Including terms of use
In order to be able to use this registration system – Ventla Invite, you may need to submit certain personal information. This privacy policy informs you about the use of personal data submitted to us.
The event organizer is the organization who sent you an invitation and/or organizes the physical event connected to the invitation. According to applicable data privacy legislation, the event organization is the Data Controller of the personal information processed through this registration.
In the event of any uncertainties regarding who is the organizer of the event in any particular instance, or information on the Data Controller´s Data Protection Officer, if any, please contact Ventla International AB, dataprivacy@ventla.io for more information.
Please be informed that if the Data Controller as a part of this event chose to use an event app (App) some or all of the information you submit can be shown in this App, and by proceeding to registering you approve of this. If the App is subject to an access code, the information therein, including the personal information submitted by you and others with access to the App, will be disclosed to everyone with the corresponding access to the App. If and to the extent the App is open, as decided by the Data Controller, the information therein, including personal information submitted by you, is accessible to anyone that may download the App from App Store or Google Play, or the like.
Data Controller will always comply with applicable privacy laws. Data Controller will not disclose personal data to third parties without prior consent, unless specifically stated herein.
Data Controller will process the following personal data, if and to the extent it is submitted by you:
- Name
- Title
- E-mail address
- Any other information you enter as part of the registration form.
Further, if you contact Data Controller we store correspondence or comments, which may contain personal data, to provide better service if you contact Data Controller again.
Data Controller will:
- Process your personal data lawfully, fairly and in a transparent manner.
- Collect your personal data for the stated and legitimate purposes stated in this policy, and will not process your personal data in any way incompatible with these purposes.
- Collect and process personal data that is adequate, relevant, limited to and necessary for the purposes for which it is collected and used.
- Process your personal data only for as long as necessary for the purposes for which it was collected.
- Take appropriate technical and organizational measures to prevent unauthorized access, unlawful processing and unauthorized or accidental loss, destruction or damage to personal data, thereby ensuring an appropriate level of security.
- Take all reasonable steps to ensure that your personal data is accurate and updated without delay if Data Controller is informed or otherwise becomes aware of incorrect information.
- Upon request, delete personal data without unnecessary delay unless there are legal grounds for continuing the processing,
Data Controller may use the personal data submitted by you in order to contact you for marketing purposes, or as follow-up regarding the event attended by you.
Data Controller collects and processes your personal data if and to the extent you have given consent. You have the right to revoke such consent at any time, whereby your personal data will be deleted without delay. The lawfulness of the processing performed during the period when consent existed is not affected by a consent being withdrawn.
Data Controller will further process your personal data to the extent that Data Controller is required to do so by law or decision by authority.
Your personal data will be processed until your consent is withdrawn.
The Data Processor engages subprocessors for providing certain services within the service. Data transfers to subprocessors outside of EU are safeguarded by EU-U.S. Data Privacy Framework. Subprocessors are being reviewed annually for compliance by the Data Processor.
In specific occasions transfer of personal data outside of the EU/EEA could occur for the purpose of support or bug fixing of the service. Such transfer is deemed a lawful basis for ensuring contractual obligations on service level can be met. In such occasions the EU Commission has not decided that such country ensures an adequate level of protection.
By consenting to this Privacy Policy, and by submitting your data, you explicitly consent to the possible transfer of your personal data to a third country as stated herein.
Data Controller ensures that appropriate technical and organisational measures are taken to protect your personal data against unauthorised access or destruction, unlawful processing or accidental loss or damage.
Data Controller uses a secure server where your personal data is processed and limits access to personal data within the organisation. Authorisation to access personal data is provided only to individuals within the organisation, as well as within the Data Processor’s organisation, for the sole purpose of carrying out their duties.
You are entitled to request access to and correction of personal data as well as deletion of personal data, treatment limitation or objection to treatment (if applicable according to relevant privacy legislation). Furthermore, you have a right receive the personal data that you have provided in a structured, commonly used and machine-readable format (portability). You also have the right to file a complaint with the supervisory authority.
Data Controller reserves the right to amend this Privacy Policy as required, for example to comply with changes in laws and regulations.
Data controller uses the following subprocessors to provide the functionality of Ventla Invite:
- Microsoft Ireland (EU)
- Purpose: EU based hosting and storage of Ventla services
- Scope: Encrypted storage of personal data as outlined in “Personal Data to be Processed”.
- Twilio, Inc (US)
- Purpose: Delivery of emails
- Scope: E-mail address shared with Twilio.
- Transfer mechanism: EU-US Data Privacy Framework
- Stripe, Inc (US)
- Purpose: Payment processing of tickets (if enabled)
- Scope: E-mail address, name and billing address
- Transfer mechanism: EU-US Data Privacy Framework
- Zapier, Inc (US)
- Purpose: Data controller can choose to integrate CRM system of their choice using Zapier.
- Scope: Basic participant profile
- Transfer mechanism: EU-US Data Privacy Framework
For information on the Data Controller and/or Data Protection Officer (if any), please contact dataprivacy@ventla.io
Please note that the organizer of the event is the Data Controller according to applicable privacy legislation.