Data Protection & Privacy Policy

 

 

This is your guide to how personal data is managed by PREMC. Data privacy is taken very seriously at PREMC. It is important that you know exactly what we do with the personal information you and others provide to us, why we gather it and what it means to you.

This document outlines our approach to Data Privacy to fulfil our obligations under the General Data Protection Regulation (2018).

  1. Who we are
  2. The information we collect about you
  3. When and how we collect information about you
  4. How we use your information*
  5. Who we share your information with
  6. Data Transfers Outside the EU
  7. Implications of not providing information
  8. The legal basis for using your information
  9. How to exercise your information rights (including the right to object)
  10. How to contact us
  11. Changes to this notice

* This notice applies to all our products and services. If you have any questions about how your information is gathered, stored, shared or used, please contact PREMC.

1. Who we are

Throughout this document, “we”, “us”, “our” and “ours” refer to PREMC.

“PREMC” means:
PREMC SAS
21 rue madame Curie,  92220 Bagneux, FRANCE.
email: info@premc.org
phone:  +331.46.60.89.40

web: www.premc.org

2. The information we collect about you

There are a number of reasons for gathering information about you. For instance, we need to know how to get in touch with you, we need to be certain of your identity if you are a Conference Participant. The information we collect falls into various categories.

Identity & contact information

Name, contact details, email address, mobile phone numbers, affiliation (laboratory, university, company…), occupation (Doctor, Professor, Student or other).

Financial details/circumstances

Financial account details for registration and invoicing.

Information you provide us about others or others provide us about you

If you give us information about someone else (for example, information about a Conference Participant), or someone gives us information about you, we may add it to any personal information we already hold and we will use it in the ways described in this Data Protection and Privacy Notice.

Consent

Before you disclose information to us about another person, you must be sure that you have their agreement to do so. You should also show them this Data Privacy Notice. You need to ensure they confirm that they know you are sharing their personal information with us for the purposes described in this Data Protection and Privacy Notice.

Sensitive / Special Categories of Data

We do not hold sensitive information about you as defined under the GDPR.

Information for Which you have Given Us Consent to Use and Process

This type of data may include:

  1. Information which you have consented to us using by disclosing it for the submission of your paper or for registration.
  2. Information which you have disclosed to us directly.
  3. Your agreement to allow us contact you through certain channels to offer you relevant services.
  4. Telephone and image recordings.
  5. Information in relation to data access, correction, restriction, deletion, porting requests and complaints.

Sometimes we may collect and use your information even though you are not a customer of ours

If we do so, we will apply the principles outlined in this Data Protection and Privacy Notice when dealing with your information.

3. When and how we collect information about you

As you use our services, make enquiries and engage with us, information is gathered about you. We may also collect information about you from other people and other parties, for example, when you browse on our website.

When do we collect information about you?

  1. When you use our website and online services provided by us, including mobile applications.
  2. When you or others give us information verbally or in writing. This information may be on application forms, in records of your transactions with us or if you make a complaint.
  3. When you use our services, including operating your account, we gather details about you.
  4. From information publicly available about you – for example in trade or university directories, online forums, websites, Facebook, Twitter, YouTube or other social media.
  5. When you make information about yourself publicly available on your social media accounts or where you choose to make information available to us.
  6. For a description on how social media services and other third party platforms, plug-ins, integrations or applications use your information, please refer to their respective privacy policies and terms of use, which may permit you to modify your privacy settings.

4. How we use your information

Whether we are using it to confirm your identity, to help in the processing of an account or to improve your experiences with us, your information is always handled with care and the principles outlined in this Data Protection and Privacy Notice are always applied.

We use your information:

  1. To provide our services to you, and to fulfil our contract with you.
  2. To provide our products and services to you and perform our contract with you, we use your information to:
    1. Establish your eligibility for our services.
    2. Manage and administer your accounts, policies, benefits or other services that we or our partners may provide to you.
    3. Contact you by post, phone, text message, email, social media, using our online application or other means, but not in a way contrary to your instructions to us or contrary to law.
    4. Recover debts you may owe us.
    5. Manage and respond to a complaint or appeal.
  3. To manage our business for our legitimate interests.

To manage our business we may use your information to:

  1. Provide service information, to improve our service quality and for training purposes
  1. Promote new events or conferences and conduct research, including customer surveys, analytics and related activities.

To run our business on a day to day basis including to:

  1. Carry out strategic planning and business management.
  2. Protect our business, reputation, resources and equipment, manage network and information security (for example, developing, testing and auditing our websites and other systems,
  3. Dealing with accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data, and the security of the related services) and prevent and detect fraud, dishonesty and other crimes (for example, to prevent someone trying to steal your identity).
  4. Enable our employees, servants or agents to share or access your information for internal administrative purposes, audit, prudential, statistical or research purposes (including making your data anonymous) to help us understand trends in customer behaviour, for helping us to understand our risks better and for the purposes set out in this Data Protection and Privacy Notice (but not for the purposes of direct marketing where you have objected to this).
  5. To comply with our legal and regulatory obligations
  6. We need to use your information to comply with legal and regulatory obligations including:
    1. Complying with your information rights.
    2. Providing you with statutory and regulatory information and statements.
    3. Establishing your identity,
    4. Complying with binding requests from regulatory bodies,
    5. Complying with binding production orders or search warrants, and orders relating to requests for mutual legal assistance in criminal matters received from foreign law enforcement agencies/prosecutors.
    6. For other reasons where a statutory reason
    7. Complying with court orders arising in civil or criminal proceedings.
    8. Performing a task carried out in the public interest.

When you have given us permission (which you can withdraw at any time) we may:

  1. Send electronic messages to you about service offers from us and/or our selected and trusted partners.
  2. Use transaction history/account information from your Submission or Registration Platform account to identify your fields of expertise in order to personalize offers that are exclusive and individual to you, based on your interests.
  3. Use information you have made public and combine with this with the activities outlined above.

When the Submission or Registration Platform providers ask for your consent, they will provide you with more information on how they will use your data in reliance on that consent, including in relation to third parties with which they would like your consent to share your data.

5. With whom do we share your information?

We offer a conference organization service to you which means that you have asked us to do our utmost to allow you to interact with your fellow conference delegates, paper co-authors and paper reviewers in a smooth and seamless way. We only share your information with a select number of individuals and companies, and only as necessary.

Sharing can occur in the following circumstances and/or with the following persons:

  1. Conference delegates, paper co-authors, paper reviewers, ancillary conference staff involved in organising and facilitating the smooth running of the conference will receive some of your personal data. This data will only be shared as necessary for the smooth running of the conference and meeting your needs. The data shared will vary, as required, but it may be any of the following, typically your name, institutional affiliation, contact details, dietary needs, special needs requirements, etc.
  2. Your authorised representatives:
    1. These include your attorney (under a Power of Attorney) and any other party authorised by you to receive your personal data.
    2. Third parties we need to share your information with in order to facilitate our services to you.
  3. We may disclose your information to our agents and third parties for administration, regulatory, customer care and service purposes.
  4. Your personal information remains protected when our service providers use it. We only permit service providers to use your information in accordance with our instructions, and we require that they have appropriate measures in place to protect your information.
  5. Our service providers include (or may include), networking application, invoicing tool, analytics companies, IT and telecommunication service providers, software development contractors, data processors, computer maintenance contractors, printing companies, archiving services suppliers, and consultants, including legal advisors.
  6. Statutory and regulatory bodies (including central and local government) and law enforcement authorities.
  7. These include the courts and those appointed by the courts, government departments, statutory and regulatory bodies in all jurisdictions where the PREMC operates including the Data Protection Commission.

6. Data Transfers Outside the EU

Transfer of Personal Data to Third Countries

In accordance with Chapter V of Regulation (EU) 2016/679 (General Data Protection Regulation or GDPR), we ensure that any transfer of personal data to a third country or an international organization outside the European Union (EU) or the European Economic Area (EEA) is carried out with an adequate level of protection. We ensure that the following safeguards are implemented:

  1. Adequacy Decisions:
    We transfer personal data to third countries or international organizations that the European Commission has deemed to provide an adequate level of data protection. These adequacy decisions ensure that your personal data enjoys the same level of protection as within the EU.
  2. Standard Contractual Clauses:
    In the absence of an adequacy decision, we may use the European Commission’s approved Standard Contractual Clauses (SCCs) to ensure that your data is protected when transferred to third countries.
  3. Binding Corporate Rules:
    For intra-group transfers, we may use Binding Corporate Rules (BCRs) approved by competent data protection authorities to ensure that your data is protected within our corporate group.
  4. Explicit Consent:
    In specific cases where none of the above safeguards are applicable, we will seek your explicit consent for the transfer of your personal data to a third country, after informing you of the potential risks associated with such transfers due to the absence of adequate protection.
  5. Specific Derogations:
    We may transfer your personal data based on specific derogations as defined in Article 49 of the GDPR, such as the necessity of the transfer for the performance of a contract between you and us, or for the establishment, exercise, or defense of legal claims.

Rights and Remedies

You have the right to obtain a copy of the safeguards we use for the transfer of your personal data outside the EU or the EEA. If you have any questions or need further information regarding international data transfers, please contact our Data Protection Officer

7. Implications of not providing information

Sharing information with us is in both your interest and ours.
We need your information in order to:

  1. Provide our services to you and fulfil our contract with you.
  2. Manage our business for our legitimate interests.
  3. Comply with our legal obligations.

Of course, you can choose not to share information, but doing so may limit the services we are able to provide to you.

We may not be able to provide you with certain products and services that you request. We may not be able to continue to provide you with or renew existing services. We may not be able to assess your suitability for a service.

8. The legal basis for using your information

We will use your data and share that data where:

  1. Its use is necessary in relation to a service or a contract that you have entered into or because you have asked for something to be done so you can enter into a contract with us.
  2. Its use is in accordance with our legitimate interests outlined in this notice.
  3. Its use is necessary because of a legal obligation that applies to us (except an obligation imposed by a contract).
  4. You have consented or explicitly consented to the using of your data in a specific way.
  5. Its use is necessary to protect your “vital interests”.
  6. Where you have made clearly sensitive categories of data about yourself public.
  7. Where the processing of special categories of data is necessary.

9. How to exercise your information rights (including the right to object)

You have several rights in relation to how we use your information. If you make your request electronically, we will, where possible, provide the relevant information electronically unless you ask us otherwise.

You have the right to:

  1. Find out if we use your information, to access your information and to receive copies of the information we have about you.
  2. Request that inaccurate information is corrected and incomplete information updated.
  3. Object to particular uses of your personal data where the legal basis for our use of your data is our legitimate business interests (for example, profiling we carry out for our legitimate business interests) or the performance of a task in the public interest. However, doing so may have an impact on the services we can / are willing to provide.
  4. Object to use of your personal data for direct offering purposes. If you object to this use, we will stop using your data for direct offering purposes.
  5. Have your data deleted or its use restricted – you have a right to this under certain circumstances. For example, where you withdraw consent you gave us previously and there is no other legal basis for us to retain it, or where you object to our use of your personal information for particular legitimate business interests.
  6. Withdraw consent at any time, where any processing is based on consent. If you withdraw your consent, it will not affect the lawfulness of processing based on your consent before its withdrawal.
  7. We are obliged to respond without undue delay. In most instances, we will respond within one calendar month. If we are unable to deal with your request fully within a calendar month (due to the complexity or number of requests), we may extend this period by a further two calendar months. Should this be necessary, we will explain the reasons why. If you make your request electronically, we will, where possible, provide the relevant information electronically unless you ask us otherwise.
  8. You have the right to complain to the Data Protection Commission or another supervisory authority.
  9. You can contact the French Office of the Data Protection Commissioner at https://www.cnil.fr/fr/vous-souhaitez-contacter-la-cnil (postal address: 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07)

10. How to contact us

PREMC SAS
21 rue madame Curie, 92220 Bagneux, FRANCE
email: info@premc.org
phone: +331.46.60.89.40

web: www.premc.org

11. Changes to this notice

We will update this Data Privacy Notice from time to time. Any changes will be made available on this page.

Dated: 25th May 2018