31 July, 2018
HackControl’s commitment is to put users first. We will only use the information that we collect at our Website about you lawfully in accordance with applicable local, national or international law or regulation. We strive to be transparent about how we collect, use, disclose and process your information, to keep your information secure and to provide you with meaningful choices.
In this Policy, "personal data" means any information relating to you as an identified or identifiable natural person ("Data Subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an online identifier or to one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity.
– The 4th Global CyberSecurity Forum HackIT
– the HackIT website https://hackcontrol.org and their related subdomains including those pertaining to registration for attendance;
– account within the mentioned above Website;
– online surveys relating to the HackIT;
– messages sent via the HackIT support portal; and
– the HackIT official social media channels.
Personal information processed in connection with the Services is controlled by HackControl , an Estonian limited liability company with offices located at Parda 4, Kesklinn, Tallinn, 10151 Harju Maakond, Eesti, Kesklinna, Estonia.
2. HOW WE COLLECT INFORMATION
When we provide the Services, we collect and receive information in several different ways. In many cases, you choose what information to provide, although some information is required for us to provide you the Services.
- We collect a variety of information from you when you provide it to us directly, when we
request it from you, or when you give us permission to get it from a third party source.
The Company collects data when you interact with its Websites, especially
- you browse any page of the Websites;
- the Company contacts you;
- you use the Websites;
- you receive emails from the Company;
- you chat with the Company for customer support;
- you connect integrations;
- you opt-in to marketing emails.
- you set up an account.
- The Company collects the following categories of data:
- contact details such as your first name, last name, telephone number, telegram username, email address;
- business details such as your company, your job title;
- data for setting up an account for the purposes of upcoming HackIT: Food preferences, Picture of profile;
- data that identifies you such as your IP address, login information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version;
- data on how you use the Websites such as your URL clickstreams (the path you take through the Websites), goods/services viewed, page response times, download errors, how long you stay on webpages, what you do on those pages, how often, and other actions.
- Consent rule
If you have given consent to the processing of your data, you can freely withdraw such consent at any time by emailing the Company to email@example.com.
If you do withdraw your consent, and if the Company does not have another legal basis for the processing of your data, then the Company will stop the processing of your personal data.
If the Company has another legal basis for the processing of your data (legitimate Interests, for example), then the Company may continue to do so subject to your legal interests and rights.
By providing us your telegram username you also agree that we will automatically add you to our HackIT telegram group.
3. HOW WE USE YOUR INFORMATION
We use your information in order to provide, operate, improve, understand, customize, support, and market our Services, including:
Keeping the Websites running. Managing your requests (like orders), login and authentication, remembering your settings, processing payments, hosting and back-end infrastructure
Providing Services. the Company needs to provide services accessible via the Websites. Fulfilling our legal or regulatory requirements. Sending you technical notices, support or administrative notifications
Improving the Websites. Testing features, interacting with feedback platforms and questionnaires, managing landing pages, heat mapping the Websites, traffic optimization and data analysis and research, including profiling and the use of machine learning and other techniques over your data and in some cases using third parties to do this.
Communicating with you. We use your personal information to contact you regarding your registration to attend, to notify you of any changes to our policies and practices, and to respond to any requests or inquiries you may submit to us. If you subscribe to marketing, such as newsletters, we will use your information as described below.
Marketing. If you opt-in to receiving marketing communications from us, we will use your personal information for outreach and marketing, such as to send you information about our future events and to exhibit attending companies. You can opt-out of these communications by using the unsubscribe links in our communications.
4. LEGAL BASES FOR PROCESSING YOUR INFORMATION
– when necessary to perform the Terms and Conditions or to provide you with the
proper Website use;
– where you have consented to the processing, which you may revoke at any time; – when necessary to protect your vital interests, or those of others, such as in the case of an emergency;
5. OUR LEGITIMATE INTERESTS
As indicated above, in certain cases we use your information where necessary to pursue our, your and others’ legitimate interests, including where necessary to:
Keep the Website safe and secure. We use your information as it is necessary to pursue our legitimate interests, or those of all visitors, users, and others who access or use in ensuring the HackIT is a safe and secure Website, such as enforcing our Terms and Conditions.
Provide, develop and improve the Services. We process your information as necessary to pursue our legitimate interests in improving HackiIT and our other Services, such as our Websites etc.
Market the Services. We process your information in accordance with our legitimate interests of marketing the event and the Services to you. If you want to exercise your right to object to any of these uses please email us at firstname.lastname@example.org.
6. SHARING WITH THIRD PARTIES
Marketing. In order to further our legitimate interests in marketing the Services, we rely on third-party marketing platforms and service providers to assist us and perform certain marketing services for us.
Third party service providers. We may share your personal information to help us operate, provide, improve, understand, customize, support, and market our Services. These trusted third parties provide us with services including for customer support, data storage and website hosting, ticketing and payments processing, legal advice and compliance, and marketing and data analysis. These trusted third parties are contractually required to use it only to provide their service to us, and prohibited from using it for their own purposes.
Legal and safety reasons. We may retain, preserve, or share your personal information if we have a good-faith belief that it is reasonably necessary to (a) respond, based on applicable law, to a legal request (such as, a subpoena, search warrant, court order, or other request from government or law enforcement); (b) detect, investigate, prevent, and address fraud and other illegal activity, security, or technical issues; (c) protect our rights, property, or safety; (d) enforce our Terms and Conditions or any other agreements we have with you; or (e) prevent physical injury or other harm to any person or entity, including yourself and members of the general public.
Aggregated information. We may also share aggregated or de-identified information, such as counts of attendee job titles or their affiliated companies, with companies we do business with, including our advertisers, partners as well as other organisational members.
7. DATA RETENTION
8. LOCATION OF THE PROCESSING OF PERSONAL DATA AND DATA TRANSFERS
The personal data collected by the Company is processed at the Company’s offices in Tallinn. The Company is international and can have foreign branches and departments. The Company’s Research and Development department is based in Kyiv at secure premises.
Our servers for storing the data are located in Germany.
As a global business, we access and transfer information around the world. If you are based in the EU, this means that we access and transfer your personal information outside the EU, including in and to the United States. The privacy protections and the rights of authorities to access your personal information in some of these countries may not be the same as in your home country. We transfer your personal information in accordance with law, and take steps to ensure that your information is appropriately protected.
In particular, where we transfer information to countries that are not viewed as providing adequate protections, we generally rely on an approved mechanism known as the "standard contractual clauses" to protect the information transferred. These are template contracts published by the European Commission containing approved commitments to protect the privacy and security of the information transferred. To request a copy of the clauses, please contact us.
9. YOUR RIGHTS AS DATA SUBJECT
You have a number of rights in relation to your information that we process. While some of these rights apply generally, certain rights apply only in certain limited cases. We describe these rights below.
Access and Porting. You can access much of your information by logging into your HackIT account. If you require access to additional information, or you do not have a HackIT account, please contact us. Where legally required, we will provide your information in an easily accessible format and assist in transferring some of this information to third parties.
You have the right to access information about you, especially:
- the categories of data;
- the purposes of data processing;
- third parties to whom the data disclosed;
- how long the data will be retained and the criteria used to determine that period;
- other rights regarding the use of your data.
In the context of the right to access information the Company shall provide you with the information within one month of your request unless there is a justified requirement to provide such information faster.
Rectify, Restrict, Delete. You can amend, update and delete some of your information by logging into your HackIT account. You have the right to be "forgotten". You may ask erasing any personal data about you, if it is no longer necessary for the Company to store the data for purposes of your use of the Websites. If you don’t have a HackIT account, or want us to amend, update or delete other information, please contact us.
Object and termination of processing. Where we process your information based on the legitimate interests described above, or in the public interest, you can object to the processing in certain circumstances.
You can object to the Company using your personal data for profiling you or making automated decisions about you. The Company may use your data to determine whether we should let you know information that might be relevant to you (for example, tailoring emails to you based on your behaviour).
We will generally stop processing your information unless we have compelling grounds to continue processing, such as where needed for legal reasons. Where we use your information for direct marketing, you can always object using the unsubscribe link in such communications, changing your HackIT account settings or by contacting us.
Revoke consent. If we have specifically asked for your consent to use your information, you have the right to withdraw your consent at any time. You may ask us to refrain from using your data for marketing. You can opt out from marketing. You may choose not to provide the Company with personal data. If you choose to do so, you can continue to visit the Websites and browse its pages, but the Company will not be able to process transactions without personal data.
You can exercise the following rights by sending us an email email@example.com.
Cookies. You may turn off cookies in your browser via settings. You can block cookies on your browser refusing cookies. You may delete cookies. If you turn off cookies, you can continue to use the Websites and browse its pages, but the Websites and certain services will not work properly.
Application to the the Estonian Data Protection Inspectorate. You have the right to lodge a complaint regarding the use of your data by the Company. You can address any complaint to the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) as directed on their website at http://www.aki.ee/en/inspectorate/staff-and-contacts (in English) or http://www.aki.ee/et/inspektsioon/kontaktid-nouandetelefon (in Estonian).
The security of your personal information is important to us. We strive to use appropriate technical and organisational to protect your personal information. We have security and organizational measures and procedures to secure the data collected and stored. We have security policies and data processing agreements with all our employees and contractors who are obliged to follow and maintain appropriate technical and organizational measures.
Connections to the Websites are encrypted using 256-bit SSL with integrity assured by the SHA2 ECDSA algorithm.
We use servers that comply with strict international data security standards, including ISO 27001.
Despite these measures, the Internet is not a fully secure environment and we cannot guarantee that your personal information won’t be intercepted or improperly accessed. You are responsible for your login information and password. You shall keep them confidential.
In case if your privacy has been breached, please contact the Company immediately on firstname.lastname@example.org.
Use of MailChimp
For sending our newsletter we use the provider MailChimp. MailChimp is an offer of The Rocket Science Group, LLC, 512 Means Street, Suite 404 Atlanta, GA 30318, USA. When you register for our newsletter, the data you provide when registering for the newsletter will be transferred to MailChimp and stored there. After registration you will receive an e-mail from MailChimp to confirm your registration ("double opt-in"). MailChimp offers extensive analysis possibilities about how the newsletters are opened and used. These analyses are group-related and are not used by us for individual evaluation. Further information about MailChimp and data protection at MailChimp can be found here: http://mailchimp.com/legal/privacy/
HackControl ul. Halicka 9,