PRIVACY POLICY
Last updated February 2022
- Policy Application
We provide an online platform for conducting virtual events and exhibitions (hereinafter the “Service”). This Privacy Policy applies to your use of our Service, including your participation in any event hosted on the Service, in any capacity, including as our customer (event host) or customer representative, exhibitor or attendee/visitor. It also applies to the information we directly provide through our website.
In most cases, the Service is available to you under a separate agreement between us and our client (the host of the event).
This Privacy Policy also applies to your use of our website(www.easyvirtualfair.com).
In this Privacy Policy, “we,” “us,” and “our” mean EasyVirtualFair LLC, a Pennsylvania limited liability company, ZYL Tecnologia Consultoria E Inversiones SL, a legal entity organized under the laws of Spain, and any affiliates of such companies. Your personal data shall be managed by one or another company depending on the organizer and his assistants. If the organizer and attendees are located in the European Union, their data will be managed in the European Union.
When you access a fair or event managed by Easy Virtual Fair, it is the organizer or company promoting the fair or event who will be responsible for the personal data that is collected. In these cases, EASY VIRTUAL FAIR acts as the person in charge of processing the data and will limit itself to acting as a management platform for the events.
In the case in which the user directly visits our website or requests a quote, demonstration, or other additional information, EASY VIRTUAL FAIR will act as Data Controller.
We will provide you with accurate information about the processing of your personal data in the EU in accordance with the EU General Data Protection Regulation (GDPR) 2016/679 and the specific regulations that may be applicable at the local level.
- Legally binding agreement
By registering for any event, including by clicking the “Accept” button on a registration page or on our website, or by accessing or using the Service or our website, you accept and intend to be legally bound by this Privacy Policy in which we inform you of the processing of your personal data, including changes that may be posted on our website from time to time.
You must not participate in any event or use the Service or our website if you object to any of these practices or terms.
- Data security obligations
We use the systems infrastructure for the hosting, security and delivery of our Service and website, such as third-party cloud servers, which is consistent with commercially reasonable practices for comparable companies in the United States and in the case of the European Union, with the GDPR. Since we do not control them, we have no responsibility or liability, however, with regard to software, facilities, servers, systems or other third-party products, equipment or services, even if they are used for the provision of our Service or website.
We have implemented technical and administrative safeguards to manage your personally identifiable information that are designed to protect against unauthorized access, disclosure or use of your information by our employees and contractors and against reasonably anticipated third-party threats to the security of your information.
In coordination with our client, as applicable, we will inform you of any unauthorized access, disclosure or use of your information.
- Data privacy obligations and legal basis for processing
We will strive to maintain the privacy of your personal information, except as provided in this Privacy Policy.
We collect and process your personal information, either with your consent, as provided in this Privacy Policy, to execute the contractual relationship with the organizer or to satisfy our legitimate interest in conducting our business, including for the purposes described in point 6 below.
Admission rights: The organizing entity of the event, as well as EasyVirtualFair, reserve the right to be able to delete users from the fair during the course of of the event, when your messages on the different channels within the chat, video chat or webinars, are considered inappropriate, contrary to law or not good practices in the sector. In the scenario that the user is erased (this decision depends on the criteria of the organizer of the fair) they will not be able to access the platform with their account again. Therefore, if the user wishes to delete the data with which they have registered, they must send an email to dpo@easyvirtualfair.com, indicating the name of the fair in which they have participated, the date and the email address used to register for the event.
- Collecting Your Information
5.1- You provide us with your personal information when you participate in an event or use the Service or our website. When you “register” for an event or create an account with us, you provide us with information about yourself. At a minimum, this includes your first and last name, email address, and password. This is information that can be uniquely identified with you or provide access to your account. You may also provide us with additional personally identifiable information through your participation in an event or use of the Service or our website, such as information or comments you may provide or make during or after an event or comments you may leave in public areas of our website or your communications with us. If you register for an event organized by another entity (our client) we simply manage the registration and provide the platform on which the event takes place. Therefore, we do not collect data from trade fair attendees on our own behalf.
We will only process personal data on our own behalf (as Data Controllers) when the user contacts us to request information or other direct dealings with our company.
You consent to the processing of your personal information by our client. Our customer may collect personal information about you and may provide us with your personal information in the context of this service relationship. This may include your name, address, or phone number. You consent to our customer sharing this information with us and our receipt and, subject to this Privacy Policy, use of your information.
5.2- It allows us to use automatic data collection technologies, such as “cookies”. We keep track of the actions you take on our Service or website. In addition, certain anonymous information may be passively collected (i.e., collected without your actively providing the information) using various technologies, including browser cookies or small electronic files known as web beacons or tokens (also known as clear gifs, pixel tags or pixel gifs). When you access our Service or website from a computer, mobile phone, or other device, we may collect information from that device about your browser type, location, and IP address, as well as the pages you visit. We may use these or similar technologies to facilitate the use of our Service or website, to improve our communications, or to protect you and our Service or website. At the beginning of the navigation you will be asked to consent for these purposes. In any case, you can also remove or block these technologies using your browser settings, but in some cases that may affect your ability to use our Service or website.
You may share your personal data with other users, including through the “networking” feature of our service, and you consent to us collecting this data and sharing it with other users through our networking feature. This data shall include, among other things, the data we generate for your network business card, such as your name, company, job title and LinkedIn profile. However, other users will not be able to see your contact details.
- Disclosure and Use of Your Information
6.1- We do not share your personally identifiable information except for very specific purposes. These purposes include:
- To provide or administer our Service or website to our customer or to you and other users of our Service or website
- To work with our third-party service providers in connection with our Service or website, such as our cloud server providers, content providers, payment processors or email administrators. The corresponding data processing agreements have been signed with these providers.
- To communicate with you
- To market our service or website
- To offer or provide services jointly with other companies or organizations or to facilitate your use of their services
- To respond to lawful requests, including pursuant to subpoenas, court orders or other requests (including criminal and civil matters) if we believe in good faith that the response is required by law, to cooperate with law enforcement or other governmental authorities, or as otherwise required by applicable law
- To enforce our Terms of Participation or legal rights we may have
- To facilitate a sale or change of control of our business or our Service or website.
- To fulfill your requests or otherwise with your consent
6.2- However, we may disclose or use non-personally identifiable information (anonymized information). Whenever this information has been disconnected from your unique personally identifiable information, we may disclose or use it without limitations or restrictions, for any purpose, including after you delete your account. This includes aggregate information about users of our Service or website that may include your information, including for conducting market research.
- Certain Disclaimers and Obligations
- You are responsible for how you use information from our Service or website. This is the case even if the information on our Service or website includes errors or is not complete or correct. In addition, information on our Service or website will be provided by or from third parties other than us, and we have no responsibility for that information.
- You understand that our Service infrastructure or our website may be compromised. While we use commercially reasonable systems to support our Service or website, such as any technology, our Service infrastructure or website may not function, become inoperative or inaccessible, produce errors or lose, compromise, corrupt or report data inaccurately.
- You understand that our Service or website may experience a breach of security. As stated above, although we use commercially reasonable systems to protect our Service or website, such as any technology, our Service infrastructure or website may experience a security intrusion or data breach. Reasonable security measures have been taken to minimize the risks but we are aware that there are no foolproof security measures in place. In case of security breaches we have a security breach management protocol that includes the communication of the incident both to the authorities and to the users themselves.
- You will have limited legal rights against us. Except for our gross negligence resulting in a breach of this Privacy Policy, you hereby agree that in no event will we be liable to you, and you waive any rights you may have to any Damages (defined below) on our part. In addition, our liability will be limited as provided in point 11 below. This includes Damages arising out of (i) any breach of security or unauthorized disclosure, misappropriation or unauthorized use of or access to your information or (ii) any failure of our Service or website to function in any way or any loss, compromise or inaccuracy of information on our Service or website. “Damages” means any and all losses, claims, obligations, liabilities, actions, judgments, proceedings, demands, judgments, payments, costs and expenses (including court costs, amounts paid in the settlement, trials and reasonable attorneys’ fees and other expenses) and damages of any kind, nature or description.
- Certain rights you have
You have the right to request that we (i) provide you with access to your personal information, (ii) rectify or correct your personal information, (iii) erase your personal information, or (iv) restrict the processing of your personal information, including by providing it to third parties. You also are entitled to object to the processing, data portability, limitation of processing and to lodge a complaint with the relevant supervisory authority in your country of residence, if applicable. The above rights may be subject to certain limitations in accordance with applicable law.
- Your California Privacy Rights.
California Civil Code Section 1798.83 allows users of our Service or website who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send us an email to dpo@easyvirtualfair.com or to the following address: Paseo de la Castellana, 81, planta 15. 28046, Madrid, Spain. All requests must be labeled “Your California Privacy Rights” in the subject line of the email, envelope, or postcard. For all requests, clearly indicate that the request is related to “Your California Privacy Rights” and include your name, mailing address, city, state, zip code and e-mail address (your mailing address is optional if you wish to receive a response to your request by e-mail) and indicate your preference as to how our response to your request should be sent (i.e., e-mail or postal mail). We will not accept requests by phone or fax. We are not responsible for notices that are not labeled or sent correctly, or that do not have complete information.
- Users outside the United States:
1) Website user data will be stored by WordPress which has signed standard contractual clauses as a guarantee for international data transfers that may occur between the EU and the US.
If the user requesting information is located in the EU, they will be able to receive a first communication from the US. But the data will be derived and managed by our company in Spain and all subsequent processing of the data will be carried out in the European Union in compliance with the legal framework of the GDPR.
2) For events organized in any country in America, the servers are located in the USA. If the event takes place in Europe, the servers are always in Europe (usually in Ireland).
For the rest of the world, we can use servers in the USA, Europe or Asia (Singapore) according to proximity criteria.
- Our services in the European Union
In accordance with Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation or GDPR) we inform you about the processing of your personal data if it a EU citizen or belongs to an EU company.
Who is the controller responsible for your personal data?
ZYL TECNOLOGIA CONSULTORIA E INVERSIONES SL is the company that provides the services to the CONTROLLER for the USER’s personal data. The Data Controller will be, at all times, the organizer of the event in which you register. ZYL is a Data Processor for these purposes.
ZYL TECNOLOGÍA CONSULTORIA E INVERSIONES SL. is, in turn, Responsible for the treatment of:
- The data of your customers and suppliers
- The data of the users who register on the website www.easyvirtualfair.com in order to request information, a demo, contact us for any question related to our activity or send us a CV.
- Personal data (if any) we collect through cookies.
You can also contact our Data Protection Officer (DPO) at dpo@easyvirtualfair.com
Why do we process your personal data?
We process your personal data in order to provide the service contracted by our client and on your behalf we collect and process your personal data for the following purposes:
Maintain a commercial relationship with the user. The planned processing operations are:
-
- Manage your participation in an event.
- Sending of commercial advertising communications by e-mail, fax, SMS, MMS, social networks or by any other electronic or physical means, present or future, that enable the sending of commercial communications. These communications will be made by the CONTROLLER and shall be related to its products and services, or those of its partners or suppliers with whom it has entered into a promotional agreement. In this case, third parties will never have access to personal data.
- Perform market research and statistical analysis.
- Process orders, requests, respond to queries or any type of request made by the USER through any of the contact methods available on the RESPONSIBLE’s website.
- Send online newsletters, offers and promotions of our activity.
- If you agree to be part of the Networking, your personal data shall be processed to encourage users to network and make profiles of their interests and shall be shared with other users who will attend the same event.
For those processing activities for which we are responsible, we will use the data only to fulfill the purpose indicated for each treatment:
- Customers and suppliers: manage our commercial relationship with them
- Web users: to communicate and respond to your requests
Why can we process your personal data?
Because the processing is legitimized by Article 6 of the GDPR as follows:
- For the performance of a contract to which the data subject is a party: the user registers for an event and the Controller (the event organizer) provides that service.
- With the consent of the USER: sending commercial communications and newsletter. Join the network and share the data with other users.
- In the legitimate interest of the CONTROLLER and its agent (EVF): access from our company in the USA for administrative management, market research, statistical analysis, etc. and to process orders, requests, etc. at the request of the USER.
- For data for which we are responsible: to execute the relationship between us and our customers and suppliers as well as users who request information through the web.
How long will we keep your personal data?
The data shall be kept no longer than necessary to maintain the purpose of the treatment or as long as there are legal prescriptions that dictate its custody, and when said purpose is no longer necessary, the data shall be deleted with the appropriate security measures to guarantee the anonymization of the data or its complete destruction.
To whom do we transfer your personal data?
No communication of personal data to third parties is foreseen except, if necessary for the development and execution of the purposes of the processing, to our service providers related to communications, with whom the RESPONSIBLE and ZYL (EVF) as the CHARGEEES have signed the confidentiality and data processing contracts required by the privacy regulations in force.
If you choose to enter the Networking area, your non-contact data entry in the registration form will be shared with other users to make contacts with them and encourage users to network.
For those events and clients organized in the EU, our servers will be on the territory of the EU.
We may use certain support services with providers located outside the EU. In these cases, we have ensured that they comply with the GDPR (for example, by subscribing to Standard Contractual Clauses (SCCs) or similar guarantees).
Due to how the platform works, if you attend an event managed by EASY VIRTUAL FAIR you will have to register and your data will be accessible to the event organizer (who will be responsible for the event) and to the exhibitors you decide to visit in this virtual environment. In this case, EASY VIRTUAL FAIR is not the data controller, but the data processor, since it provides the service of organizing the event or virtual fair to the organizer, who will act as data controller. The organizer will have access at all times to the data of the users registered to the event as well as their activity within the fair. We will only process them per the service we provide to our customers.
What are your rights?
USER are entitled to the following:
- Right to withdraw consent at any time.
- Right of access, rectification, portability and deletion of your data and the limitation or opposition to its treatment.
- Right to file a claim with the Spanish Control Authority (www.aepd.es) if you consider that the treatment does not comply with current legislation.
Contact information for the exercise of rights and contact with our DPO:
ZYL TECNOLOGIA CONSULTORIA E INVERSIONES SL. Paseo de la Castellana, 81, Planta 15. 28046, Madrid, Spain or by email to:dpo@easyvirtualfair.com
You can revoke your consent at any time when this is the basis that legitimizes the treatment (e.g. for the sending of commercial information or newsletters).
Access and correction. If you wish to review or correct the personal information we collect or store, please write to us at the following address: Paseo de la Castellana, 81, Planta 15. 28046, Madrid, Spain or by email to: dpo@easyvirtualfair.com. Your right to access or correct personal information may be subject to certain legal restrictions, including information that references other people or business confidential information. We may ask you to provide additional information so that we can process your request. Upon verification, we will provide you with access to your personal information within thirty (30) days.
You may opt out of receiving certain communications. We may communicate electronically and such communications are equivalent to written communications and have the same force and effect than if they were in writing and signed by the party sending the communication. You can cancel text message notifications at any time. If you do not want us to use your information to communicate with you, you may opt out of receiving notices notifying us of your intent to unsubscribe from such communications either by clicking on the “unsubscribe” link contained in the communication or by contacting us at the address below.
- You can change or delete your profile information at any time through our website. When we delete your account, this means that we delete all personally identifiable information, but we do NOT delete non-personally identifiable information. By using our Service or website, you agree that we may retain this information permanently. Even after you delete information from your profile or delete your account, copies of that information may remain visible on our Service or website and elsewhere to the extent it has been shared publicly or with others. In addition, we may retain certain information to prevent identity theft and other misconduct even if deletion has been requested. We may retain backup copies of deleted information and may use such information for the purposes described in and in accordance with this Privacy Policy.
- Our contact information. You should contact us as stated in this Article 7, or to report any breach of security or any violation of this Privacy Policy or any questions or concerns regarding this Privacy Policy, at:
Email: dpo@easyvirtualfair.com
- Links
This Privacy Policy does not apply to websites linked to/from or using our Service or website, nor to entities or applications that we do not own or control. Our Service or website is not affiliated with and does not endorse the content, articles or services of those websites or third parties. When you click on links from our Service or website, you may leave our services. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements. We have no responsibility or liability for the availability of such external websites, or for the privacy, use, storage or transfer of your information or the content, advertising, products or other materials shared by you or available through such websites.
- Changes to this Privacy Policy
We may make changes to this Privacy Policy from time to time in our sole discretion and may post such changes on our website. Each time changes are made; a notice of these changes may be posted on our website. Your continued use of our Service or website following the posting of changes constitutes your acceptance of such changes.
- Additional Limitations of Liability
YOU EXPRESSLY UNDERSTAND AND HEREBY AGREE THAT, TO THE MAXIMUM EXTENT PERMITTED BY LAW:
- UNDER NO CIRCUMSTANCES WILL WE BE LIABLE FOR INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES, HOWEVER CAUSED, AND ON ANY THEORY OF LIABILITY, WHETHER FOR BREACH OF CONTRACT, TORT (INCLUDING, NEGLIGENCE AND STRICT LIABILITY, RESPONSE OF OTHER LIABILITY), BREACH BY US OF THIS PRIVACY POLICY.
- EXCEPT FOR OUR GROSS NEGLIGENCE RESULTING IN DIRECT DAMAGES TO YOU, IN NO EVENT WILL WE BE LIABLE TO YOU AND YOU WAIVE ANY RIGHT YOU MAY HAVE TO ANY DAMAGES FROM US IN CONNECTION WITH ANY BREACH BY YOU OF THIS PRIVACY POLICY.
- IN NO EVENT SHALL OUR AGGREGATE LIABILITY TO YOU EXCEED THE AMOUNT OF INSURANCE PROCEEDS ACTUALLY RECEIVED BY US BASED ON THE EVENT GIVING RISE TO THE LIABILITY.
- REGARDLESS OF ANY STATUTE OR LAW TO THE CONTRARY, ANY CLAIM ARISING IN ANY WAY RELATED TO THIS PRIVACY POLICY MUST BE FILED WITHIN SIX (6) MONTHS AFTER SUCH CLAIM OR SUCH CLAIM WILL BE FOREVER BARRED.
- THESE LIMITATIONS MAY APPLY WHETHER OR NOT WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND NOTWITHSTANDING ANY FAILURE OF THE ESSENTIAL PURPOSE OF ANY LIMITED REMEDY.
- Additional compensation
You hereby agree to indemnify and hold us and our owners, employees and representatives harmless from and against any and all Damages resulting from or in any way related to your use of our Service or website, the content you submit, post or transmit through our Service or website, your breach of this Privacy Policy or any of your other acts or omissions (whether or not related to our Service or website).
- Severability of terms
If any provision of this Privacy Policy is found by a court or other binding authority to be invalid, you hereby agree that every effort will be made to give effect to the parties’ intentions as reflected in that provision, and the remaining provisions contained in this Privacy. The policy will continue in full force and effect.
- Entire Agreement
This Privacy Policy constitutes the entire agreement between you and us with regard to the subject matter of this Privacy Policy.
- Applicable law and jurisdiction
This Privacy Policy and the resolution of any dispute related to this Privacy Policy will be governed and interpreted in accordance with the laws and courts of Spain unless the legislation applicable to consumers establishes otherwise.