Privacy Policy
1. Controller and Content of this Privacy Policy
We, MLL Legal AG, with registered office at Grabenstrasse 2, 6340 Baar, Switzerland, registered in the Commercial Register of the Canton of Zug under the number CHE-457.072.861 and Bull & Co Advokatfirma AS, Universitetsgata 9, 0164 Oslo, Norway, organisation number 981 459 326 (Companies) are the operator of the website www.alpineprivacydays.net (Website) and are, unless otherwise stated in this privacy policy, responsible for the data processing described in this privacy policy.
Please take note of the information below to know what personal data we collect from you and for what purposes we use it. When it comes to data protection, we primarily adhere to the legal requirements of Swiss data protection law, in particular the Federal Act on Data Protection (FADP).
Please note that the following information may be reviewed and amended from time to time. Therefore, we recommend regularly checking this privacy policy for any updates. Furthermore, for individual data processing listed below, other companies are responsible under data protection law or jointly responsible with us, so that in these cases, the information provided by those companies is also relevant.
2. Contact Person for Data Protection
If you have any questions regarding data protection or wish to exercise your rights, please contact our data protection contact person by sending an email to the following address:
contact@alpineprivacydays.net.
3. Scope and Purpose of the Collection, Processing, and Use of Personal Data
3.1 Data Processing when contacting us
If you contact us through our contact address, email or phone, your personal data is processed. We process the data you provide us with, such as your name, email address, phone number, and your request. We process this data to address your request (e.g., providing information about our event and services, assisting with contract processing, incorporating your feedback into the improvement of our event and services, etc.).
3.2 Data Processing when registering for the Alpine Privacy Days
If you register for the Alpine Privacy Days (e.g. during your visit to our Website), the following data is collected. The optional fields are marked with the addition “(optional)”:
Company
First name
Last name
Email address
Postal address
Payment method and credit card information
We use this data to verify your identity and to check the requirements for registration in the Alpine Privacy Days. Your email address is required for registration confirmation and future communication with you, which is necessary regarding your participation in the Alpine Privacy Days. We store your data together with the selected ticket information, timing, and content of the registration in our CRM database (see Section 4) to ensure proper processing of the registration and contract performance.
To process the registrations and to provide a Ticket for the Alpine Privacy Days, we use a software application provided by Evenito AG, Binzstrasse 23, 8045 Zürich, Switzerland. Therefore, your data may be stored in a database of Evenito AG, which may allow Evenito AG to access your data if this is necessary for providing the software and supporting its use. Information about data processing by third parties and any potential transfer abroad can be found in Section 5 of this Privacy Policy.
3.3 Data Processing during Payment Processing in the course of registration for the Alpine Privacy Days
When you register for the Alpine Privacy Days using electronic payment methods, the processing of personal data is required. By using the payment terminals, you transmit the information stored in your payment instrument, such as the cardholder’s name and card number, to the respective payment service providers (e.g., providers of payment solutions, credit card issuers, and credit card acquirers). They also receive information that the payment instrument was used in connection with our Companies, including the transaction amount and time. In return, we only receive the credit for the amount of the completed payment at the corresponding time, which we can associate with the respective receipt number, or we receive information that the transaction was not possible or was cancelled. Always consider the information provided by the respective company, especially the privacy policy and terms and conditions.
For processing payment through the registration form, we use a software application provided by Evenito AG, Binzstrasse 23, 8045 Zürich, Switzerland. Therefore, your data may be stored in a database of Evenito AG, which may allow Evenito AG to access your data if this is necessary for providing the software and supporting its use. Information about data processing by third parties and any transfers abroad can be found in Section 5 of this Privacy Policy.
3.4 Data Processing related to mailing list
If you sign up for our mailing list (e.g. during your visit to our Website), the following data is collected. Mandatory fields are marked with an asterisk (*):
Salutation
First and last name
Company name
Email address
By signing up to the mailing list, you consent to the processing of this data in order to receive emails from us with invitations and information related to the Alpine Privacy Days. The collection of the salutation, first and last name allows us to associate the registration with any existing registration and personalise the content of the emails accordingly. Linking it to an existing registration allows us to make the offers, information and content contained in the emails more relevant to you and better tailored to your potential needs.
We will use your data to send emails until you withdraw your consent. You can withdraw your consent at any time, in particular by using the unsubscribe link included in all emails.
Our emails may contain a web beacon, 1×1 pixel (tracking pixel), or similar technical tools. A web beacon is an invisible graphic that is linked to the user ID of the respective subscriber. For each email sent, we receive information about which email addresses it was successfully delivered to, which email addresses have not yet received the email, and which email addresses the delivery has failed for. It is also shown which email addresses have opened the email and for how long, as well as which links have been clicked. Finally, we also receive information about subscribers who have unsubscribed from the mailing list. We use this data for statistical purposes and to optimise the frequency and timing of email delivery, as well as the structure and content of the emails. This allows us to better tailor the information and offers in our emails to the individual interests of the recipients.
The web beacon is deleted when you delete the email. You can prevent the use of web beacons in our emails by adjusting the settings of your email program so that HTML is not displayed in messages. You can find information on how to configure this setting in the help documentation of your email software application, e.g. here for Microsoft Outlook.
By subscribing to the mailing list, you also consent to the statistical analysis of user behaviour for the purpose of optimising and customising the emails.
For sending emails, we use a software application provided by HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland. Therefore, your data may be stored in a database of HubSpot, which may allow HubSpot to access your data if this is necessary for providing the software and supporting its use. Information about data processing by third parties and any transfer abroad can be found in Section 5 of this Privacy Policy.
4. Central Data Storage and Analysis in the CRM system
If a clear identification of your person is possible, we will store and link the data described in this Privacy Policy, i.e. your personal information, contact details, contract data, and your browsing behaviour on our Website in a central database. This allows for efficient management of participant data, enables us to adequately process your requests, and facilitates the efficient provision of the services you requested, as well as the performance of the related contracts.
We also analyse this data to further develop our event offers and registration services based on your needs and to provide you with the most relevant information and offers. We also use methods that predict possible interests and future orders based on your use of our Website.
For the central storage and analysis of data in the CRM system, we use a software application provided by HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland. Therefore, your data may be stored in a database of HubSpot, which may allow HubSpot to access your data if this is necessary for providing the software and supporting its use. Information about data processing by third parties and any transfer abroad can be found in Section 5 of this Privacy Policy. Further information about data processing by HubSpot can be found at https://legal.hubspot.com/de/privacy-policy.
5. Disclosure and Cross-Border Transfer
5.1 Disclosure to Third Parties and Third-Party Access
Without the support of other companies, we would not be able to provide our event and the related services in the desired form. To use the services of these companies, it is necessary to share your personal data with these companies to a certain extent. A disclosure of data is limited to selected third-party service providers and only to the extent necessary for the optimal provision of our services.
Two third-party service providers are explicitly mentioned in this Privacy Policy. They include the following service providers:
Evenito AG, Binzstrasse 23, 8045 Zürich, Switzerland. For more information about data processing in connection with Evenito AG, see www.evenito.com.
HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland. For more information about data processing in connection with HubSpot, see www.hubspot.com.
Your data may be disclosed to third parties to the extent necessary for the fulfilment of the contractual relationship, e.g. to Evenito AG and HubSpot or providers of other services. For these data processing activities, the third-party service providers are considered data controllers under the data protection laws, and not us. It is the responsibility of these third-party service providers to inform you about their own data processing, which may extend beyond the mere sharing of data for the provision of services, and to comply with data protection laws.
Furthermore, your data may be disclosed, especially to authorities, legal advisors, or debt collection agencies, if we are legally obliged to do so or if it is necessary to protect our rights, in particular to enforce claims arising from our relationship with you. Data may also be disclosed if another company intends to acquire one or both of our companies or parts thereof, and such disclosure is necessary to conduct a due diligence or to complete the transaction.
5.2 Transfer of Personal Data to Third Countries
We have the right to transfer your personal data to third parties located abroad if it is necessary to carry out the data processing described in this Privacy Policy. Specific data transfers have been mentioned in Section 3 and 4. When making such transfers, we will ensure compliance with the applicable legal requirements for disclosing personal data to third parties. The legal provisions governing the disclosure of personal data to third parties are duly observed. The countries to which data is transmitted include those that, according to the decision of the Federal Council, have an adequate level of data protection (such as the member states of the EU/EEA), as well as those countries (such as the USA) whose level of data protection is not considered adequate (see Annex 1 of the Data Protection Ordinance (DPO)). If the country in question does not provide an adequate level of data protection, we ensure, unless otherwise specified, that your data is adequately protected by these companies by means of appropriate safeguards. These safeguards may be provided for by standard contractual clauses, which can be found on the websites of the Federal Data Protection and Information Commissioner (FDPIC). If you have any questions regarding the implemented measures, please reach out to our data protection contact person (see Section 2).
5.3 Information on Data Transfers to the USA
Some of the third-party service providers mentioned in this Privacy Policy are based in the USA. For the sake of completeness, we would like to inform users residing or based in Switzerland or the EU that certain third-party service providers mentioned in this privacy statement are located in the USA. It is important to note that there are surveillance measures by US authorities in place that generally allow for the storage of all personal data of individuals whose data has been transmitted from Switzerland or the EU to the United States. This occurs without differentiation, limitation, or exception based on the purpose for which the data is being collected and without an objective criterion that would restrict US authorities’ access to the data and its subsequent use to specific, strictly limited purposes that can justify the interference associated with accessing and using the data. Furthermore, we would like to point out that affected individuals from Switzerland or the EU do not have legal remedies or effective judicial protection against general access rights of US authorities, which would allow them to access the data concerning them and to rectify or delete it. We explicitly highlight this legal and factual situation to enable you to make an informed decision regarding your consent to the use of your data.
For users residing in Switzerland or a member state of the EU, we also want to inform you that, from the perspective of the European Union and Switzerland, the United States does not provide an adequate level of data protection, among other reasons, as explained in this paragraph. In cases where we have mentioned in this privacy statement that data recipients (such as Google) are located in the United States, we will ensure through contractual arrangements with these companies and, if necessary, additional appropriate safeguards, that your data is adequately protected at our third-party service providers.
6. Background Data Processing on our Website
6.1 Data Processing when Visiting our Website (Log File Data)
When you visit our Website, the servers temporarily store every access in a log file. The following data is collected without your intervention and stored by us until automatically deleted:
IP address of the requesting computer;
date and time of access;
name and URL of the accessed file;
website from which the access was made, if applicable, with the search word used;
operating system of your computer and the browser you are using (including type, version, and language setting);
device type in case of access from mobile phones;
city or region from which the access was made; and
name of your internet service provider.
The collection and processing of this data is carried out for the purpose of enabling the use of our Website (establishing a connection), ensuring the long-term security and stability of the system, and enabling error and performance analysis and optimisation of our Website.
In case of an attack on the network infrastructure of the Website or suspicion of other unauthorised or improper use of the Website, the IP address and other data will be analysed for clarification and defence purposes; if necessary, they may be used in civil or criminal proceedings for the identification of the respective user.
Finally, when you visit our Website, we use cookies, as well as other applications and tools that rely on the use of cookies. In this context, the data described here may also be processed. For more information, please refer to the subsequent sections of this Privacy Policy, in particular to Section 6.2.
6.2 Cookies
Cookies are information files that your web browser stores on the hard drive or in the memory of your computer when you visit our Website. Cookies are assigned identification numbers that ena-ble your browser to be identified, and allow the information contained in the cookie to be read.
Cookies are used to make your visit to our website easier, more enjoyable, and more meaningful. We use cookies for various purposes that are necessary for the desired use of the website, i.e., “technically necessary.” For example, we use cookies to identify you as a registered user after logging in, so you don’t have to log in again when navigating to different subpages. The provision of ordering functions also relies on the use of cookies. Furthermore, cookies perform other technical functions necessary for the operation of the website, such as load balancing, which distributes the workload of the site across various web servers to relieve the servers. Cookies are also used for security purposes, such as preventing the unauthorized posting of content. Finally, we use cookies in the design and programming of our website, for example, to enable the uploading of scripts or codes.
Most internet browsers accept cookies automatically. However, when accessing our website, we ask for your consent to the use of non-essential cookies, especially for the use of cookies from third parties for marketing purposes. Details regarding the services and data processing associated with each cookie can be found in the following sections of this privacy policy.
You may be able to configure your browser to prevent cookies from being stored on your computer or receive a notification whenever a new cookie is being sent. On the following pages, you will find instructions on how to configure cookie settings for selected browsers.
Google Chrome for Desktop
Google Chrome for Mobile
Apple Safari
Microsoft Windows Internet Explorer
Microsoft Windows Internet Explorer Mobile
Mozilla Firefox
Disabling cookies may prevent you from using all the features of our Website.
6.3 Social Media
Our Website contains links to profiles on the social networks of the following provider:
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, Privacy Policy.
If you click on the “more on [Speaker]” under the Speakers tag, you will be automatically redirected to the profile of the respective Speaker on the respective network. This establishes a direct connection between your browser and the server of the respective social network. As a result, the social network receives information that you have visited our Website with your IP address and clicked on the link. This may also involve the transfer of data to servers abroad, e.g., in the USA (for information on the absence of an adequate level of data protection and the proposed safeguards, see Sections 5.2 and 5.3).
If you click on a link to a social network while you are logged into your user account on that social network, the content of our website can be associated with your profile, allowing the social network to directly link your visit to our website to your account. If you want to prevent this, please log out of your account before clicking on the respective links. A connection between your access to our website and your user account will always be established if you log in to the respective social network after clicking on the link. The data processing associated with this is the responsibility of the respective provider in terms of data protection. Therefore, please refer to the privacy notices on the social network’s website.
7. Retention Periods
We only store personal data for as long as it is necessary to carry out the processing described in this privacy policy within the scope of our legitimate interests. For contractual data, the storage is stipulated by statutory retention obligations. Requirements that oblige us to retain data arise from the accounting and tax law regulations. According to these regulations, business communication, concluded contracts, and accounting documents must be retained for up to 10 years. If we no longer need this data to provide services for you, the data will be blocked. This means that the data may then only be used if this is necessary to fulfil the retention obligations or to defend and enforce our legal interests. The data will be deleted as soon as there is no longer any legal obligation to retain it and no legitimate interest in its retention exists.
8. Data Security
We use appropriate technical and organisational security measures to protect your personal data stored with us against loss and unlawful processing, in particular unauthorised access by third parties. Our employees and the service companies mandated by us are obliged to maintain confidentiality and uphold data protection. Furthermore, these persons are only granted access to personal data to the extent necessary for the performance of their tasks.
Our security measures are continuously adapted in line with technological developments. However, the transmission of information via the Internet and electronic means of communication al-ways involves certain security risks and we cannot, therefore, provide any absolute guarantee for the security of information transmitted in this way.
9. Your rights
If the legal requirements are met, as a data subject, you have the following rights with respect to data processing:
Right of access: You have the right to request access to your personal data stored by us at any time and free of charge if we process such data. This gives you the opportunity to check what personal data concerning you we process and whether we process it in accordance with applicable data protection regulations.
Right to rectification: You have the right to have inaccurate or incomplete personal data rectified and to be informed about the rectification. In this case, we will also inform the recipients of the data concerned about the adaptations we have made, unless this is impossible or involves dis-proportionate effort.
Right to erasure: You have the right to obtain the erasure of your personal data under certain circumstances. In individual cases, particularly in the case of statutory retention obligations, the right to erasure may be excluded. In this case, the erasure may be replaced by a blocking of the data if the requirements are met.
Right to restriction of processing: You have the right to request that the processing of your personal data be restricted.
Right to data portability: You have the right to receive from us, free of charge, the personal data you have provided to us in a readable format.
Right to object: You have the right to object at any time to data processing, especially with regard to data processing related to direct marketing (e.g., marketing emails).
Right to withdraw consent: You have the right to withdraw your consent at any time. However, processing activities based on your consent in the past will not become unlawful due to your withdrawal.
To exercise these rights, please send us an e-mail to the following address: contact@alpineprivacydays.net.
Right of complaint: You have the right to lodge a complaint with a competent supervisory authority, e.g., against the manner in which your personal data is processed.