Sivantos Event Privacy Policy

Effective Date: December 1st, 2019

A. Our Commitment to Data Privacy

Protecting the security and privacy of Personal Data is important to us. We conduct our business in compliance with applicable laws on data privacy protection and data security. We have created this Privacy Policy to demonstrate our commitment to every individual`s right to data protection and privacy. This Privacy Policy outlines how we handle information provided by you that can directly or indirectly identify you or (in the case where you are a healthcare provider, audiologist or similar or seller) that can directly or indirectly identify your customer, patient or end-user (collectively “Personal Data”).

Our global data privacy compliance program also consists of the implementation of unambiguous authorizations and consents, EU Standard Contractual Clauses, model contracts/transfer agreements, privacy principles, privacy statements, privacy policies and country-specific registrations and filings. This Event Privacy Policy covers any events / workshops organized by Sivantos, an affiliate or subsidiary of Sivantos (collectively ‘Sivantos’).

B. Why do I need to provide Personal Data?

Event registration

We use dedicated Event Registration Website(s) to collect personal data where you directly input such personal information into the registration forms, as well as in any other page we set up as an event organizer. Personal Information we collect may contain your name, contact information such as Address, E-Mail, etc. Depending on the type of event and in case we provide accommodation etc. we might also collect sensitive data such as your passport or other personal data that is required by Hotels, Airlines etc. to book travel on your behalf.

This data is collected by us and we process it in the performance of a contract with you (if you have purchased admittance to an event) as well as in our legitimate interest to manage our events and contact you, as follows:

(a) Manage our event attendees;

(b) Contact you about the event you have registered for;

(c) Contact you with regard to other events that we organize and think may be of interest to you, from which you can opt out at any time by using the unsubscribe link in the email, or by exercising your data subject rights as stated in Section E below;

(d) Run statistics about our event attendees;

(e) Improve our future events;

By completing the registration process you represent and warrant that you are the person making the registration or have the express authority from that person to make the registration on their behalf.

Event registration, participation and related matters

To participate in our events, you will be issued a name. You will be asked to show this name badge at the entry in the various areas of our events, as this is in our legitimate interest to manage the access to our events.

Where we provide food in our events, you may provide information about food allergies or other conditions, so that we may adapt our menu accordingly.

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we may have to keep basic information about you (including contact, identity, and transaction data) for up to ten years. For more details on your data subject rights please refer to Section E below.

Photos and videos

We may be taking pictures and record video footage of our events. Given that our events are public areas with controlled access, and that we do not intend to photograph you directly but rather groups (unless you are a speaker or a special guest), we do this based on our legitimate interest to document our events and market their success).

Speakers

If you are a speaker in our events, we will be processing your name, title, company, professional bio, education, as well as your presentation slides (if applicable), photos and videos of you at our events. The presentation slides (if applicable), photos and videos may be made public through the channels we consider appropriate (our website, third party websites, social media).

We do ask for your consent to take photos and videos of you and share them publicly, however given that our interest is to publicize our events, if you do not agree we may refuse to appoint you as a speaker.

This processing is made in our legitimate interest to promote our events and the data is stored by us for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we may have to keep basic information about our speakers (including contact, identity, and transaction data) for up to ten years. For more details on your data subject rights please refer to Section E below.

Related services

During the registration process or thereafter you may ask us to book a hotel room or airline ticket or you can choose a hotel room on the registration site. If you ask us to do this, we will legally conclude a contract with the hotel and/or airline in your name. In the performance of this contract we will share your personal data, to the minimum extent necessary, with the hotel and/or airline where we book your room, reserve your ticket. The data we provide to them includes your name, address, email address, and other identification information the hotel and/or airline may require. The processing of your data by the hotel and/or airline is made in their capacity of data controller, subject to their own privacy policy.

Marketing

When you attend our events, you may receive promotional goods or a conference bag with various items provided by us.

Cookies

As we collect certain information about you when you visit and use our registration website please refer to our Cookie policy for more details on your opt-in and opt-out options.

C. HOW WE SHARE INFORMATION

We will disclose your personal data only for the purposes and to those third parties, as described below. We will take appropriate steps to ensure that your personal data are processed, secured, and transferred according to applicable law.

Disclosure to third parties

We will share only those details of your personal data, that is required to provide you with an uninterrupted and comfortable experience when participating in our events and strictly on a need-to-know basis with the following categories of third parties:

(a) Payment processors that process payment of registrations you buy for our events. These platforms act as controllers regarding your data, collect most data directly from you, and such personal data processing is subject to the third party’s own privacy policy.

(b) Hotels and/or Airlines where we book accommodation in your name, if you request us to;

(c) Companies that provide products and services to us (processors), such as:
(i) Third parties involved in organizing our events, client support, or sales activities;
(ii) Information technology systems suppliers and support, including email archiving, telecommunication suppliers, back-up and disaster recovery and cyber security services.

(d) Other parties such as public authorities and institutions, accountants, auditors, lawyers and other outside professional advisors, where their activity requires such knowledge or where we are required by law to make such a disclosure.
We will also disclose your personal information to third parties:
(i) If you request or authorize so;
(ii) To persons demonstrating legal authority to act on your behalf;
(iii) If we are under a duty to disclose or share your personal information to comply with any legal obligation, any lawful request from government officials and as may be to prevent illegal activity;
(iv) To respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; or
(v) To protect the rights, property or safety of Sivantos, our employees, customers, suppliers, visitors, or other persons.
We, as well as some of these recipients may use your data in countries which are outside of the European Economic Area. Please see Section D below for more detail on this aspect.

Restrictions on use of personal information by recipients

Any third-party processors with whom we choose to share your personal information pursuant to the above are limited (by law and by contract) in their ability to use your personal information for the specific purposes identified by us. We will always ensure that any third parties with whom we choose to share your personal information are subject to privacy and security obligations consistent with this Privacy Notice and applicable laws. However, for the avoidance of doubt this cannot be applicable where the disclosure is not our decision, including where you request it.

Save as expressly detailed above, we will never share, sell or rent any of your personal information to any third-party without obtaining your consent.

D. PROVISIONS APPLICABLE FOR PERSONS IN THE EUROPEAN UNION

Transfers of information outside of the European Union

Since our Headquarter is based in Singapore and we use Cloud Service providers that also use locations within and outside the European Union, your personal data may be process outside of the European Union. We do this either with your consent or based on legitimate interest of you participating in our events.

If you are an individual located in the EEA, where your personal data is transferred to other entities as mentioned in Section C above, we will take appropriate measures to ensure that the recipient protects your personal information adequately in accordance with this Privacy Notice. These measures include entering into European Commission approved standard contractual arrangements with them, orensuring they have signed up to the EU-US Privacy Shield (see further https://www.privacyshield.gov/welcome).

Further details on the steps we take to protect your personal information in these cases is available from us on request by contacting our Privacy Officer at dpo@sivantos.com at any time.

E. Your Data Subject Rights

In General. You can at any time request from us information about whether we hold any of your personal data and about which of the Personal Data we are processing as well as the correction or deletion of such Personal Data by sending your request to dpo@sivantos.com. Please note, however, that we can delete such Personal Data only if there is no statutory obligation or prevailing right for us to retain it. Kindly note that if you request us to delete such Personal Data, you will not be able to continue to use the applicable Web Sites, Services or any related Sivantos services that requires Sivantos’ use of such Personal Data. We will respond to your request within a reasonable timeframe.

Request a copy. If we use the Personal Data based on your consent or to perform a contract with you, you may request from us for a copy of Personal Data that you had provided. In this case, please contact us at dpo@sivantos.com and specify the Personal Data and the format in which you would like to receive the Personal Data.

Right to be forgotten / Restriction of use. You may request us to restrict any processing of the Personal Data in any of the following events: (i) you inform us that the Personal Data that we have is incorrect, (in such cases we may continue to retain such of the Personal Data to check its accuracy), (ii) that we have no legal basis to process such Personal Data, or (iii) you object to our processing of such Personal Data based on our legitimate interest.

Right to lodge a complaint. If you have reason to believe that we are not processing the Personal Data in accordance with the requirements of this Privacy Policy or applicable EEA data protection laws, you may choose to lodge a complaint with the data protection authority of the EEA country in which you live or with the relevant data protection authority of the country or state in which applicable Sivantos entity is located.

F. Use of technical measures, e.g. Cookies etc.

Non-Personal Data Collected Automatically

When you access our Web Sites we may automatically (i.e., not by registration) collect non-personal data (e.g. type of Internet browser and operating system used, domain name of the Web Sites from which you came, number of visits, average time spent on the site, pages viewed). We may use such data and share it with its affiliates and subsidiaries to improve the performance, content or appearance of the Web Sites. Please see our Cookie Policy for more details.

Security

To protect Personal Data against accidental or unlawful destruction, loss or alteration and against unauthorized disclosure or access, we use technical and organizational security measures.

G. Questions and Comments

We will respond to reasonable requests to review the Personal Data and to correct, amend or delete any inaccuracies. Please contact us at dpo@sivantos.com for such requests.

If you have a complaint about how Personal Data is handled by us, you may contact the person, department or office that you have been dealing with. You can alternatively contact our Data Privacy Officer, dpo@sivantos.com and the responsible data privacy personnel shall contact you within a reasonable timeframe.

This Event Privacy Policy may be updated and amended from time to time. Please check this page regularly to keep up-to-date. Your continued or subsequent access or use of our Web Sites shall be deemed to be your acceptance of the amended or modified Event Privacy Policy. In accessing or using our Web Sites, the Event Privacy Policy is accepted by you in its then-current version. If you do not agree to the Event Privacy Policy, please do not use our Web Sites. If we make any material changes we will notify you by email (sent to the email address specified in your account) or

Sivantos Pte. Ltd.
18 Tai Seng Street, #08-08
Singapore 539775
dpo@sivantos.com