|
Privacy Policy |
Effective as of 24th February 2025.
ABOUT THIS POLICY
The purpose of this Privacy Policy (hereinafter “the Policy”) is to describe how the International Council of Nurses and Imavox collect, process and protect personal data of registered participants (hereinafter “you”, “your”) to its International Council of Nurses 2025 Congress (“Congress”) in compliance the Swiss Federal Act on Data Protection (“FADP”) and the European General Data Protection Regulation (EU) 2016/679 (“GDPR”), hereinafter “Applicable Law”.
DATA CONTROLLER
The International Council of Nurses (“ICN”), 3 place Jean-Marteau, 1201 Geneva, Switzerland and Imavox (“AIO”), Av. de Préville 4, 1510 Moudon, are acting as joint data controllers (hereinafter referred together as “we”, “our” or “us”) for the personal data concerned in this Policy.
YOUR PERSONAL DATA RIGHTS AND CONTROLS
What is Personal Data?
Personal data may be any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, an online identifier or to one or more factors specific to that natural person.
Applicable Law gives rights to individuals over their personal data. In the table below, your rights and their descriptions are outlined.
|
|
It is your right to: |
|
Access |
Be informed of the personal data we process about you and request access to it |
|
Rectification |
Request that we amend or update your personal data where it’s inaccurate or incomplete |
|
Erasure |
Request that we delete certain of your personal data |
|
Restriction |
Request that we temporarily or permanently stop processing all or some of your personal data |
|
Object |
Object to us processing your personal data at any time, on grounds relating to your particular situation. Object to your personal data being processed for direct marketing purposes |
|
Data portability |
Request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service |
|
Not to be subject to automated decision-making |
Not be subject to a decision based solely on automated decision-making (decisions without human involvement), including profiling, where the decision would have a legal effect on you or produce a similarly significant effect |
To exercise these rights, you are free to contact Imavox (AIO) at service@imavox.global.
PERSONAL DATA PROCESSING
We collect your personal data via the registration website https://icncongress.org/ (“Website”) owned by ICN and operated by AIO either directly from you, typically through registration forms on our website, or indirectly during your interactions with us (please see below section “Website cookies”).
Regarding data collected directly from you, we indicate all mandatory information on our forms with an asterisk. If you do not answer the mandatory questions, you will not be able to register for the event.
The following list of data could be collected while you register to an event:
|
Category |
Description |
|
Participant account information |
Registration number, e-mail address, year of birth. |
|
Participant contact information |
Full name, mobile phone number, address, company name, address and VAT number (if applicable), and additional information submitted by the Participant and/or their organization, |
|
Participant registration information |
educational, employment and professional background such as title, license, role and industry, professional expertise, abstract, documentation or proof of a professional status (if required for a special fee), and when applicable travel grant request and accessibility and dietary requirements (upon consent). Participants photo image: personal photo image (upon consent). |
|
Payment and purchase data |
Personal data that the third-party payment gateway Stripe, with servers located in the US, to be able to collect payment for tickets. (this data collection only applies to events that have paid tickets) |
|
Other information |
With respect to a speaker or a lecturer, additional information may be processed such as the content of the lecture and a recording of the lecture during the event. |
OUR PURPOSES FOR USING YOUR PERSONAL DATA
The table below sets out:
- Our purpose for processing your personal data
- Our legal justifications (each called a "legal basis") under data protection law, for each purpose
- Categories of personal data which we use for each purpose (see more about these categories in Section 3 ‘’Purpose of collecting data’’)
|
Purpose for processing your data |
Legal basis that permits the purpose |
Categories of personal data used for purpose |
Data Controller |
|
To organize and manage your participation to the Congress |
Legitimate Interest Consent (for pictures, accessibility and dietary requirements only) |
Participant account information Participant contact information Participant registration information Payment and purchase data Other information |
ICN and AIO |
|
To manage operations, including to further the goals of the association, statistical analysis, promotion of future educational initiatives and developing the association membership. |
Legitimate Interest Consent (if needed)
|
Participant account information Participant contact information Payment and purchase data |
ICN |
|
To comply with legal obligations and law enforcement requests. |
Compliance with legal obligations Legitimate interest |
Participant account information Participant contact information Participant registration information Payment and purchase data Other information |
ICN and AIO |
DATA RETENTION AND DELETION
Retention
In order to comply with the principle of data minimization, your personal data is only kept for as long as is necessary to achieve the above-mentioned purposes.
Identification data collected for events will be kept for 1 year post-event and a maximum of 2 years when required by the organizer.
In order to comply with our legal obligations, certain personal data is retained for a longer period (for example, to fulfill our billing obligations), as well as to exercise certain rights (especially to take legal action). If applicable, this data will be retained for the duration imposed by the legal obligation or until the expiration of the statute of limitations for legal action.
Data recipients
Within the context of management of this processing, the data processed is reserved for the use of the event only and can only be communicated internally and/or to the organizer responsible for organizing this event.
Deletion
If you close or request that we terminate your account, we'll delete or anonymize your personal data so it no longer identifies you, unless we are required to keep information if there is a need to use it for a legally justifiable reason.
Here are some examples of situations where we're legally allowed or required to keep some of your personal data:
- If there's an unresolved issue relating to your account, such as an outstanding credit or unresolved claim or dispute.
- For our legal, tax, audit and accounting obligations.
- For our legitimate business interests such as fraud prevention or to maintain security.
Imavox (AIO) can be requested at any moment to delete your user data. To do so, please contact us at:
email (service@imavox.global)
phone at +41 21 320 12 90
writing to us at Imavox sa, ch. du Crêt des Pierres 4, 1090 La Croix sur Lutry – Lausanne, Switzerland
we will also treat your request by contacting us on the congress email: contact@icncongress.org
SECURITY AND CONFIDENTIALITY OF YOUR DATA
We implement appropriate measures to preserve the security and confidentiality of your personal data and, in particular, to prevent it from being distorted, damaged, or accessed by unauthorized third parties. Further, we do not authorize the use of spamming, phishing, junk emails, or any other form of inappropriate or illegal form of external communication..
Any personal data processed by us is kept on secure servers in Europe. We use reasonable administrative and technical personnel, and physical measures including training, and restricted accessed to safeguard personal data against loss, unauthorized access, use, disclosure, or modification and to ensure the integrity of the personal data. Additionally, we ensure to process your personal data only for the purposes mentioned in this privacy notice and to keep data no longer than necessary.
INTERNATIONAL TRANSFER OF YOUR DATA
Your personal data may be stored and processed in any country in the world where we have facilities or service providers (currently includes mainly the following countries: European Union countries, United States of America, Singapore, Mauritius, and India) or where we are holding an in-person or virtual Congress. These countries may have different data protection rules to those in your country of residence.
Some countries outside your country of residence are recognized as offering an adequate level of data protection; others, however, are not. For transfers to countries that are not recognized as offering an adequate level of data protection (such as, among others, Mauritius and India), we have ensured that adequate measures are in place, including ensuring that the recipient is bound by the European Commission's revised Standard Contractual Clauses (including adjustments and additions necessary for use under Swiss data protection law) to adequately protect your personal data, as required by the GDPR.
WEBSITE COOKIES
Types of cookies and trackers and configuration
The cookies that can be installed on your server when you browse the site are cookies that have either the exclusive purpose of allowing or facilitating electronic communication or are strictly necessary for the provision of the service you are requesting (language and/or time-zone cookies, identification cookies, etc.), or analytical cookies or other cookies under the conditions described below.
Cookies placed on the Webiste:
|
Name of cookies |
Description/purpose |
Retention period |
|
_tool_session |
Session cookie |
Length of active Session |
|
_ga |
Login |
Length of active Session |
|
AWSALB |
Amazon web services load balancing |
1 week |
|
Browser.timezone |
Localisation / timezone |
1 year |
|
Plausible.io |
analysis and statistical tracking of a website |
2 years |
Browser settings
You may change your browser’s settings to delete cookies that have already been set while visiting other websites. To learn more, visit the help pages of your browser (Chrome, Edge, Firefox, Safari…).
CHANGES TO THIS POLICY
We may update this Policy from time to time, with the most recent revision date listed at the top. When we make material changes to this Policy, we'll provide you with prominent notice as appropriate under the circumstances. For example, we may display a prominent notice within the Website or send you an email or device notification.
HOW TO CONTACT US
For any questions and concerns regarding this Policy, you may contact Imavox (AIO) either by : email (service@imavox.global) or phone at +41 21 320 12 90 or you can writing to us at imavox SA, ch. du crêt des pierres 4, 1090 La Croix sur Lutry – Lausanne, Switzerland.