Balancing of interests
For some purposes, we process your personal data taking a balancing of interests as the legal basis for the processing. In the balancing of interests, we have assessed that our legitimate interest in carrying out the processing outweighs your interest and your fundamental rights to not have the data processed. What constitutes our legitimate interest is shown in the tables above. If you would like detailed information about the balancing of interests we have carried out, you can contact us. You will find our contact details in the introduction to this policy.
Who has access to your personal data?
Your personal data is basically only processed by MEETX and the organiser. However, we cooperate with other companies and organisations that may have access to your personal data if this is necessary to fulfil our commitments to you, or if the recipient is an external or internal IT provider employed by us to assist us technically with any part of our operation in the capacity of data processor.
Below we describe with whom we share your personal data. You can contact us if you would like further information on who has access to your personal data.
- If MEETX has been commissioned to manage your reservation of accommodation and food, we will share your personal data with the specific hotel, facility and restaurant(s) you will visit during your congress or conference. If required, we will also share your data with travel suppliers, exhibition suppliers, communication agencies, printing companies or other parties involved in the planning of the congress or conference. However, each of these only has access to your personal data to the extent necessary to fulfil their obligations in relation to us or for us to be able to make bookings for you.
- In order for you to be invited to the next congress or conference on the same or a similar topic, we may also share your personal data with a new organiser, even if the congress or conference will be administered by someone other than MEETX next time.
- We share information about you with our specially selected internal and external IT suppliers for administration of your registration for the congress or conference. However, these suppliers only have access to your personal data to the extent necessary to fulfil their obligations in relation to us.
- In order for participants to know who else is participating in the congress or conference, we may provide a list of participants.
- In order to administer your payment, we will share your personal data with the supplier(s) who provide the service we use to make the payment.
- When you participate as a speaker or contributor at one of our conferences, your data will be visible to the participants and in marketing contexts. We also cooperate with other companies and organisations that may have access to your personal data if this is necessary to fulfil our commitments to you as our customer, or if the recipient is an external or internal IT provider employed by us to assist us technically with any part of our operation. You can contact us if you would like further information on what parties have access to your personal data.
- In order to inform about the conference on the website, in printed products and in social media, we can share pictures and films where you have participated in at one of our conferences.
The treatment is motivated by our legitimate interest in being able to inform about the conference.
Pictures or movies that may include you may be used on the website, in printed products and in social media until you request them to be removed.
Transfer outside EU/EES
As a rule, we process your personal data within the EU/EEA, but in some circumstances, we may use suppliers outside the EU/EEA.
When we transfer personal data outside the EU/EEA, this is only done if we have a legal basis for the transfer in accordance with applicable laws and regulations for data protection. This means that we may transfer personal data to Privacy Shield-certified processors in the United States. According to a decision of the European Commission, personal data may be transferred to recipients in the United States, provided that the recipient is Privacy Shield-certified. Privacy Shield is an agreement between the EU and the United States that aims to protect EU citizens’ fundamental rights and to guarantee legal certainty for companies that transfer personal data to the United States. For recipients that are not Privacy Shield-certified, we may transfer your personal data outside the EU/EEA, subject to standard data protection provisions adopted by the European Commission. We may also transfer your personal data to a country that the European Commission has deemed to have an adequate level of protection for the processing of personal data.
You have certain rights with regard to the processing of your personal data. You are welcome to contact us to exercise your rights. Our contact details can be found on the first page of this policy.
Withdrawing your consent
You have the right at any time to withdraw all or part of any consent you have given to the processing of personal data. However, if you withdraw your consent, this has no effect on our processing of your personal data during the period prior to the withdrawal.
Right of access
You are entitled to obtain confirmation as to whether or not personal data relating to you is being processed, as well as access to information on how such personal data is being processed, such as the purposes of the processing and the categories of personal data concerned. You are also entitled to a copy of the personal data being processed.
Right to rectification
You are also entitled, without undue delay, to have incorrect personal data corrected, as well as to provide information to supplement any incomplete personal data.
Right to erasure (the right to be forgotten)
In certain circumstances, you are entitled to request the erasure of your personal data. You have this right if:
- the personal data is no longer necessary for the purposes for which it was collected or was being processed;
- you withdraw your consent on which the processing is based and where there is no other legal basis for the processing;
- you object to the processing and there are no legitimate grounds to continue with the processing that outweighs your legitimate grounds for it not to continue;
- the personal data has been processed unlawfully; or
- the personal data must be erased in order to comply with a legal obligation to which MEETX is subject.
MEETX will erase your personal data on request, provided MEETX does not have a duty to save the personal data in accordance with applicable laws and regulations for data protection.
Right to restriction of processing
In certain circumstances, you are entitled to request that the processing of your personal data be restricted. You have this right if:
- you dispute the accuracy of the data (but only for a period that enables us to verify this);
- the processing is unlawful and you object to your personal data being erased, and instead request a restriction on its use;
- you need the personal data in order to exercise or defend legal claims, despite the fact that we no longer need the personal data for our purpose of the processing; or
- you have objected to the processing and we have not checked whether our legitimate interest in processing your personal data outweighs your legitimate grounds to have the processing of your personal data restricted.
Right to object to processing
You are entitled to object at any time to the processing of your personal data based on a balance of interests. However, this does not apply if we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms or if it is done for the establishment, exercise or defence of legal claims.
You are also entitled to object to your personal data being processed for marketing purposes. If you object to marketing, your personal data will no longer be processed for such purposes.
Right to lodge a complaint
You are entitled to lodge complaints with the competent supervisory authority (without prejudice to any other administrative or judicial remedy). Such complaints can be lodged with the authority of the Member State in the EU/EEA where you have your normal residence, where you work, or where a breach of the applicable laws and regulations for data protection is alleged to have occurred. The competent supervisory authority in Sweden is the Swedish Data Protection Authority.
Right to data portability
You are entitled, in certain circumstances, to have the personal data concerning you provided to you in a structured, commonly used and machine-readable format and you are entitled to transfer the said data to another data controller (data portability). You have the right to data portability when:
- the processing is based on your consent or a contract; and
- the processing is automated.
You are entitled to transfer personal data directly from us to another data controller when this is technically possible.