Updated 03 January, 2019
information we collect or use in relation to the following services
(collectively, the “Services”):
– the Event
– the Event websites and their related subdomains including those pertaining to registration for attendance at the Event and to be a volunteer at the Event;
– the Event apps;
– online surveys relating to the Event;
– messages sent via the Event contact forms; and
– the Event official social media channels.
Personal information processed in connection with the Services is controlled by DevSecCon Limited, a UK company with offices located at Prospect House, 67 Boston Manor Road, Brentford TW8 9JQ, United Kingdom.
2. Information we collect
When we provide the Services, we collect and receive information in several different ways. In many cases, you choose what information to provide, although some information is required for us to provide you the Services.
2.1 Directly from you, or approved third parties.We collect a variety of information from you when you provide it to us directly, when we request it from you, or when you give us permission to get it from a third party source.
– Attendee registration information. When you register to attend an Event, you must provide us with basic information such as name, address, email address, telephone number, date of birth. We also give you the option to provide additional information. This information will only be shared with third parties such as our ticketing partner, Eventbrite, or PayPal, who perform tasks required to complete the purchase transaction.
– Volunteer registration information. When you register to volunteer at an Event, you must provide us with basic information such as name, address, email address, telephone number, and date of birth. We also give you the option to provide additional information.
– Eventapp profile information. To attend an Event, you might be required to download an Event app. You will have the option of providing us with additional profile information in the Eventapp, such as name and email address, and whether you want your profile information to be discoverable within the app by other attendees and partners of the Event. Certain profile information may be included on our Featured Attendees page.
– Event survey responses. We may ask you to participate in optional surveys regarding your experience at the Event in order to help us improve the event and for related commercial purposes.
– Third party social media accounts. If you choose to connect your social media account(s) with the Event app, we may receive certain information from that account, such as your title, picture, and other information you authorize. We may use your friends or connections lists to make recommendations in the Event app, for example to suggest mutual connections.
3. How we use your information
We use your information in order to provide, operate, improve, understand, customize, support, and market our Services, including:
3.1 Providing and improving the requested Services. We use your personal information as necessary to run the Event, such as to register attendees, issue tickets, facilitate information sharing with partners with whom you have consented for us to share information, and provide you with relevant connections and content during the Event based on this information and your use of the Event app.
3.2 Communicating with you. We use your personal information to contact you regarding your registration to attend or volunteer at an Event, to notify you of any changes to our policies and practices, and to respond to any requests or inquiries you may submit to us. If you subscribe to marketing, such as newsletters, we will use your information as described below.
3.3 Marketing. If you opt-in to receiving marketing communications from us, we will use your personal information for outreach and marketing, such as to send you information about our future Events and to exhibit attending companies. You can opt-out of these communications by using the unsubscribe links in our communications or by changing your Event app settings. We may also use your information in order to market the Events. For example, we sometimes use your image on a DevSecCon Event website or on social media. If you want to object to this use, please contact us here at email@example.com.
4. Legal bases for processing your information
when necessary to perform the Terms and Conditions or to provide you
with the Services;
– where you have consented to the processing, which you may revoke at any time;
– when necessary for us to comply with a legal obligation, a court order, or to exercise and defend legal claims;
– when necessary to protect your vital interests, or those of others, such as in the case of an emergency;
– where you have made the information manifestly public;
– where necessary in the public interest; and
– where necessary for the purposes of our, your, or a third party’s legitimate interests, such as those of partners or other attendees or volunteers.
5. Our legitimate interests
As indicated above, in certain cases we use your information where necessary to pursue our, your and others’ legitimate interests, including where necessary to:
Keep the Services safe and secure. We use your information as it is
necessary to pursue our legitimate interests, or those of our attendees, our
volunteers or our partners in ensuring the Event is a safe and secure event,
such as enforcing our Terms and Conditions. We also act in the legitimate
interests of these parties with respect to our Event website, app and other
Services, such as by implementing and enhancing security measures and
protections and protecting against fraud, spam and abuse.
– Provide, develop and improve the Services. We process your information as necessary to pursue our legitimate interests in improving the Event and our other Services, such as our Event websites and apps. For example, we use your information in order to conduct access control and enforce security at the Events. We also use your information to conduct data analysis and analytics across our Services.
– Market the Services. We process your information in accordance with our legitimate interests of marketing the Event and the Services to you. For example, we use your information to market future Events to you and to exhibit attending companies. We may also use your image in our marketing materials in order to highlight the attendees participating in the Events. We also use photos and audio-visual footage from past Events which may contain your image or voice. If you want to exercise your right to object to any of these uses please email us at firstname.lastname@example.org.
6. Sharing with third parties
6.1 Sharing with other attendees. Our Services, such as the Event app, provides attendees with the means of making connections with other attendees. For example, the profile information that you choose to provide us will be accessible to other attendees of the Event, subject to your settings. QR code scanning functionality on your badge is activated by default. You can provide your information to other attendees and partners by allowing them to scan the QR code on your attendee badge. Once this happens, you may consent to the sharing of your contact information with these individuals and companies.
6.2 Marketing. In order to further our legitimate interests in marketing the Services, we rely on third-party marketing platforms and service providers to assist us and perform certain marketing services for us.
6.4 Third party service providers. We may share your personal information to help us operate, provide, improve, understand, customize, support, and market our Services. These third parties provide us with services including for customer support, data storage and website hosting, ticketing and payments processing, legal advice and compliance, and marketing and data analysis. These third parties are contractually required to use it only to provide their service to us, and prohibited from using it for their own purposes.
6.5 Business re-organisation. In instances where DevSecCon or its affiliates are subject to a re-organisation, such as a merger or acquisition of some or all of its assets, we may, in accordance with our legitimate interests, need to share information in the course of the transaction. In such circumstances, your information may be disclosed, where permitted by applicable law, in connection with such corporate restructuring, sale, or assignment of assets, merger, or other changes of control or financial status of DevSecCon or its affiliate.
6.6 Legal and safety reasons. We may retain, preserve, or share your personal information if we have a good-faith belief that it is reasonably necessary to (a) respond, based on applicable law, to a legal request (such as, a subpoena, search warrant, court order, or other request from government or law enforcement); (b) detect, investigate, prevent, and address fraud and other illegal activity, security, or technical issues; (c) protect our rights, property, or safety; (d) enforce our Terms and Conditions or any other agreements we have with you; or (e) prevent physical injury or other harm to any person or entity, including yourself and members of the general public.
6.7 Aggregated information. We may also share aggregated or de-identified information, such as counts of attendee job titles or their affiliated companies, with companies we do business with, including our advertisers, partners as well as other organisational members.
7. Data retention
8. Data transfers
As a global business, we access and transfer information around the world. If you are based in the EU, this means that we access and transfer your personal information outside the EU, including in and to the United States. The privacy protections and the rights of authorities to access your personal information in some of these countries may not be the same as in your home country. We transfer your personal information in accordance with law, and take steps to ensure that your information is appropriately protected.
In particular, where we transfer information to countries that are not viewed as providing adequate protections, we generally rely on an approved mechanism known as the “standard contractual clauses” to protect the information transferred. These are template contracts published by the European Commission containing approved commitments to protect the privacy and security of the information transferred. To request a copy of the clauses, please contact us.
9. Your rights
You have a number of rights in relation to your information that we process. While some of these rights apply generally, certain rights apply only in certain limited cases. We describe these rights below.
9.1 Access and Porting. If you require access to information, please contact us. Where legally required, we will provide your information in an easily accessible format and assist in transferring some of this information to third parties.
9.2 Rectify, Restrict, Delete. If you want us to amend, update or delete information, please contact us.
9.3 Object. Where we process your information based on the legitimate interests described above, or in the public interest, you can object to the processing in certain circumstances. We will generally stop processing your information unless we have compelling grounds to continue processing, such as where needed for legal reasons. Where we use your information for direct marketing, you can always object using the unsubscribe link in such communications, changing your profile settings or by contacting us.
9.4 Revoke consent. If we have specifically asked for your consent to use your information, you have the right to withdraw your consent at any time. For example, if we ask for your consent for direct marketing purposes, you can revoke your consent using the unsubscribe link in such communications, changing your profile settings or by contacting us.
9.5 Complain. If you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority or DevSecCon’s lead supervisory authority, the UK Data Protection Commission.
The security of your personal information is important to us. We strive to use appropriate technical and organisational to protect your personal information. Despite these measures, the Internet is not a fully secure environment and we cannot guarantee that your personal information won’t be intercepted or improperly accessed.
Attendees under 18 years of age may attend the Event if accompanied by an adult or guardian, depending on the age of the attendee. You can find further information our age limitations in our Terms and Conditions.
67 Boston Manor Road
Brentford TW8 9JQ
You can contact us at email@example.com.