GDPR Privacy Notice

This Notice is specifically for individuals located in the European Economic Area (“EEA”), Switzerland, or the United Kingdom (“UK”) and supplements our general Privacy Notice. Our processing of personal data of individuals in the EEA is governed by the European Union’s General Data Protection Regulation (the “GDPR”). For those in the UK, it is subject to the Data Protection Act 2018, which incorporates the GDPR as the UK GDPR. This Notice refers to both the GDPR and the UK GDPR collectively as the “GDPR.” As of the latest update of this Notice, we anticipate the updated data protection law in Switzerland to take effect in the second half of 2022. For administrative efficiency, this Notice applies to individuals in Switzerland in addition to those in the EEA and UK, though it does not limit any additional rights that Swiss individuals may have.

Purposes of Processing

Our general Privacy Notice outlines the personal information we collect, use, share, or otherwise process, and the purposes for these processes, in the operation of our business. This includes information gathered through cookies and similar tracking technologies, as detailed in our Privacy Preference Center.

Lawful Basis for Processing

We process personal information primarily based on our legitimate interests in conducting our business. Where consent is required, we process personal information based on that consent. Additionally, we may process personal information when necessary to comply with our legal obligations.

Categories of Personal Information

The types of personal information we process are detailed in our general Privacy Notice.

Recipients of Your Personal Information

We utilize various service providers to manage our website and provide services like event registration or email communications. Our service providers may change over time. They have entered into contracts with us that restrict their use of your personal information. If you need specific information about which service providers have received your information, please contact us at [contact email], and we will provide that information. We may also share your personal information with other third parties as detailed in Part 3 of our general Privacy Notice.

Transfers of Personal Data Outside the EEA

Our main administrative offices are in the USA, where we process personal information collected through our website. When providing personal information, we will request your consent to transfer that information to the USA. The USA does not have an adequacy decision from the European Commission, meaning it is not considered to have adequate data protection laws as per EU standards. However, we commit to protecting your personal information by treating it in accordance with this GDPR Privacy Notice and taking appropriate security measures. We also require our data processors to treat your personal information consistently with this Notice.

Retention Period for Personal Information

The retention period for personal information varies depending on its type and the purpose for its use. We delete personal information within a reasonable period after it is no longer needed for its collected purpose. You may request deletion of your data before the end of its retention period. We may also archive personal data as part of our business continuity procedures before its final deletion.

Your Data Subject Access Rights

You have the right to access, correct, restrict, or delete your personal data, withdraw consent for its processing, and object to our processing of your personal data. You also have the right to data portability, allowing you to request a transferable copy of the personal information you have provided to us. These rights are subject to limitations under the GDPR. For concerns or to exercise your rights, contact us as outlined in the “How to Contact Us” section of our general Privacy Notice.

Right to Lodge a Complaint

You have the right to lodge a complaint regarding our processing of your personal data with your national or regional data protection authority. The EU Commission’s list of data protection authorities can be found here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm. In the UK, it is the Information Commissioner’s Office (www.ico.org.uk). In Switzerland, it is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/task.html).

Requirement to Provide Personal Data

There is no statutory or contractual requirement or obligation to provide personal information to us. However, without providing it, you may not be able to receive communications from us or register for our events.