|
Privacy Policy |
Effective as of 20th February 2025.
ABOUT THIS POLICY
The purpose of this Privacy Policy (hereinafter “the Policy”) is to describe how the International Council of Nurses processes and protects personal data of registered participants to its events (hereinafter “you”, “your”) together with Imavox (AIO) in compliance the Swiss Federal Act on Data Protection (“FADP”) and the European General Data Protection Regulation (EU) 2016/679 (“GDPR”), hereinafter “Applicable Law”.
DATA CONTROLLER
The International Council of Nurses, 3 place Jean-Marteau, 1201 Geneva, Switzerland and Imavox (AIO), Av. de Préville 4, 1510 Moudon, are acting as joint data controllers (hereinafter “ICN”, “we”, “our” or “us”) for the personal data concerned in this Policy.
YOUR PERSONAL DATA RIGHTS AND CONTROLS
Data privacy laws, including the General Data Protection Regulation (“GDPR”), give rights to individuals over their personal data.
What is Personal Data?
Personal data may be any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, an online identifier or to one or more factors specific to that natural person.
In the table below, your rights and their descriptions are outlined.
|
|
It is your right to: |
|
Access |
Be informed of the personal data we process about you and request access to it |
|
Rectification |
Request that we amend or update your personal data where it’s inaccurate or incomplete |
|
Erasure |
Request that we delete certain of your personal data |
|
Restriction |
Request that we temporarily or permanently stop processing all or some of your personal data |
|
Object |
Object to us processing your personal data at any time, on grounds relating to your particular situation. Object to your personal data being processed for direct marketing purposes |
|
Data portability |
Request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service |
|
Not to be subject to automated decision-making |
Not be subject to a decision based solely on automated decision-making (decisions without human involvement), including profiling, where the decision would have a legal effect on you or produce a similarly significant effect |
To exercise these rights, you are free to contact Imavox (AIO) at service@imavox.global.
PERSONAL DATA PROCESSING
We collect personal data either directly from you, typically through forms on our website, or indirectly during your interactions with us (like cookies).
Regarding data collected directly from you, we indicate all mandatory information on our forms with an asterisk. If you do not answer the mandatory questions, you will not be able to register for the event.
The following list of data could be collected while you register to an event:
|
Category |
Description |
|
Participant account information |
Registration number, e-mail address, year of birth. |
|
Participant contact information: |
Full name, mobile phone number, address, company name, address and VAT number (if applicable), and additional information submitted by the Participant and/or their organization, |
|
Participant registration information: |
educational, employment and professional background such as title, license, role and industry, professional expertise, abstract, documentation or proof of a professional status (if required for a special fee), and when applicable travel grant request and accessibility and dietary requirements (upon consent). Participants photo image: personal photo image (upon consent) |
|
Payment and purchase data |
Personal data that the third-party payment gateway Stripe, with servers located in the US, to be able to collect payment for tickets. (this data collection only applies to events that have paid tickets) |
|
Other information: |
With respect to a speaker or a lecturer, additional information may be processed such as the content of the lecture and a recording of the lecture during the event. |
OUR PURPOSES FOR USING YOUR PERSONAL DATA
The table below sets out:
- Our purpose for processing your personal data
- Our legal justifications (each called a "legal basis") under data protection law, for each purpose
- Categories of personal data which we use for each purpose (see more about these categories in Section 3 ‘’Purpose of collecting data’’)
Here is a general explanation of each "legal basis" to help you understand the table:
Legitimate interest: When we have an interest in using your personal data in a certain way, which may be necessary and justified considering any possible risks to you.. For example, using your Usage Data to improve the Imavox (AIO) website for all Customers. Contact us if you want to understand a specific justification.
Contract : When Imavox (AIO) must process your personal data to comply with a contract.
|
Purpose for processing your data |
Legal basis that permits the purpose |
Categories of personal data used for purpose |
Data Controller |
|
To organize and manage an in-person or virtual event. |
Legitimate Interest Consent (for pictures, accessibility and dietary requirements only) |
Participant account information Participant contact information Participant registration information Payment and purchase data Other information |
ICN and AIO |
|
To manage operations, including to further the goals of the association, statistical analysis, promotion of future educational initiatives and developing the association membership. |
Legitimate Interest Consent (if needed)
|
Participant account information Participant contact information Payment and purchase data |
ICN |
|
To comply with legal obligations and law enforcement requests. |
Compliance with legal obligations Legitimate interest
|
Participant account information Participant contact information Participant registration information Payment and purchase data Other information |
ICN and AIO |
DATA RETENTION AND DELETION
Retention
In order to comply with the principle of data minimization, your personal data is only kept for as long as is necessary to achieve the above-mentioned purposes.
- Identification data collected for events will be kept for 1 year post-event and a maximum of 2 years when required by the organizer (e.g., AGM)
In order to comply with our legal obligations, certain personal data is retained for a longer period (for example, to fulfill our billing obligations), as well as to exercise certain rights (especially to take legal action). If applicable, this data will be retained for the duration imposed by the legal obligation or until the expiration of the statute of limitations for legal action.
Data recipients
Within the context of management of this processing, the data processed is reserved for the use of the event only and can only be communicated internally and/or to the organizer responsible for organizing this event.
Deletion
If you close or request that we terminate your account, we'll delete or anonymize your personal data so it no longer identifies you, unless we are required to keep information if there is a need to use it for a legally justifiable reason.
Here are some examples of situations where we're legally allowed or required to keep some of your personal data:
- If there's an unresolved issue relating to your account, such as an outstanding credit or unresolved claim or dispute.
- For our legal, tax, audit and accounting obligations.
- For our legitimate business interests such as fraud prevention or to maintain security.
Imavox (AIO) can be requested at any moment to delete your user data. To do so, please contact us at:
email (service@imavox.global)
phone at +41 21 320 12 90
writing to us at Imavox sa, ch. du Crêt des Pierres 4, 1090 La Croix sur Lutry – Lausanne, Switzerland
we will also treat your request by contacting us on the congress email: contact@icncongress.org
SECURITY AND CONFIDENTIALITY OF YOUR DATA
We implement appropriate measures to preserve the security and confidentiality of your personal data and, in particular, to prevent it from being distorted, damaged, or accessed by unauthorized third parties. Further, we do not authorize the use of spamming, phishing, junk emails, or any other form of inappropriate or illegal form of external communication..
Any personal data processed by us is kept on secure servers in Europe. We use reasonable administrative and technical personnel, and physical measures including training, and restricted accessed to safeguard personal data against loss, unauthorized access, use, disclosure, or modification and to ensure the integrity of the personal data. Additionally, we ensure to process your personal data only for the purposes mentioned in this privacy notice and to keep data no longer than necessary.
INTERNATIONAL TRANSFER OF YOUR DATA
Your personal data may be stored and processed in any country in the world where we have facilities or service providers, or where we are holding an in-person event. This currently includes mainly the following countries: European Union countries, United States of America, Singapore, Mauritius, and India. These countries may have different data protection rules to those in your country of residence.
Some countries outside your country of residence are recognized as offering an adequate level of data protection; others, however, are not. For transfers to countries that are not recognized as offering an adequate level of data protection (such as, among others, Mauritius and India), we have ensured that adequate measures are in place, including ensuring that the recipient is bound by the European Commission's revised Standard Contractual Clauses (including adjustments and additions necessary for use under Swiss data protection law) to adequately protect your personal data, as required by the GDPR.
CHANGES TO THIS POLICY
We may occasionally make changes to this Policy. When we make material changes to this Policy, we'll provide you with prominent notice as appropriate under the circumstances. For example, we may display a prominent notice within the ICN website or send you an email or device notification.
HOW TO CONTACT US
For any questions and concerns regarding this Policy, you may contact Imavox (AIO) either by:
email (service@imavox.global)
phone at +41 21 320 12 90
writing to us at imavox SA, ch. du crêt des pierres 4, 1090 La Croix sur Lutry – Lausanne, Switzerland.