2. Information Obligation acc. Art 12-14 EU-GDPR (EU-DSGVO)
We are pleased to provide you with all information on the type, purpose and scope of the processing activities of your personal data.
2.1. Controller:
Mondial Congress & Events, Operngasse 20B, 1040 Wien
T: +43 1 58804 0 | F: +43 58804 - 185
E-Mail: dataprotection@mondial-congress.com
Management of the Controller: Mag. Stefan Walter
Data Protection Coordinators: Kemal Velic, Carola Precht
The data are collected in the frame of ISDS 2023.
2.2. Purposes of Processing:
Depending on the participant status and the bookings of the data subject (see Booking Overview E-Mail), the data are processed for one or more of the purposes listed below.
Processing Purpose
|
Data Categories
|
Participant Management
(Registration, Additional Bookings)
|
name
contact data
address data/invoice data
registration data
additional bookings
travel data (only if necessary)
passport data (only if necessary)
special dietary requirements (sensitive data)
|
Hotel Management
|
name
contact data
address data/invoice data
hotel booking data
travel data (only if necessary)
credit card guaranties (if requested)
|
Management Scientific Programme
(Abstract Handling, Invited Lectures)
|
name
contact data
address data/institution
data of abstract authors
abstract data (title & content)
lecture data (topic & title)
conflict of interest infos
|
Industry Management
(Exhibition & Sponsoring)
|
name
contact data
company data
|
General Organisation /
Accreditation & Compliance
|
name & city/country
contact data (only if necessary)
Institution/organisation (if necessary)
Specialisation (only if necessary)
Lecture data (speaker, topic, title)
|
General Organisation / Accounting
|
name
contact data
address data/invoice data
registration data
additional bookings
hotel booking data
bank data (only if necessary)
credit card data (only if necessary)
|
Marketing & Development
|
name
contact data
photos/films
statistical data*
data from post-congress survey*
* (ONLY anonymised)
|
2.3. Legal Basis for the data processing purposes:
Processing Purpose
|
Legal Basis
|
Participant Management
(Registration, Additional Bookings)
|
- Binding completion of the registration for the participation of the selected event
- Written confirmation of the group coordinator that participant data may be used
- Binding booking of ticket(s) to one or more social events of the selected event
- Consent of the data subject (sensitive data)
|
Hotel Management
|
- Binding completion of a hotel booking of the data subject or its group coordinator
- Written confirmation of the group coordinator that participant data may be used
|
Management Scientific Programme
(Invited Lectures)
|
- Binding commitment of the data subject to perform a lecture at the selected event
|
Industry Management
(Exhibition & Sponsoring)
|
- Binding contract conclusion of the data subject and the company represented by him/her to take part at the selected event
|
General Organisation
(Accreditation & Compliance, Accounting)
|
- Fulfillment of contract and law
- Legitimate interest of the controller (see point 4.4.)
|
Marketing & Development
|
- Legitimate interest of the controller (see point 4.1.-4.3.)
|
2.4. Third Party Data Recipients – Categories:
The recipients only receive the data they require, not your full data record. Your data will only be forwarded when the organisational process makes it necessary – in accordance with your bookings – and when a legal basis exists.
Processing Purpose
|
Data Categories
|
Recipient Categories
|
Participant Management
(Registration, Additional Bookings)
|
name
contact data
address data/invoice data
registration data
additional bookings
travel data (only if necessary)
passport data (only if necessary)
|
organising society, service providers (fulfilment agents)
|
special dietary requirements (sensitive data)
|
Caterer
|
Hotel Management
|
name
contact data
address data/invoice data
hotel booking data
travel data (only if necessary)
credit card guaranties (if requested)
|
Hotels
|
Management Scientific Programme
(Invited Lectures)
|
name
contact data
address data/institution
lecture data (topic & title)
conflict of interest infos
|
organising society, relevant accreditation authorities, service providers (fulfilment agents)
|
Industry Management
(Exhibition & Sponsoring)
|
name
contact data
company data
|
organising society, service providers (fulfilment agents)
|
General Organisation /
Accreditation & Compliance
|
name & city/country
contact data (only if necessary)
Institution/organisation (if necessary)
Specialisation (only if necessary)
Lecture data (speaker, topic, title)
|
organising society, relevant accreditation authorities, service providers (fulfilment agents)
|
General Organisation / Accounting
|
name
contact data
address data/invoice data
registration data
additional bookings
hotel booking data
honorarium data speakers (only if necessary)
bank data (only if necessary)
credit card data (only if necessary)
|
organising society, responsible authorities, bank, fiscal office, tax consultant, service providers (fulfilment agents)
|
Marketing
|
name
contact data
|
online mailing provider
|
Development
|
statistical data*
data from post-congress survey*
* (ONLY anonymised)
|
organising society
|
2.5. Transfer to Third Country:
The following third party organisations are not active in the EU:
Mailchimp – USA / Online Mailing Provider / adequacy decision of EU = Standard Contractual Clauses (SCCs), Mailchimp participates in and has certified its compliance to the Standard Contractual Clauses (SCCs).
2.6. Data Storage Period:
Credit Card Guarantees (i.e. for hotel bookings) are reviewable and saved encrypted until 2 weeks after event start, and irrecoverably deleted thereafter.
Sensitive data (special dietary requirements), which are collected with consent of the data subjects, as well as passport data and information submitted for statistical data collection are irrecoverably deleted with the end of the event wrap-up.
All other data are stored for 7 years, to meet the retention period according to the Austrian VAT Act 1994 (Umsatzsteuergesetz 1994) and to permit post-event support and service (i.e. belated participation confirmations, and presentation certificates).