Privacy Policy

Last updated: September 13, 2023 (info about newsletter service providers)

Thank you for choosing to be a part of our community. We are strongly committed to protect your personal information and your right to privacy.

Please read this privacy notice carefully as it explains how and what we process the data you choose to share with us.

 

What information do we collect?

Personal data that you choose to disclose to us

Short: We collect the personal data that you provide to us, such as your full name and e-mail address when signing up for our newsletter, or purchasing a ticket as a conference attendee.

We collect the personal data that you voluntarily provide to us when signing up for our optional newsletter, or when you sign up as an attendee to the conference, or otherwise contact us.

The personal data we collect is:

Name and e-mail. We collect your full name and e-mail address when you sign up for our newsletter, or when purchasing a ticket as a conference attendee.

Speakers information: We collect necessary details in order to fulfill travel arrangements and keep your contact information (email) to be able to communicate regarding the event. After the event, all speaker's submitted information in our CFP system will be deleted.

Information from other sources

Short: We are not using external sources for any data, but we may receive information from our payment provider if you purchase a ticket.

We are not using any external sources to provide us the ability to collect or automatically process any personal data, however, upon purchasing a ticket, our payment provider will collect data regarding the purchase that will be available for us for manual processing. Any personal data you disclose to our payment provider may be accessible to us, including but not limited to your name, e-mail and choice of payment method (brand of payment card, etc). We do not have access to your actual payment details (card number, etc).

 

How do we use your information

Short: We process your information to fulfill our obligations to you as a conference attendee or reader of our e-mail based newsletter.

We use the personal data collected via our website for business purposes as stated below. We process this data for these purposes in compliance with our legitimate business interests, in order to perform or enter into a contract with you, with your consent.

We use the personal data you choose to provide us with:

To send you marketing and promotional communication. When you sign up to our newsletter, we may use that personal data to send you information, marketing and promotional offers regarding our conference Security Fest. If you actively have chosen to sign up to receive our newsletter, you can easily opt-out at any time by clicking the Unsubscribe link in the e-mail.

To fulfill and manage your order. When you purchase a ticket to our conference, we use that information to fulfill and manage your purchase order. You will also receive a one-time e-mail with your conference ticket, and a one-time e-mail with your purchase receipt.

 

Will your information be shared with anyone?

Short: We only share the necessary information with our third-party partners for e-mail newsletters, transactional e-mails and our payment provider. No other information is ever shared.

We are using three external third-party partners that will have access to the personal data that you voluntarily submit to us:

Paypal, based in the United States, will have access to the personal data you submit when you purchase a conference ticket (name, e-mail and payment information).

Mailjet, based in France (EU), will have access to the personal data you submit when you sign up for our newsletter (name and e-mail), and when you purchase a conference ticket (name, e-mail and VAT if you submit it). Also, if you submit a talk through our Call-for-Papers portal, any e-mail communication from the portal will go through Mailjet, so they will get the personal data you submit when you sign up at the CFP site (name and e-mail).

MailChimp, based in the United States, will have access to the personal data you submitted when you signed up for our newsletter (name and e-mail) up until 2023-09-13. After this date, subscriptions are managed by Mailjet. Mailchimp data will be deleted after migration has completed.

No other personal data is collected or processed by us, and it is not shared with anyone else.

 

Do we use cookies or other tracking technologies?

Short: Yes, we use regular web server log files, and three external parties, Google, Clicky, and CloudFlare, for tracking analytics with regards to visits to our websites.

The server that is providing the website may temporarily store your IP address in the regular default log files. No other personal data is stored in the web server log files, and they are routinely deleted, and only used for monitoring the system for potential errors.

We are using three external third-party partners for analytics and tracking visits to our websites:

Google Analytics, based in the United States, might store a cookie in your web browser, or collect other information regarding your browsing on our websites (for example IP address, browser version, etc).

Clicky, based in the United States, might store a cookie in your web browser, or collect other information regarding your browsing on our websites (for example IP address, browser version, etc).

CloudFlare, based in the United States, might store a cookie in your web browser, or collect other information regarding your browsing on our websites (for example IP address, browser version, etc).

 

How long do we keep your information?

Short: We keep your e-mail address and full name as long as you are signed up to our newsletter. If you have purchased a ticket, we keep that information for as long as required by law.

We keep your information as long as necessary to fulfill our contract with you, and what is required by law. When you purchase a ticket to the conference, your personal data is collected in two separate systems, our ticketing system for the specific conference, and in the payment provider system.

Your personal data, including e-mail and full name, is stored in our ticket system, to allow you access to the conference you have purchased a ticket for. The data is deleted from the ticket system shortly after the conference has ended.

 

How do we keep your data safe?

Short: We aim to protect your data through a system of technical and organizational security measures.

We have implemented technical security measures designed to limit who has access to your personal data. We also have organizational security measures, that specifically limits who has access to various systems containing personal data. Although we do our best to protect your personal data, transmission of personal data to and from our website is on your own risk. You should only submit personal data to us within a secure environment.

 

Do we collect data from minors?

Short: We do not knowingly collect or process any data from children under the age of 18.

We have a strict age limit of 18 to attend our conference. Alcoholic beverages may be served during the dinner and party. By signing up for the conference, you testify that you are at least 18 years old.

 

What are my data protection rights?

Short: You have the right to access, update, or delete the information we have on you.

We are a data controller of your personal data.

We collect and may automatically process the personal data that you have voluntarily provided us with, in order to fulfill our contracts with you, and in our legitimate interests. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed about what personal data we hold about you, or if you want to be removed from our systems, please contact us.

As a privacy and security measure, and in compliance with the GDPR, we strive to delete any personal data, as soon as possible. The personal data stored in the system that handles the tickets will be deleted shortly (within weeks) after the conference has concluded.