We generally require such vendors to agree to maintain the confidentiality of all of our confidential and/or proprietary business information, including your Personal Data, and to use such information solely for the purpose of providing Services to us. The fact that we may link to a website is not an authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit Personal Data from you. We may disclose your personal information if required by law, regulation, or other legal subpoena or warrant. We may also disclose your personal information to a regulatory or law enforcement agency if we believe it to be necessary to protect the rights, property, or personal safety of SSC, its members or any third party. The above will be done with your informed consent and with adequate protective measures in place.
6. What are your rights as data subjects and how to exercise them?
As a data subject, you have the following rights with respect to personal data we hold about you, subject to applicable legal restrictions:
- Right of access to your Personal Data;
- Right to rectification of incorrect or incomplete Personal Data;
- Right to erasure of your Personal Data;
- Right to restriction of processing of your Personal Data;
- Right to data portability, i.e., the right to receive the Personal Data concerning you in a structured, commonly used and machine-readable format and to transmit those data to another controller;
- Right to object to all or part of the processing, when legally allowed;
- Right not to be subject to automated individual decision-making, including profiling within the limits set out by the law;
- Right to withdraw consent at any time when we process your Personal Data based on your consent;
- Right to lodge a complaint with a supervisory authority.