This Policy applies when your data are collected on the websites published by the entities of the Comexposium Group (hereinafter the "Sites") and in the context of your relations of any kind with the Company.
Personal Data (hereinafter referred to as "Data") is any information relating to an identified or identifiable natural person; ‘identifiable natural person’ means a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, identification number, location data, an online identifier, or to one or more elements specific to their physical, physiological, genetic, psychological, economic, cultural or social identity, as defined in applicable regulations.
1 – Which data are collected?
Depending on how you interact with the Company and the purpose of this interaction, the Company may collect the following Data:
- Personal data relating to your identity: this includes your surname, first name, e-mail address, postal address or telephone number and your profile (visitor, exhibitor, supplier, etc.).
- Personal Data relating to your order: this refers to all the information required to satisfy and complete your order, in particular information relating to the credit card used (cardholder's name, card number, expiry date, etc.), details of the order, the date of the order, and exchanges with the commercial relations department. In all cases, payment data is processed in accordance with the applicable regulations and security standards.
- Personal Data relating to the connection and use of the Account when you are its holder: this Data refers to all the information you need to access your personal account, as well as that relating to the use of the Customer Account, in particular your login and password, your choices and preferences, and the history of events in which you have participated. In any case, the Customer Account is subject to specific general conditions of use.
- Browsing data: this Data refers to the way the User navigates on the Website. This data may include the IP address, screen resolution, browser used, browsing time, search history, operating system used, language and pages viewed.
- Data on the use of social media: when you interact with social media features, these communications are governed by the personal data protection policies of the social media platforms to which we invite you to refer to.
2 – How is your data collected?
2.1. Depending on how you interact with the Company, the latter may collect your Data according to the procedures described below.
2.2. The Company collects your Data directly from you, including when you fill in a contact or registration form, place an order or write to the Company (for example, by sending it an email).
2.3. The Company collects your Data indirectly when you browse the Sites by means of cookies and tags, in the conditions defined above. The Company also collects your Data via third party social media when you use the account you hold with these parties to log on or register for an event.
2.4. When you submit Data to the Company, it is your responsibility to ensure that it is accurate and complete. When necessary, you must update your data.
2.5. The Data presented as mandatory is necessary to manage your request and to enable us to provide you with the requested services. The mandatory or optional nature of the Data is indicated on the forms, as well as the possible consequences in case of failure to respond.
3 – Why is your data collected?
3.1 Your Data is processed by the Company for the following purposes, both in connection with your use of the Website and your participation in events organized by the Company or with which it has been entrusted.
3.2 Your Data is processed for the requests you make and to contact you.
- If you are a customer, based on the fulfilment of the contract signed with the Company (general pre-registration conditions, general conditions of sale of Tickets or general conditions of participation), your Data is processed to manage your requests for participation and orders and organize your participation and visits to the events we organize or whose organisation has been entrusted to us.
- If you are a professional prospect, the Company may send you its news and commercial information through all channels based on its legitimate interest in promoting the events it organizes.
- If you are a non-professional prospect, the Company may send you its news and commercial information via any channel if you have given your consent.
3.3 In a continuous-improvement perspective of the events it organizes, your Data is also processed by the Company to send you post-event surveys and analyse the results.
3.4 Based on your consent, the Company may also send you, through all channels, news and commercial information concerning events organized by other entities of the Comexposium Group and/or partner services.
3.5 With your consent where required, your Data may also be processed to (i) analyse your preferences and habits, (ii) customise and optimise your experience the Comexposium Group Sites by allowing you to access certain features, as well as to develop the interactivity of the Sites, (iii) perform statistics, in particular on the effectiveness of the Comexposium Group prospecting campaigns.
4 – Who are the recipients of your data ?
4.1. Your Data are processed by the Company's internal teams. In addition, only service providers and their staff, who have limited powers, are authorised to access your Data with regard to specific services entrusted to them, which they must carry out exclusively for the Company in strict compliance with obligations, particularly concerning security and confidentiality.
4.2. With your consent when required, your Data may be transmitted to the entities of the Group to which The Company belongs, and to partners in particular, so that they may send you information and news about the services and products they offer.
4.3. When required by current regulations, the Company may transmit your Data to organisations and authorities legally authorised to access them (notably the judicial and administrative authorities).
5 – How is your data protected?
The Company takes all appropriate organisational and technical measures to preserve the security, integrity and confidentiality of your personal data in order, in particular, to prevent them from being distorted, damaged, disclosed or accessed by unauthorized third parties.
The Company also implements internal procedures to guarantee the security of your Personal Data when it is used, transferred or stored. We also maintain the procedures in place to ensure compliance with Applicable Regulation.
These security procedures include:
- The commitment on the part of our service providers and subcontractors, when we use their services, in particular to make the Site and its content available to you, or to carry out your orders, to respect their contractual obligations in order to ensure adequate protection of the Personal Data to which they have access.
- Limiting access to your Personal Data to employees subject to an obligation of confidentiality, and whose access to your Personal Data is necessary to provide you with products and services and/or justified within the scope of their duties;
- Storage of your Personal Data on servers offering every guarantee of security. In accordance with Applicable Regulations, data is kept for the periods mentioned in article 7.
6 – What are your rights?
6.1. In accordance with the applicable regulations and under the conditions given therein, you may exercise the following at any time:
- Right of access: You may request from the Company information on the processing of your Data and a copy of said Data.
- Right to rectification: You may request the rectification of inaccurate personal Data concerning you when that held by the Company is incorrect or incomplete.
- Right to erasure (“right to be forgotten”): You have the right to obtain from the Company the erasure of your Data in the event of one of the reasons provided in the regulations (uselessness of the Data, withdrawal of your consent for the processing based on said consent, etc.).
- Right to object: You have the right to object to processing of your personal Data at any time for reasons relating to your particular situation, including for direct marketing purposes.
- Right to data portability: You have the right to receive your personal Data in a structured, commonly used, and machine-readable format. This right applies only when the Data is provided to The Company by you or is the result of your use of its services. This Data is processed based on your consent or the performance of a contract.
- Right to restriction of processing: You may ask The Company to suspend the processing of your Data in the event of one of the reasons provided in the regulations (challenge of the accuracy of the data, etc.).
Under the conditions defined by the regulations, you also have the right to define general or specific guidelines concerning what happens to your Data after your death. You are informed, however, that only specific directives relating to Data processing carried out by the Company for the purposes defined in this Policy will be recorded by the Company, subject to your specific consent.
6.2. When your Data is processed with your consent, you may revoke it at any time. However, you are advised that the processing implemented prior to this revocation will remain valid.
6.3. You can exercise your rights by contacting the Company, by e-mail to [email protected] or by post to: Groupe COMEXPOSIUM – Data Protection - 70 avenue du Général de Gaulle, 92058 Paris La Défense cedex.
You are also informed that, in certain cases, the features of the Sites allow you to consult and modify the Data you have communicated to The Company.
The Company takes utmost care with your Data; however if you consider that the processing infringes your rights, you have the right to file a complaint with the French Data Protection Agency (Cnil) - 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07.
7 – How long do we keep your data?
7.1. The Company keeps your Data for a period that does not exceed the time required for the purposes indicated by this Policy. Beyond this period, your Data maybe archived to respect the legal obligations incumbent upon the Company, or deleted.
7.2. The Data used to establish proof of a right or contract, or kept in compliance with a legal obligation by The Company, will be archived in accordance with applicable provisions.
7.3. The Company takes into account the seasonality of the events it organizes. For this purpose, you will find below the storage times defined according to event type.
8 – Transfer of data
For hosting and processing your Data, The Company focuses on resources located in the territory of the European Union. Nevertheless, if a transfer of Data to a third country outside the European Union becomes necessary, specific information will be provided to you by The Company.
9 – Amendments to this data protection policy
9.1. Any amendments to this Policy by The Company will be updated on the Site.
9.2. The User is invited to consult this Policy regularly to review any updates or modifications.
9.3. If any of the clauses in this Policy are declared void or contrary to the regulations, they will be deemed unwritten but will not invalidate the other clauses of the Policy.