CONGRESS: RETAIL TRENDS 2023
PLACE: MCC Mazurkas Okęcie (Poznańska 177, Ożarów Mazowiecki)
DATE: 25 MAY 2023
Under Article 13 of Directive of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 (GDPR) we inform that:
- The controller of personal data is Wydawnictwo Gospodarcze sp. z o.o, with its registered office in Warsaw (02-676) at ul. Postępu 18B. To any matters relating to the processing of personal data and exercising your rights related to the processing of personal data, please contact our Personal Data Officer at the following e-mail: address firstname.lastname@example.org
• organisation of the Congress – the legal basis is the necessity of the data processing in order to conclude and perform the contract in case of contractual parties or the Controller’s legitimate interest in other cases (Article 6(1)(b) or (1)(f) of the GDPR),
• the Controller’s accounting and tax settlements – the legal basis is the necessity of the processing to fulfil a legal obligation of the Controller (Article 6(1)(c) of the GDPR),
• conducting marketing activities and promotion of the Controller’s and third parties’ products and services and to make the data available to these entities, including for profiling – the legal basis is the consent granted or the implementation of the Controller’s or third party’s legitimate interest in the form of marketing (Article 6(1)(a) or (f) of the GDPR),
• registration, storage, making available and dissemination of the course of the event in the form of an image and sound, including also statements and images of the Participants and their representatives and personnel, as well as dissemination of these materials – the legal basis is pursuing of the legitimate interests of the Controller in the form of promotion and archiving (Article 6(1)(f) of the GDPR),
• performing organisational, administrative and IT service and security of the Congress, including contacting with the Participants and their representatives and personnel – the legal basis is pursuing of the legitimate interests of the Controller in the form of the organisation of the event (Article 6(1)(f) of the GDPR),
• the assertion and defence of claims and for archiving purposes – the legal basis is pursuing of the legitimate interests of the Controller (Article 6(1)(f) of the GDPR).
3. Providing personal data in the scope specified on the Form is a condition of agreement conclusion, if you do not provide them, you cannot take part in the Congress. We have obtained data of the representatives and personnel in the above scope directly from you or your employers.
4. Your personal data can be used for making automated decisions, including profiling, to match the offers to your preferences.
5. Personal data will be stored for the following periods:
• to the extent necessary for execution of the agreement – throughout its term,
• with regard to accounting and tax data, until the expiry of the limiitation period for fiscal and accounting obligations related to the accounting records,
• with regard to the consent given – until it is revoked,
• to the extent to which personal data are processed on the basis of the legitimate interest of the Controller – until this interest has been pursued or until effective objection is raised.
After these periods, we will process the data until the expiry of the limitation period for any civil law claims arising from the agreement or the business relationships.
6. The recipient of data can be:
• entities providing services to the Controller (i.e. IT and technical support services, accounting services, archiving, document digitalisation and destruction services, marketing agencies, catering companies and companies organising the congress, security services, external auditors, consulting and legal companies), whereby such entities process data as subcontractors, on the basis of a contract with the Controller and exclusively in accordance with its instructions,
• independent external service providers, suppliers, partners, (e.g. postal and operational services, financial and insurance services, document management services),
• law enforcement agencies and state authorities, when this is required by the applicable law.
7. You have the right to:
• access your data, request their rectification, deletion or limitation of their processing and – to the extent provided for in the agreement and consent – transfer your personal data,
• withdraw consent, whereby the withdrawal of consent shall not affect the lawfulness of processing carried out before its withdrawal,
• object to the processing of personal data insofar as the processing is based on the Controller’s legitimate interest;
• lodge a complaint with the supervisory body, if you decide that the processing of your personal data violates the provisions of the GDPR.
To exercise the above rights, please contact the Data Protection Officer via the email address stated above.