Privacy Policy: Meetup | UX/UI Consistency – The only comfort zone you shouldn’t leave
Pursuant to Articles 13 and 14 of “Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC” (“General Data Protection Regulation” or “GDPR”) and Article 22 of the Law on Personal Data Protection (“Official Gazette of the BiH”, No. 49/2006, 76/2011 and 89/2011 – amend, hereinafter: the “Law”) related to the collecting of personal data of participants in the event “UX/UI Consistency – The only comfort zone you shouldn’t leave”, HTEC d.o.o. Sarajevo,with registered seat at the address Maglajska 1, 71000 Sarajevo, Bosnia and Herzegovina, CIN 65-01-0438-10 (hereinafter: the “Company” or “we”), as a personal data controller, provides the following:
PRIVACY NOTICE FOR THE PARTICIPANTS IN THE EVENT “UX/UI Consistency – The only comfort zone you shouldn’t leave”
(hereinafter: the “Notice”)
Thank you for your interest in participating in the event called “UX/UI Consistency – The only comfort zone you shouldn’t leave“, organized by the Company on 27 October 2023 at 6pm, at HTEC Mostar Office, Gojka Vukovića 8b (hereinafter: “Event“), with the intention to discuss and share experiences on AI and its functioning principles.
The Company respects your privacy and is committed to protecting your personal data. The Company is a personal data controller. This means that we are responsible for deciding how we hold and use personal data about you. This notice is aimed to inform you of how and why your personal data will be used for the purposes of your registration and participation in the Event, and how long it will be retained for. It provides you with certain information that must be provided under the Law and GDPR.
Data Protection Principles: We will comply with the Law, GDPR and data protection principles, which means that your data will be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Maintained only for as long as necessary for the purposes they were collected for.
- Kept securely and protected against unauthorized or unlawful processing and against loss or destruction using appropriate technical and organizational measures.
Event participants, i.e., categories of data subjects: individuals who applied for the participation in the Event and who submitted their data to the Company for the purpose of registration and participation in the Event.
Purpose of processing: We process your personal data for the following purposes:
- To be able to process your application and enable you participation in the Event.
- To be able to communicate by email with you for the purpose of sending you the service information, notifying you of potential changes in the Event organization and sending you reminders ahead of the Event.
- To be able to send you updates about news and future events organized by the Company and its affiliated companies, information regarding open positions, as well as newsletters with general information about the Company and its affiliated companies, provided that you have previously agreed that we may keep your data for these purposes.
- To be able to improve our activities relating to digital advertising via social media channels and/or via relevant websites that are in the pool for advertising via Google Ads platform.
- Photographs (or, screenshots) of the Event that include you we will use for the promotional purposes (e.g., in publications we distribute to the participants in the Event, reports that we distribute internally or externally (e.g., to HTEC clients), on HTEC website and/or social media profiles).
Legal Basis: We process your personal data based on your prior, freely given consent.
After we receive your data, we will process this data in order to organize your participation in the Event, as well as for the above listed purposes.
For the avoidance of doubt, by participating in the Event, participants consent that the same can be photographed and that the photographs (or, screenshots) of the Event can be used for the purposes mentioned in section 3 above.
Data subject consent withdrawal and legal consequences: Consent can be withdrawn freely at any time by the submission in writing (including in electronic form). By withdrawing the consent, processing of personal data shall stop, and the collected personal data shall be erased. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Categories of personal data:
- The data you have provided in your application, including name, surname, e-mail address, city and country which you come from;
- The data you have provided to us in your answers to the optional questions included in the application, i.e., your job title and the company which you come from;
- Photographs (or, screenshots) of the Event which include you, which were taken during the Event.
Methods of data collecting: We collect personal data about the participants from the following sources:
- Directly from the participants, from the submitted application to participate in the Event, as well as during the Event.
If you fail to provide personal data when requested, which is necessary for us to consider your application (name, surname, e-mail address and job title), we may not be able to process your application further.
Sensitive personal data: We will not process special categories of personal data about you (hereinafter: the “sensitive data”) for the above listed purposes. If you submit certain data about your health or your disability status or some other sensitive data in the application for the participation in the Event, we will not process such data, and we will destroy them in accordance with our data retention policy.
Automated decision-making: You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.
Data Retention: We will retain your personal data for a period necessary for the fulfillment of the processing purposes listed in Article 3 above, i.e., until withdrawal of your consent. If you withdraw your consent before the Event takes place, we will not be able to process your application, and you will not be enabled to participate in the Event. After this period, we will securely destroy your personal data in accordance with our data retention policy. If you have given your prior consent to keep your data (name, surname, e-mail address and job title) so that we can contact in order to send you updates about news and future events organized by the Company and its affiliated companies, information regarding open positions, as well as newsletters with general information about the Company and its affiliated companies, we will keep this data for 1 (one) year after you have gave your consent to the processing of this data for the aforementioned purposes, i.e., until withdrawal of your consent (after which we will destroy it as described above).
International data transfer: Personal Data can be transferred from Bosnia and Herzegovina into other countries and international organizations only in accordance with the provisions of the Law, to the countries which provide for the same or higher personal data protection standards. Countries to which data may be transferred are countries that are member states of the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data and include countries of the Company’s affiliated companies: Serbia, North Macedonia, Hungary, Romania, Bulgaria, Slovenia, Poland and the Netherlands. Personal Data may also be transferred to other countries of the European Economic Area and the USA. The Company shall in each case of international data transfer ensure that transfer of personal data is carried out with the implementation of appropriate mechanisms of protection of personal data.
Personal data users and processors: personal data is used by the persons in the Company and persons in the Company’s affiliated companies. The Company may share the data with its legal advisors in order to fulfill the purposes in accordance with law.
Data subject’s rights:
- right to be truly and properly informed on personal data collection;
- right to submit an access request to the Company relating to the data held about them, right to request for a copy of the personal data the Company holds about them, right to request a correction, an addition, an update, a removal of personal data as well as a break of processing the personal data and temporally suspension;
- right to request erasure of the personal data if the purpose of collecting the personal data is not properly defined; the purpose of collecting the personal data is changed, and conditions for collecting the personal data for this changed purpose are not fulfilled; the purpose is fulfilled, i.e. the personal data is no longer necessary for fulfillment of the purpose; the way of processing the personal data is prohibited; the collecting of the personal data is not proportional to the purpose of collecting them;
- right to object to the Company to the processing.
Right to lodge a complaint: data subject is entitled to lodge a complaint to the competent authority (if the data subject resides in Bosnia and Herzegovina such authority is Agency for the Protection of Personal Data in Bosnia and Herzegovina, Dubrovačka 6, 71000 Sarajevo, email: szzzp@azlp.ba, phone: +387 33 726 258) if the data subject finds or suspects that the controller or data processor has violated his/her right or that there is a direct danger of violation of his/her right.
Personal data protection measures: The Company undertakes adequate technical, organizational and personnel security measures and has the necessary protection mechanisms in place, in order to process personal data in accordance with the Law and GDPR and to prevent the misuse of the data or accidental, unlawful or unauthorized access, destruction, loss, alterations, disclosure or acquisition of the data.
The measures include the electronic and physical protection of the collected data on the participants in the Event.
Address for personal data protection queries: In the event of any questions, requests and information related to personal data protection as well as exercising rights of data subjects, the data subjects can contact the Company at the following e-mail address: dpo@htec.com.
Terms used in this Notice shall have the meaning in accordance with the Law and GDPR.