Swiss Virtual EXPO, later called ” SVE”, believes that it is essential that the technological development and the integration of technology in the production and communication processes of individuals and companies is associated with an adequate protection of data, especially personal data.
SVE particularly respects the applicable data protection provisions, in particular the Federal Data Protection Act (DPA), while also taking into account, where necessary, other applicable legislations, in particular the European Regulation (EU) 2016/679.
This Policy may be modified at any time. The latest version is always available at www.swissvirtualexpo.ch
1. Owner of the treatment
Ated – ICT Ticino is responsible for the collection and processing of personal data in relation to the use of the platform and the related Swiss Virtual Expo services.
2. Contact person
Questions or comments about this Policy or how we handle personal data should be directed to:
Cristina Giotto – firstname.lastname@example.org
If you have any concerns about our data processing practices, you may contact the responsible data protection supervisory authority, which is the Federal Data Protection and Information Commissioner (FDPIC).
3.How and what personal data we collect and process
We collect personal data when you use our services, a new SVE account, submit information via a web form, add, update or change information in your account, when you transmit data to an exhibitor, when you purchase goods or services through SVE, interact with other visitors or exhibitors. We may also collect personal data through third parties. In a nutshell, collection may occur:
- Directly: for example, through the completion of online forms, registration processes, newsletter subscription, event and/or webinar registration, or during face-to-face exchanges at our offices or those of third parties.
- Indirectly: there are multiple freely accessible sources that allow you to acquire information for example:
- Public Sources – Personal data may be obtained from public records (such as business records), news articles, Internet research.
- Social networking and professional websites – by accessing our services and/or associating with each other via social media (e.g. LinkedIn, Instagram or Twitter), information like, for example, your name and email address and, depending on the privacy settings of the respective social media, other information may be collected;
- From Exhibitors: in order to fulfill their contractual obligations to us, exhibitors may be required to provide information that includes personal data, including for statistical purposes and to be able to perform maintenance and development work in a coordinated and least disruptive manner (knowing peak attendance helps us, for example, to avoid such times when performing upgrades or other procedures that may impact performance and experience).
On the other hand, the content of communications between visitors and between visitors and exhibitors is encrypted using end-to-end technology and the content of communications therefore remains confidential.
3.2 Which data?
Notifying information, such as name, address, phone numbers, email addresses, user name, provided when creating an SVE account or at a later time.
Other data as far as the user registers as an exhibitor and therefore further information is required such as no.VAT number, bank account, transaction data, payment data, etc.
Location data, including general location data (for example, IP address) and details of the exact location of the mobile device. Please note that most mobile devices allow you to set or disable the use of location services for all applications in the settings menu of your mobile device. In addition, many modern operating systems and browsers have default settings to block the transmission of such data without your express consent (opt-in). Please consult the device and application guides in this regard.
Computer and connection information, such as statistics about visits to SVE services, information about traffic to and from websites, referring URLs, advertising information, IP address, access times, browser history, language preferences, and web log information.
Personal data are the basis of our activity; it is a virtual fair that always puts the human being at the center; for this reason we care about transparent communication with our users and/or guests. The collected data allows us to manage, promote, administer the fair, the exhibitors, the guests and to take the necessary security measures. Personal data helps us to ensure the identity of visitors and exhibitors, to promote the security of the event, to collect data to improve services and, where appropriate, to customize offers, and to make your visit as pleasant and profitable as possible. Personal data are also necessary for the creation of avatars and for the stand set-up.
4. Purposes and legal bases of data processing and categories of recipients
We can rely on the following legitimate purposes when we collect and use personal data to run our business and provide our products and services:
Possiamo elaborare i dati personali al fine di eseguire i nostri obblighi contrattuali, ad esempio per fornire i servizi e i prodotti (stand, spazi riservati, pubblicità, ecc).
- Legitimate/lawful interests
We may rely on legitimate interests based on our judgment that processing is carried out in a fair, considered and proportionate manner for the purposes and to protect our company, its employees and third parties, to prevent fraud and improper use in accordance with contractual or legal regulations or to comply with legal obligations or legitimate requests from judicial and administrative authorities and to ensure the safety of all users of the fair.
We can rely on the consent freely given by the interested party at the time he or she provided his or her personal data, for example, for the marketing activity – to provide timely industry insights and professional knowledge, offers and invitations that we believe will be of value to our users, exhibitors, subscribers and third parties.
5. International data transfers
Some of the recipients of personal data may be located outside Switzerland or the EU. We provide appropriate guarantees when transferring data to such recipients. Third countries that provide an adequate level of data protection are verified by the FDPIC, who keeps an up-to-date list:
Similarly, the European Commission provides a list of states that offer the necessary guarantees.
To the extent that a transfer outside the SEE area is necessary, Eu the SVE will provide the necessary guarantees, for example by concluding data protection contracts with the recipients adopted by the FDPIC or other measures required by law. A copy of the documentation of the measures we have taken is available on request.
6. Storage and cancellation period
7. Personal data security
We have put in place appropriate technical and organisational security policies and procedures to protect personal data (including sensitive personal data) from loss, misuse, alteration or destruction. SVM’s protection of personal data in connection with the provision of professional services, including people, processes and technologies for the design, implementation operations and support of the data processing infrastructure is done through Certified Partners. The technical infrastructure is located in Switzerland and is managed and owned by Swisscom (click here for Swisscom’s information).
We restrict access to personal data in general. Persons who have access to the data are required to maintain the privacy of that information. We may apply pseudonymisation, de-identification and anonymisation in an attempt to further protect personal data.
If you access parts of our websites or use our services, you are responsible for keeping your user ID and password reserved. Please be aware that the transmission of data via the Internet is not completely secure. Although we do our best to try to protect the security of your personal data, we cannot ensure or warrant the security of any data transmitted to our site; any transmission is at your own risk.
8. Rights as an interested person
Unless otherwise provided for in applicable law, the data subject has the right to access, rectification, erasure, restriction of processing and transfer of his/her personal data. He or she may also revoke consent once given and object to the processing on the basis of legitimate interests. It is also possible to lodge a complaint with the supervising authority, which in Switzerland is, as stated in pto. 2, the FDPIC.
Before responding to any request concerning the rights of data subjects and before following up any request for access, rectification, deletion, etc., SEV may request the necessary evidence for personal identification in order to prevent misuse and to safeguard the personal data processed. If provided for by the law applicable to the data subject, the data subject shall have, among others, the following rights:
- Access – the data subject may ask to check whether we are processing personal data concerning him or her and, if so, to provide more specific information;
- Correction – You may ask us to correct our records if you demonstrate that they contain inaccurate or incomplete information.
- Cancellation – the data subject may request that personal data be deleted after that person has revoked their consent to the processing or when we no longer need them for the purpose for which they were originally collected and there are no storage requirements.
- Treatment restriction – The data subject may request that the processing of personal data be temporarily restricted if he or she contests its accuracy.
- Data portability – In certain circumstances, if you have provided us with personal data, you may ask us to transmit such personal data in electronic form, if technically possible.
- Automated individual decision process – the data subject can ask for a revision of any decision we may have taken solely on the basis of automated processing, including profiling, which has produced legal effects concerning or affecting the data subject.
- Right to object to marketing, including profiling – the data subject may object to their personal data being used for marketing purposes, including profiling. We may need to keep certain minimum information to comply with your request to cease marketing to you.
- Right to revoke consent – The data subject may withdraw the consent you have previously given for one or more specific purposes of the processing of his or her personal data. This will not affect the lawfulness of any processing carried out before the revocation of the consent.
Any requests should be sent to:
ated – ICT Ticino – CP 1261 – 6502 Bellinzona
Although SVM will give absolute importance to the request of the person interested, the processing of the request may not take place before 30 working days after its receipt.
9. Cookies and similar technologies