Candle Events Data Privacy Statement
Last updated: 15 July 2018
Candle Event, Geneva, Switzerland is an event and association management company which provides association, congress management, meetings and event services to its corporate or association clients (the “Client”).
It is Candle events’ utmost concern to constantly improve its services in order to best meet the needs of its Clients. To this end, Candle events may collect and store certain information, including personal data of people like you. Candle events takes the protection of your personal data very seriously in all of its business processes. This Data Protection Statement is meant to help you understand how data are collected, processed and stored to meet legal requirements and Candle events’s data protection standards.
It will be very difficult and in most countries even impossible for Candle events to provide you services if you refuse to allow Candle events to process your data. For this reason, by providing personal data to Candle events, you agree to be legally bound by and explicitly consent to this Data Protection Statement, as it may be amended from time to time. If you do not agree to this Data Protection Statement or cannot form a legally binding contract, Candle events would not be able to process your personal data.
1. Scope of this Data Protection Statement
This Data Protection Statement applies to all services offered by Candle events.
This Data Protection Statement does not apply to services offered by other companies or individuals. This Data Protection Statement does not cover the information practices of other companies and organizations who advertise Candle events services or any third party operating any website to which the Candle events website or other digital asset may contain a link.
2. Data collected and method of collection
2.1 In general
Candle events collects general and personal data concerning you from:
you when you provide your details to Candle events;
its Clients (in such cases, Client must ensure that it is entitled to disclose such data and that you are aware of the various matters detailed in this Data Protection Statement);
participants at Client’s meetings and events organized by Candle events;
users of Candle events’s or Client’s websites; and third parties (such as online service provider or single sign on authority).
Following the reception of the data, an electronic profile is created in Candle events tools for each person or entity (the “Contact Profile”).
The Contact Profile may contain but is not limited to:
date of birth;
organization or company of employment and/or job title;
field of activity and/or interest;
credit card references/numbers;
other communicated preferences;
2.2 Cookies Policy
What are cookies
Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognise you and make your next visit easier and the service more useful to you. Cookies can be “persistent” or “session” cookies.
to enable certain functions of the website,
to provide analytics,
to store your preferences ad personalize the content,
to improve the user experience
to enable advertisements delivery, including behavioural advertising
to share on social networks
We use both session and persistent cookies on the Service and we use different types of cookies to run the Service:
We may use essential cookies to authenticate users and prevent fraudulent use of user accounts.
In addition to our own cookies, we may also use various third-parties cookies to report usage statistics of the Service, deliver advertisements on and through the Service, and so on.
What are your choices regarding cookies
For Internet Explorer™ : https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
For Safari™ : https://support.apple.com/en-us/HT201265
For Chrome™ : https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en
For Firefox™ : https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
For Opera™ : http://help.opera.com/Windows/10.20/en/cookies.html
Please note, however, that if you delete cookies or refuse to accept them, some features of the Candle events website may not work properly, you may not be able to store your preferences, and some of our pages might not display properly.
Where can you find more information about cookies
Network Advertising Initiative: http://www.networkadvertising.org/
3. Purpose of data collection
Candle events uses the data collected to provide, maintain, protect and improve the overall quality of its services. Data collection is also meant to protect Candle events and its users. Candle events does not collect more data than is necessary to fulfil such purposes.
In addition to creating Contact Profiles, Candle events uses your data for the following purposes and for which you give your consent:
a) Bookings: The Contact Profiles are stored in a database as a reference document to be consulted each time a booking is to be made. When a booking is made, Candle events creates a booking code that contains all of the personal data along with the booking information that is needed to fulfil your request and to fulfil regulatory requirements for certain destinations. To make bookings, Candle events might need to transfer personal data to various third-party travel suppliers (such as airlines, hotels, car rental companies, online booking tool companies, safety and security tracking providers and computer booking systems) within your home country or in another country where you may be traveling and often also to government bodies for certain destinations.
b) Consolidation of travel data: At the request of a Client, Candle events or a third party may prepare information reports that summarize and analyse the expenditures per destination, per travel supplier, etc. Such reports which may include certain personal data from your Contact Profile are then submitted to the requesting Client.
c) Compliance with travel policy: At the request of a Client, Candle events may report on your compliance with the event compliance policy, budget compliance policy or travel policy of such Client and identify any exceptions to the compliance.
d) New products and services: With the goal of improving services and based on the data given to Candle events, Candle events may send you additional information related to your current or future event(s) and/or trip(s). An example might be a list of restaurants near a specific hotel in the destination city or parking facilities at the departure airport.
e) Promotion and marketing: Candle events may use your data to personalize your experience on the Candle events website by presenting advertisements that are more relevant to you, to send you marketing communications that we believe may be of interest to you, including information about our services, case studies, thought leadership or whitepapers, blog updates, etc. For example, Candle events uses third party service providers to present services and offers tailored to the preferences and interests demonstrated by your online activity over time. Candle events may use your data for promotion and marketing purposes for Candle events’s current or prospective Clients and/or third parties in Candle events’s industry. Candle events may use the data to analyse trends in order to propose other services to its Clients, such as new events or other services.
f) Technical data: Candle events, or third parties instructed by Candle events, evaluate this data purely for statistical purposes and only in an anonymised form, in order to optimize Candle events’s website and increase user-friendliness, efficiency and safety. Candle events may in particular use technical data to measure the success of Candle events marketing campaigns, compile statistics about Candle events website usage and response rates, and use aggregated personal data calculate the percentage of Candle events users who have a particular telephone area code.
g) Other purposes: Candle events may use your data as Candle events believes to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce Candle events’s terms and conditions; (e) to protect Candle events’s operations; (f) to protect Candle events’s rights, privacy, safety or property, you or others; and (g) to allow Candle events to pursue available remedies or limit the damages that Candle events may sustain; (h) to allow you to apply for an Candle events job offer.
Candle events will ask your consent before using data for a purpose other than those that are set out in this Statement subject to mandatory laws.
4. Duration of storage
General and personal data will be kept by Candle events only as long as reasonably necessary taking into consideration its need to answer queries or resolve problems, to provide improved and new services and to comply with legal requirements under applicable laws or with inquiries from Clients on past events or travel activities. Candle events will retain general and personal data during a maximum period of five years if no specific legal requirement. For applicants, the data will be retained for a maximum period of 2 years.
You may cancel/delete your Candle events account by sending an email to: firstname.lastname@example.org
5. Location of storage and controller of data base
The Contact Profiles that Candle events maintains are stored in cloud-based central databases at third-party providers’ location in Europe, United States and Asia. Third-party providers have signed our dedicated data protection clauses.
Any transfer of your Data outside the European Economic Area shall only take place with appropriate safeguards in place, such as contractual terms in compliance with applicable data protection laws and regulations.
6. Your duties
You must ensure that the data you provide us with are:
compliant with any applicable laws.
In particular, since Candle events will mainly use email communications with you, you are required to notify us of any modification of your email address. Alternatively, you can directly update your Contact Profile.
Candle events is committed to protecting the privacy needs of children and we encourage parents and guardians to take an active role in their children’s online activities. Candle events does not target the digital asset to children less than fourteen (14) years of age or knowingly collect information from children for the purpose of selling products or services.
7. Transfer and communication of data
7.1 In general
Candle events is an international company working with partners in over 31 countries across Europe, the Americas, Asia and the Middle East. Your personal data may therefore be transferred to and outside of Switzerland, including in countries whose data protection laws may be different from, and less stringent than, those in your country of residence. You hereby agree and give your consent to Candle events to transfer and communicate your data as follows:
a) Transfers within the Candle events group: Transfers are made throughout Candle events and its subsidiaries to support its activities and/or services.
b) Transfer to third-parties: Candle events works with certain third parties to obtain support services in connection with travels, meetings and events services and/or other Candle events services to its Clients, such as emergency online booking services, hotel booking services, ground transportation requirements or airline ticket issuance, badge provider and, in some cases, personal data will be shared with these third parties in order to pursue Candle events’s mission and goals. Candle events may also transfer personal data to third parties at the request of its Clients. For example, to sponsors and exhibitors or to other third parties for data consolidation or emergency tracking services. Candle events may transfer your data to third parties for promotion and marketing purposes as outlined under 3e) above. Candle events may also transfer your data to a third-party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of Candle events business, assets or stock (including in connection with any bankruptcy or similar proceedings).
c) Regulatory transfers: Candle events may be required by law to transfer data to governments and regulatory and/or supervisory authorities.
7.2. Electronic transfer of data
If you visit Candle events’s website your data will be transported via an open publicly accessible network. The data might therefore be transmitted across national borders even if you and Candle events are located in Switzerland. This involves notably the risk that your data may be intercepted and read by third parties, allowing such third parties to infer an already existing or future business relationship between you and Candle events.
Furthermore, you are notified that information you transmit or allow to be transmitted to you by Candle events via an electronic medium, in particular via e-mail, SMS, contact forms, etc. are usually unencrypted and therefore neither confidential nor secure. Even in the event of an encrypted transmission, sender and recipient remain unencrypted in each case. Third parties may therefore be able to infer an existing or future business relationship between you and Candle events.
If you provide Candle events with personal information, your personal data may be transferred by Candle events to countries whose data protection laws may be different from, and less stringent than, those in your country of residence as set forth above. Your personal data may in particular be transferred to the United States. You are hereby notified that your personal data might be accessed by governmental authorities in such countries (in particular by US authorities).
8. Security and organizational measures
To ensure the safety of your data on Candle events’s website and systems, Candle events has implemented appropriate technical, contractual, administrative, physical and organizational measures to protect your personal data from loss, destruction, unauthorized access, accidental or unlawful disclosure and manipulation. These measures are subject to continuous development in accordance with technological progress and are periodically reviewed to comply with all applicable privacy laws. However, we cannot and do not guarantee the security of your personal data and therefore cannot assume any liability in this respect.
Only authorized Candle events staff, third party companies’ (i.e. service providers) staff or our Clients’ authorized staff (who have contractually agreed to keep all information secure) have access to your personal data. All Candle events staff who have access to your personal data are required to adhere to the staff confidentiality regulations and all third-party employees who have access to your personal data have signed non-disclosure agreements. In addition, data transfer agreements are in place with third-party companies that have access to your personal data to make sure these data remain secure.
In accordance with applicable data protection laws and regulations, you have a right to request access to, rectification of your Data, or restriction of processing, and to object to said processing, as well as the right to data portability to the extent applicable. Moreover, you have a right to lodge a complaint with a supervisory authority.
Under certain conditions you also have the right to have your personal data that is stored by Candle events blocked and deleted, unless Candle events has to keep these data for legitimate business or legal purposes. For more information, you should contact our team.
To contact Candle events with questions or issues about Candle events’s data processing, use the following e-mail address: email@example.com.
As per GDPR requirements, Candle events gives you many choices regarding Candle events’s use and disclosure of your personal data for marketing purposes (right to be forgotten, to modification, to limitation…). By contacting our team at the above-mentioned e-mail address, you may opt-out from receiving future electronic marketing messages from Candle events and request that we not share your personal data with unaffiliated third parties for their marketing purposes. Candle events will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out as described above, Candle events will not be able to remove your personal data from the databases of unaffiliated third parties with which Candle events has already shared your personal data (i.e., to which we have already provided your personal data as of the date that we implement your opt-out request). Please also note that if you do opt-out of receiving marketing-related messages from Candle events, we may still send you important administrative messages, and you cannot opt-out from receiving administrative messages.
This Statement may be revised and updated by Candle events from time to time to comply with statutory data protection and privacy laws. Candle events will post any statement changes on its website and, if the changes are significant, Candle events will send a notice to the e-mail address provided in your Contact Profile.