PRIVACY POLICY

PRIVACY POLICY

Last updated February 2022

 

    1.- APPLICATION OF THIS POLICY

    This policy applies to:

    • Events for visitors
    • Exhibitors
    • Clients who contract the services of EASY VIRTUAL FAIR as a platform.
    • Users and contacts received through our website through any of its forms.

    Through this policy we will provide you with accurate information about the processing of your personal data in the European Union in accordance with the EU Regulation 2016/679 General Data Protection Regulation (RGPD or GDPR) and the specific regulations that at the local level may be applicable (in Spain, the Organic Law 3/2018 on Personal Data Protection and guarantee of digital rights (LOPDGDDD). We apply by default the standards established in the GDPR. In those cases where other regulations apply we refer specifically to the same.

    EASY VIRTUAL FAIR provides an online platform for holding virtual fairs and events (the "Service").

    This Privacy Policy applies to your use of our Service in any of its forms as explained below and including your participation in any event hosted on the Service including as a customer (event host) or customer representative, exhibitor or attendee/visitor.

    This Privacy Policy also applies to your use of our website (www.easyvirtualfair.com). and any personal data we may collect through it.

    In this Privacy Policy, "we", "us" and "our" mean, ZYL Tecnologia Consultoria E Inversiones SL, a legal entity organized under the laws of Spain and in certain cases, EasyVirtualFair LLC, a Pennsylvania limited liability company and any affiliates of such companies. Your personal data will be handled by one or the other company depending on the client organizer and attendees of the events. If the organizer and attendees are located in the European Union, your data will always be handled in the European Union.

    Data Controller data in the European Union (when acting in such capacity):

    ZYL Tecnologia Consultoria E Inversiones SL,

    Paseo de la Castellana, 81, 15th Floor. 28046, Madrid.

    Details of the data protection officer: dpo@easyvirtualfair.com

     

    2.- PURPOSES AND DATA COLLECTED

     

    You provide us with your personal information when you participate in an event or use the Service or our website. When you "register" for an event or create an account with us, you provide us with information about yourself. At a minimum, this includes your first and last name, email address and password. This is information that may uniquely identify you or provide access to your account. You may also provide us with additional personally identifiable information through your participation in an event or use of the Service or our website, such as information or comments you may provide or make during or after an event or comments you may leave in public areas of our website or your communications with us. If you register for an event hosted by another entity (our client) we merely manage that registration and provide the platform on which the event is held.

    You, by attending a fair or event or by being an exhibitor at one of our fairs, agree to the processing of your data so that our client, us or the exhibitors you visit may process your personal information. We, our client and the event exhibitors may collect personal information about you and you may provide us with your personal information in the context of this service relationship as explained below. This may include your name, address or telephone number. This will always be personally identifiable information. You understand and agree that participation in an event involves:

    • The collection of data by the organizer (be it our client or us) through our platform where you register.
    • The communication of your data to the sponsors of the fair (in each fair are announced which exhibitors have this status and only for purposes related to the fair.
    • The collection of data by the exhibitors you visit. Only when you visit an exhibitor will your data be collected by that exhibitor and only for the same purposes.

    We also use automatic data collection technologies, such as "cookies" that we will only use with your consent requested at the beginning of the navigation. We track the actions you take on our Service or website. In addition, certain anonymous information may be passively collected (i.e., collected without you actively providing the information) using various technologies, including browser cookies or small electronic files known as web beacons or tokens (also called clear gifs, pixel tags or pixel gifs). When you access our Service or website from a computer, cell phone or other device, we may collect information from that device about your browser type, location and IP address, as well as the pages you visit. We may use these or similar technologies to facilitate your use of our Service or website, to improve our communications, or to protect you and our Service or website. You will be asked for consent for these purposes at the beginning of your browsing. In any case, also, you can remove or block these technologies using your browser settings, but in some cases that may affect your ability to use our Service or website.

    You may share your personal data with other users. This data will include, among other things, the data we generate for your network business card, such as your name, company, job title and LinkedIn profile. However, other users will not be able to see your contact details.

    We set out below how we handle this data on a situation-by-situation basis:

    1. a) - Events organized directly by EASY VIRTUAL FAIR

    EASY VIRTUAL FAIR organizes events on its own behalf as Data Controller and for this purpose may collect personal data of:

              - Attendees: for the purpose of

    • Manage participation in an event.
    • Sending commercial advertising communications by email, fax, SMS, MMS, social networks or by any other electronic or physical means, present or future, that enable commercial communications. These communications will be made by the Data Controller and will be related to its services.
    • Conduct market research and statistical analysis.
    • Process orders, requests, respond to queries or any type of request made by the USER through any of the contact methods available at the fair.
    • If you agree to be part of the Networking, your personal data will be processed to encourage users in networking and profiling their interests and will be shared with other users who will attend the same event.

              - Exhibitors

    • Manage the participation as an exhibitor in an event by EVF in its different modalities.
    • Sending commercial advertising communications by email, fax, SMS, MMS, social networks or by any other electronic or physical means, present or future, that enable commercial communications. These communications will be made by the DATA CONTROLLER and will be related to its services.
    • Conduct market research and statistical analysis.
    • To process orders, requests, answer queries or any type of request made by the exhibitor through any of the contact methods available at the fair.

     

     

    1. b) - Events organized by third parties (our clients) in which EASY VIRTUAL FAIR provides its platform for the management of the fair.

    In these cases, EASY VIRTUAL FAIR will act as "Data Processor" and the organizing client will be the Data Controller for the processing of the data collected in the context of the event. EASY VIRTUAL FAIR will manage the data on behalf of the Data Controller. For this purpose, the corresponding data processing agreement will be signed by which EASY VIRTUAL FAIR undertakes to act under the instructions of the Controller in accordance with the provisions of Article 28 of the GDPR.

              When we act as "data processors" we process your personal data (whether you are an attendee or exhibitor) for the purpose of providing the service contracted by our client and on your behalf, we carry out the collection and processing of your personal data for the following purposes:

    • Manage the participation in the fair or event whether you are an attendee or exhibitor in any of its modalities.
    • Sending commercial advertising communications by email, fax, SMS, MMS, social networks or by any other electronic or physical means, present or future, that enable the realization of commercial communications. These communications will be made by the Data Controller and will be related to its products and services, or those of its partners or suppliers with whom it has reached a promotional agreement. In this case, third parties will never have access to personal data.
    • Conduct market research and statistical analysis.
    • If you agree to take part in the Networking, your personal data will be processed to encourage users to network and to profile their interests and will be shared with other users attending the same event.
    • If you contact EVF for any question related to your personal data, we will refer you to the event organizer unless we can fulfill your request.
    1. c) - Data collection carried out by EASY VIRTUAL FAIR through its website to respond to requests for information, prepare budgets and ultimately address any inquiries made through its contact forms.

    ZYL TECNOLOGÍA CONSULTORIA E INVERSIONES SL. acts as data controller:

    • The data of its customers and suppliers.
    • The data of the attendees to any stand that EASY VIRTUAL FAIR places in third party fairs as EXHIBITOR.
    • The data of attendees and exhibitors attending events organized by EVF as the data controller as described above.
    • The data of users who register on the website www.easyvirtualfair.com in order to request information, a demo, a quote, contact us for any question related to our activity or send us a CV.
    • Personal data (if any) that we collect through cookies.

     

    For those processing activities for which we are Data Controller we will use the data only to fulfill the purpose indicated for each processing:

    • Customers and suppliers: to manage our business relationship with them.
    • Web users: to communicate with us and attend to their requests
    • Manage attendance to events and fairs for which EVF is data controller.
    • To perform statistics and analysis
    • If you accept to be part of the Networking, your personal data will be processed to encourage users in networking and profiling their interests and will be shared with other users who will attend the same event.
    • Communicate upcoming events that may be of interest.

     

    3.- LEGITIMACY TO CARRY OUT THE PROCESSING OF PERSONAL DATA

    Because the processing is legitimized by Article 6 of the GDPR as follows:

    - For the performance of a contract:

    • Between EVF and the Event Organizer when EVF acts as a processor of the Event Organizer.
    • Between EVF and the Exhibitor of the event when EVF acts as data controller of the event and the exhibitor is interested in acquiring a space at the fair.
    • Between EVF and the user when EVF acts as data controller of the event.
    • Between the Organizer and the user when EVF acts as the event Organizer's data processor.
    • Between the Organizer and the exhibitor through EVF acting as the organizer's data processor.

     

    - With the consent of the USER: sending of commercial communications and newsletters.

    Also if you decide to visit a stand (you leave your contact details when you visit it) and connect with other users and do networking.

    To send you a demo, a quote or answer your queries or requests for information.

     

    - In the legitimate interest of the Data Controller: access from our company in the USA for administrative management, market research, statistical analysis, etc.

    - For those data for which we are Data Controller: to execute the contractual relationship between us and our attendees to fairs, customers and suppliers as well as users who request information through the web.

    - To comply with our legal obligations: in certain cases we will have to keep data -especially contractual data- to comply with our legal obligations.

     

    4.- DATA RETENTION

    The data will be kept no longer than necessary to maintain the purpose of the processing or as long as there are legal requirements that dictate their custody, and when such purpose is no longer necessary, the data will be deleted with appropriate security measures to ensure the anonymization of the data or their complete destruction.

    When we act as "data processors" we will destroy the data as established in the corresponding data processing agreements.

    5.- RECIPIENTS AND INTERNATIONAL TRANSFERS

    We do not share your personally identifiable information except for very specific purposes. These purposes include:

    - To provide or administer our Service or website to our customer or to you and other users of our Service or website: In these cases the data is provided:

    • If you attend an event where there are sponsoring exhibitors, your attendance data will be communicated to them.
    • If you visit an exhibitor's stand, your data will be recorded and provided to the exhibitor.

    - To work with our third party service providers in connection with our Service or website, such as our cloud server providers, content providers, payment processors or email administrators. With these providers we have entered into appropriate data processing agreements with the safeguards set out in the GDPR.

    - To respond to lawful requests, including pursuant to subpoenas, court orders or other requests (including criminal and civil matters) if we believe in good faith that the response is required by law, to cooperate with law enforcement or other governmental authorities, or otherwise in accordance with applicable law

    - To enforce our legal obligations

    - To facilitate a sale or change of control of our business or our Service or website.

    - To fulfill your requests or otherwise with your consent.

     

    We may disclose or use information that is not personally identifiable information (anonymized information). As long as this information has been de-identified from your unique personally identifiable information, we may disclose or use it without limitation or restriction, for any purpose, even after you delete your account. This includes aggregate information about users of our Service or website that may include your information, including for market research purposes. In these cases there is no possibility of re-identifying users.

     

    International transfers:

    1. a) The data of users of the website will be stored by Amazon -if you are in the EU, the data is stored in EU- and WordPress that has signed the standard contractual clauses as a guarantee for international data transfers that may occur between the EU and the U.S. They may also have access to data Mailchimp for the management of shipments that likewise has adopted guarantees of compliance with the RGPD.

    If the user requesting information is located in the EU, you may receive a first communication from the U.S. But the data will be derived and managed by our company in Spain and all further processing of the data will be carried out in the European Union (AWS) in compliance with the legal framework of the GDPR.

    1. b) For events organized in any country in America, the servers are located in the USA. If the event takes place in Europe, the servers are always in Europe (usually in Ireland).
    2. c) For the rest of the world we can use servers in USA, Europe or Asia (Singapore) according to proximity criteria.

     

    6.- RIGHTS OF THE INTERESTED PARTIES

    In accordance with the provisions of the RGPD, you have the right to

    • Withdraw your consent when this is the basis of legitimacy of the treatment. In any case, registration is voluntary. You can always unsubscribe
    • To provide you with access to your personal information,
    • Rectify or correct your personal information,
    • Delete your personal information, or
    • Restrict the processing of your personal information, including providing it to third parties.
    • You also have the right to object to processing, data portability, limitation of processing and to lodge a complaint with the relevant supervisory authority in your country of residence, if applicable.

    The above rights may be subject to certain limitations in accordance with applicable law.

    Your California Privacy Rights. California Civil Code Section 1798.83 permits users of our Service or website who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.

    To make such requests, please email us at dpo@easyvirtualfair.com or send an email to the following address: Paseo de la Castellana, 81, 15th floor. 28046, Madrid, Spain.

    All requests must be labeled "Rights Request" or "Your California Privacy Rights" in the subject line of the email, on the envelope or on the postcard. For all requests, clearly indicate that the request is related to "Your California Privacy Rights" and include your name, mailing address, city, state, zip code and email address (your mailing address is optional if you wish to receive a response to your request by email) and indicate your preference as to how our response to your request should be sent (i.e., email or postal mail). We will not accept requests by telephone or fax. We are not responsible for notices that are not labeled or sent correctly, or that do not have complete information.

     

    7.- DATA SECURITY

    We use systems infrastructure for the hosting, security and delivery of our Service and website, such as third-party cloud servers, that is consistent with commercially reasonable practices for comparable companies in the United States and in the case of the European Union, in strict compliance with the GDPR.

    We have implemented technical and administrative safeguards to manage your personally identifiable information that are designed to protect against unauthorized access, disclosure or use of your information by our employees and contractors and against reasonably anticipated third party threats to the security of your information.

    We have verified that our suppliers are in compliance with regulations and have security measures in place to ensure the confidentiality of information.

    In coordination with our customer, as appropriate, we will inform you of any unauthorized access, disclosure or use of your information.

    You may change or delete your profile information at any time through our website. When we delete your account, this means that we delete all personally identifiable information, but we do NOT delete non-personally identifiable information. By using our Service or website, you agree that we may retain this information permanently. Even after you delete information from your profile or delete your account, copies of that information may remain visible on our Service or website and elsewhere to the extent it has been shared publicly or with others. In addition, we may retain certain information to prevent identity theft and other misconduct even if deletion has been requested. We may retain backup copies of deleted information and may use such information for the purposes described in and in accordance with this Privacy Policy.

    8.- LINKS

    This Privacy Policy does not apply to websites linked to/from or using our Service or website, or to entities or applications that we do not own or control. Our Service or website is not affiliated with and does not endorse the content, articles or services of those websites or third parties. When you click on links on our Service or website, you may leave our services. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements. We have no responsibility or liability for the availability of such external websites, or for the privacy, use, storage or transfer of your information or the content, advertising, products or other materials shared by you or available through such websites.

    9.- MODIFICATIONS TO THIS PRIVACY POLICY

    We may make changes to this Privacy Policy from time to time in our sole discretion and may post such changes on our website. Whenever changes are made, a notice of these changes may be posted on our website. Your continued use of our Service or website following the posting of changes constitutes your acceptance of those changes.

     

    10.- LIMITATIONS OF LIABILITY

    If you are an exhibitor, you assume that your participation as an exhibitor at an event on the EASY VIRTUAL FAIR platform means that you may only use the personal data to which you have access in the context of the event  and in compliance with current legislation. EASY VIRTUAL FAIR is not responsible for the destination of the data once the user/visitor agrees to visit its stand or in the case of sponsoring exhibitors, when registering.

    YOU EXPRESSLY UNDERSTAND AND AGREE THAT, TO THE FULLEST EXTENT PERMITTED BY LAW:

    - UNDER NO CIRCUMSTANCES WILL WE BE LIABLE FOR INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES, HOWEVER CAUSED, AND ON ANY THEORY OF LIABILITY, WHETHER FOR BREACH OF CONTRACT, TORT (INCLUDING, NEGLIGENCE AND STRICT LIABILITY, RESPONSE OF OTHER LIABILITY), BREACH BY US OF THIS PRIVACY POLICY.

    - EXCEPT FOR OUR GROSS NEGLIGENCE RESULTING IN DIRECT DAMAGES TO YOU, IN NO EVENT WILL WE BE LIABLE TO YOU AND YOU WAIVE ANY RIGHT YOU MAY HAVE TO ANY DAMAGES FROM US IN CONNECTION WITH ANY BREACH BY YOU OF THIS PRIVACY POLICY.

    - IN NO EVENT SHALL OUR AGGREGATE LIABILITY TO YOU EXCEED THE AMOUNT OF INSURANCE PROCEEDS ACTUALLY RECEIVED BY US BASED ON THE EVENT GIVING RISE TO THE LIABILITY.

    - REGARDLESS OF ANY STATUTE OR LAW TO THE CONTRARY, ANY CLAIM ARISING IN ANY WAY RELATED TO THIS PRIVACY POLICY MUST BE BROUGHT WITHIN SIX (6) MONTHS AFTER SUCH CLAIM OR SUCH CLAIM WILL BE FOREVER BARRED.

    - THESE LIMITATIONS MAY APPLY WHETHER OR NOT WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY.

     

    INDEMNIFICATION FOR BREACH

    You agree to indemnify and hold us and our owners, employees and representatives harmless from and against any and all Damages resulting from or in any way related to your use of our Service or website, the content you submit, post or transmit through our Service or website, your breach of this Privacy Policy or any of your other acts or omissions (whether or not related to our Service or website).

    12.- SEVERABILITY OF TERMS

    If a court or other binding authority determines that any provision of this Privacy Policy is invalid, you agree that every effort will be made to give effect to the parties' intentions as reflected in that provision, and the remaining provisions contained in this Privacy. The policy will continue in full force and effect.

    1. -APPLICABLE LAW AND JURISDICTION

    This Privacy Policy and the resolution of any dispute relating to this Privacy Policy shall be governed by and construed in accordance with the laws and courts of Spain unless applicable consumer law provides otherwise.