Personal information we collect
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit allaboutcookies.org
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, items ordered, price paid, email address, and phone number. We refer to this information as “Order Information.”
How do we use your personal information?
We share the Order Information that we collect with suppliers you purchase from generally toallow them to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with order details and/or order confirmations). Additionally, suppliers and organisers use this Order Information to:
Communicate with you;
Screen orders for potential risk or fraud; and
When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimise our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
Sharing your personal information
We share your Personal Information with the suppliers you order from and organisers who run the event. We use Stripe to power our payment - you can read more about how Stripe uses your Personal Information here.
We also use Google Analytics to help us understand how our customers use the Site - you can read more about how Google uses your Personal Information here.
You can also opt-out of Google Analytics here.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at Networkadvertising.org
Do not track
Please note that we do not alter our Site’s data collection and use practices when we see a
Do Not Track signal from your browser.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through email@example.com
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at firstname.lastname@example.org or by mail using the details provided below:
Knoll House, Knoll Road, Camberley, Surrey, GU15 3SY
EEA, SWITZERLAND, AND UK ONLY
The EU General Data Protection Regulation (GDPR)
In May 2018, a new data privacy law known as the EU General Data Protection Regulation (or the "GDPR") went into effect. The GDPR requires FFAIR and Organisers using the Service to provide Users with more information about the processing of their Personal Data.
Here is what you need to know:
Legal grounds for processing your Personal Data
The GDPR requires us to tell you about the legal ground we're relying upon to process any Personal Data about you. The legal grounds for us processing your Personal Data for the purposes set out in Section 4 above will typically be because:
• you provided your consent;• it is necessary for our contractual relationship;• the processing is necessary for us to comply with our legal or regulatory obligations; and/or• the processing is in our legitimate interest as an event organising and registration platform (for example, to protect the security and integrity of our systems and to provide you with customer service, etc.).
Transfers of Personal Data
As FFAIR is a global company, we may need to transfer your Personal Data outside of the country from which it was originally provided. This may be intra-group or to third parties that we work with who may be located in jurisdictions outside the EEA, Switzerland, and the UK which has no data protection laws or laws that are less strict compared with those in Europe.
Whenever we transfer Personal Data outside of the EEA, Switzerland, or the UK, we take legally required steps to make sure that appropriate safeguards are in place to protect your Personal Data. This includes the use of Standard Contractual Clauses.
Personal Data retention
We retain your Personal Data for as long as necessary to provide you with our Services, or for other important purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements.
If you have an account with us, we will typically retain your Personal Data for ninety (90) days after you have requested that your account is closed or if it's been inactive for seven (7) years.
Data protection law provides you with rights in respect of Personal Data that we hold about you, including the right to request a copy of the Personal Data, request that we rectify, restrict or delete your Personal Data, object to profiling, and unsubscribe from marketing communications.
For the most part, you can exercise these rights by logging in and visiting the My Account page or changing the "cookie settings" in your browser (see our Cookie Statement for more information). If you can't find what you're looking for in the My Account page, please contact us using the contact information set out in Section 15 above. Please note that requests to exercise data protection rights will be assessed by us on a case-by-case basis. There may be circumstances where we are not legally required to comply with your request because of the laws in your jurisdiction or because of exemptions provided for in data protection legislation.
If you have a complaint about how we handle your Personal Data, please get in touch with us as outlined in Section 15 to explain. If you are not happy with how we have attempted to resolve your complaint, you may contact the relevant data protection authority.
FFAIR as a data controller and a data processor
EU data protection law makes a distinction between organizations that process Personal Data for their own purposes (known as "data controllers") and organisations that process personal data on behalf of other organisations (known as "data processors"). If you have a question or complaint about how your Personal Data is handled, these should always be directed to the relevant data controller since they are the ones with primary responsibility for your Personal Data.
FFAIR may act as either a data controller or a data processor in respect of your Personal Data, depending on the circumstances.
For example, if you create an account with us to organise your events, FFAIR will be a data controller in respect of the Personal Data that you provide as part of your account. We will also be a data controller of the Personal Data that we have obtained about the use of the Applications or FFAIR Properties, which could relate to Organisers or Consumers. We use this to conduct research and analysis to help better understand and serve Users of the Services as well as to improve our platform and provide you with more targeted recommendations about events, exhibitors, sponsors, and other attendees we think may be of interest to you.
However, if you register for an event as a Consumer, we will process your Personal Data to help administer that event on behalf of the Organiser (for example, sending confirmation, promotional and feedback emails, processing payments, etc.) and to help the Organiser target, and understand the success of, their event and event planning (for example, providing event reports, using analytics to gain insights into the effectiveness of various sales channels, etc.). In these circumstances, FFAIR merely provides the tools for Organisers; FFAIR does not decide what Personal Data to request on registration forms, nor is it responsible for the continued accuracy of any Personal Data provided. Any questions that you may have relating to your Personal Data and your rights under data protection law should therefore be directed to the Organiser as the data controller, not to FFAIR.