Privacy policy appendix no. 2 to the Terms of Participation in the Meet Magento Conference

I. Personal data administration:

Administration of personal data of Attendees, Speakers and entities represented by them is handled by SNOWDOG limited liability company, Mostowa 11, 61-854 Poznań (henceforth: the Administrator).

Contact data:

SNOWDOG limited liability company, Mostowa 11, 61-854 Poznań

e-mail: hello@snow.dog

II. Terms of personal data protection:

  1. The Administrator commits to undertaking appropriate and sufficient actions aimed at protecting the data from unauthorized access of third parties or unauthorized disclosure to third parties.
  2. The Administrator discloses that databases of the https://meetmagento.pl/ website are protected against unauthorized access and insight of third party persons.
  3. The Administrator carefully picks and utilizes appropriate technological and organizational means that ensure security of processed personal data. Personal data can only be accessed by people authorized to do so.

III. The goal of and basis for processing data:

Personal data of Attendees and Speakers of the Conference are processes for the following goals:

  • creation of and, based on an agreement concluded by Attendees or Speakers with the Administrator, or undertaking, upon request of Attendees or Speakers, actions by the Administrator prior to concluding an agreement on their participation in the Conference (art. 6. par. 1, letter b RODO*),,
  • fulfilling the legal responsibilities on the side of the Administrator, which stem from the currently binding law of either the European Union or Poland (e.g. tax and billing obligations) - processing personal data is necessary to fulfill the legal obligations the Administrator is subject to (art. 6. par. 1, letter b RODO*),
  • providing ways to process payment services, ensuring the safety of those services, that are provided electronically by the Administrator, handling requests by means of e.g. a contact form in cases where they are not directly connected to fulfilling the obligations of the agreement, realizing the agreement of participation in the Conference in cases where the agreement is finalized by the Administrator and a third person and the Speaker or Attendee is a beneficiary, debt collection, conducting court, executionary, administrative and mediational proceedings, storing the data for archival, statistical and accounting purposes (to fulfill the obligations of currently binding legal principles of the European Union or Poland), using the image for purposes of broadcasting in mass media, documenting, promotion or advertising - processing is necessary for the realization of our legally justified interests, which are: handling the services and ensuring their security, handling your requests, fulfilling the terms of the contract on participation in the Conference, determining, investigating and protection against claims, data archivization, statistics, ensuring accountability, broadcasting in mass media, documentation, promotion or advertising (art. 6. par. 1, letter b RODO*),
  • direct marketing of products or services, including sending newsletters, saving data as cookie files - based on your consent (art. 6. par. 1, letter b RODO* with regard to art. 172 of telecommunications law),
  • presenting a COVID-19 vaccination certificate in case of participation in the Conference in-person - based on your consent (art. 6. par. 1, letter b RODO*).

    Personal data of entities represented by Attendees and Speakers of the Conference are processed for the following goals:
  • creation of and, based on an agreement concluded with the Administrator, or undertaking by the Administration, upon request of the entity represented by a Speakers or Attendees of the Conference, prior to concluding an agreement on their participation in the Conference (art. 6. par. 1, letter b RODO*),
  • fulfilling the legal responsibilities on the side of the Administrator, which stem from the currently binding law of either the European Union or Poland (e.g. tax and billing obligations) - processing personal data is necessary to fulfill the legal obligations the Administrator is subject to (art. 6. par. 1, letter b RODO*),
  • providing ways to process payment services, ensuring the safety of those services, that are provided electronically by the Administrator, handling requests by means of e.g. a contact form in cases where they are not directly connected to fulfilling the obligations of the agreement, realizing the agreement of participation in the Conference in cases where the agreement is finalized by the Administrator and a third person and the Speaker or Attendee is a beneficiary, debt collection, conducting court, executionary, administrative and mediational proceedings, storing the data for archival, statistical and accounting purposes (to fulfill the obligations of currently binding legal principles of the European Union or Poland) - processing is necessary for the realization of our legally justified interests, which are: handling the services and ensuring their security, determining, investigating and protection against claims, data archivization, statistics, ensuring accountability (art. 6. par. 1, letter b RODO*),
  • direct marketing of products or services, including sending newsletters, saving data as cookie files - based on your consent (art. 6. par. 1, letter b RODO* with regard to art. 172 of telecommunications law).

IV. Categories of personal data:

  1. The Administrator will process the following categories of personal data belonging to Attendees of the Conference:
    • basic identification data,
    • address,
    • e-mail address,
    • job position,
    • line of business,
    • financial identifying data, including bank statements,
    • basic identification data of the entity represented by the Attendee,
    • image (only in case of in-person participation in the Conference),
    • health status data in a form of a COVID-19 vaccination certificate (only in case of in-person participation in the Conference).
  2. The Administrator will process the following categories of personal data of the Speakers of the Conference:
    • basic identification data,
    • address,
    • e-mail address,
    • telephone number,
    • job position,
    • line of business,
    • financial identifying data, including bank statements,
    • personal data supplied by the Speaker in a CV,
    • image (only in case of in-person participation in the Conference),
    • health status data in a form of a COVID-19 vaccination certificate (only in case of in-person participation in the Conference).
  3. The Administrator will process the following categories of personal data of entities represented by Attendees and Speakers of the Conference:
    • basic identification data,
    • address,
    • e-mail address,
    • line of business,
    • financial identifying data, including bank statements.
    • basic identification data of an entity represented by the Speaker

V. Personal data recipients:

Personal data can be shared with the following types of entities:

  • Magento Association - an association of US law residing in Chicago (330 North Wabash Suite 2000 Chicago, Illinois 60611),
  • subcontractors, understood as entities used by the Administrator to process data: entities providing the Administrator with accounting and billing services, hosting services, IT services, providers of cloud solutions,
  • entities intermediating the Conference sign-up process,
  • other entities, authorized by the current rule of law to receive the data,
  • such entities process personal data according to the principles outlined in an agreement, including an agreement entrusting them with processing personal data, concluded with the Administrator, or according to the current rule of law.

VI. Transferring personal data to a third party state of an international organization:

The Administrator intends to transfer the data to a third party state, outside of the European Economic Area.

The transfer of data will occur on the basis of clear consent, because the European Commission concluded an insufficient level of security of data transferred exclusively on the basis of the European Commission’s decision from 12.7.2016 concerning the USA, the so-called Privacy Shield.

VII. Period of storing personal data:

  1. Personal data belonging to Attendees and Speakers will be stored within the following time periods:
    • personal data processed in order to create of and, based on an agreement concluded by Attendees or Speakers with the Administrator, or undertake, upon request of Attendees or Speakers, actions by the Administrator prior to concluding an agreement on their participation in the Conference - up until the finalization of the undertaking, dissolving or terminating of said agreement, with a reservation that in some cases personal data can also be processed after finalization of the undertaking, dissolving or terminating of said agreement, but exclusively when it is allowed or required accordingly with the current rule of law, for example expiration of potential claims included in the agreement or expiration of tax obligations,
    • personal data processed in order to fulfill the legal obligations of the Administrator stemming from absolute binding rule of European Union or polish law (for example, billing and tax obligations) - up until the legally defined expiration of the obligation to store the data,
    • personal data processed to provide payment services, ensure safety of services provided by the Administrator electronically, handle requests from for example, contact forms, in cases where they are not directly connected to fulfilling the terms of the agreement, realize the terms of the Conference participation agreement in cases where the agreement is concluded by the Administrator with a third party, claim debts, conduct court, executionary, administrative or mediational proceedings, store data for archival purposes, ensuring accountability and for statistical purposes (to fulfill the legal obligations stemming from the rule of law of the European Union or Poland), using the image for purposes of broadcasting in mass media, documenting, promotion or advertising - up until the expiration of all claims stemming from the agreement/s, or claims connected to processing personal data up until raising an objection, but only up to the period of 5 years,
    • personal data processed for purposes of direct marketing of products or services, including sending newsletters, storing data in cookie files - up until withdrawal of consent, or up until raising an objection, for the period of 10 years at the most.
  2. Personal data belonging to entities represented by Attendees and Speakers of the Conference will be stored within the following time periods:
    • personal data processed in order to create of and, based on an agreement concluded by Attendees or Speakers with the Administrator, or undertake, upon request of Attendees or Speakers, actions by the Administrator prior to concluding an agreement on their participation in the Conference - up until the finalization of the undertaking, dissolving or terminating of said agreement, with a reservation that in some cases personal data can also be processed after finalization of the undertaking, dissolving or terminating of said agreement, but exclusively when it is allowed or required accordingly with the current rule of law, for example expiration of potential claims included in the agreement or expiration of tax obligations,
    • personal data processed in order to fulfill the legal obligations of the Administrator stemming from absolute binding rule of European Union or polish law (for example, billing and tax obligations) - up until the legally defined expiration of the obligation to store the data,
    • personal data processed to provide payment services, ensure safety of services provided by the Administrator electronically, handle requests from for example, contact forms, in cases where they are not directly connected to fulfilling the terms of the agreement, realize the terms of the Conference participation agreement in cases where the agreement is concluded by the Administrator with a third party, claim debts, conduct court, executionary, administrative or mediational proceedings, store data for archival purposes, ensuring accountability and for statistical purposes (to fulfill the legal obligations stemming from the rule of law of the European Union or Poland) - up until the expiration of all claims stemming from the agreement/s, or claims connected to processing personal data up until raising an objection, but only up to the period of 5 years,
    • personal data processed for purposes of direct marketing of products or services, including sending newsletters, storing data in cookie files - up until withdrawal of consent, or up until raising an objection, for the period of 10 years at the most.

VIII. Rights of Attendees, Speakers and entities represented by Attendees and Speakers of the Conference:

Attendees, Speakers and entities represented by Attendees and Speakers of the Conference have the following rights:

  1. a right to access their data and receiving their copy,
  2. a right to correct their data,
  3. a right to delete their data If, in your opinion, there’s no basis for the Administrator to process your data, you can request to have them deleted.
  4. a right to limit the processing of data You have a right to request the Administrator to limit the processing of your personal data to just storing them or performing actions you consented to, in cases when, in your opinion, the Administrator has incorrect data on you or is processing them baselessly; or in cases where you do not want them deleted, because you require them to determine, investigate or defend claims; or for the period of an objection you have raised concerning processing of data.
  5. a right to raise an objection against processing of data Marketing objection. You have the right to raise objections against having your data processed for direct marketing purposes. In case you utilize this right - the Administrator will cease using data for this purpose.

Raising an objection because of an exceptional situation. You have the right to raise an objection against processing your data for reasons other than direct marketing based on a legally justified interest. It is also applicable when data processing is necessary for the Administrator to finalize a public interest task, or for the Administrator to use their public power. In such cases you should explain your exceptional situation, which, in your opinion, justifies a cease of processing the data included in the objection, to the Administrator. The Administrator will cease processing the data for these purposes, unless they will prove that the reasons for processing your data by the Administrator are imperative to your rights or your data are necessary for the Administrator to determine, investigate or defend claims.

  1. a right to move data You have the right to receive your personal data, supplied by you on terms of the agreement or your consent, if the processing is being done in an automatized way, structured in a commonly used format that can be accessed mechanically (for example, the ‘csv’ format) from the Administrator. You can also request the Administrator to send these data directly to another entity.
  2. a right to raise an objection to a supervisory authority If, in your opinion, the Administrator processes the data in a way that is against the law, you can raise an objection in this matter to the Head of the Office of Protection of Personal Data (Prezes Urzędu Ochrony Danych Osobowych).
  3. a right to withdraw the consent to have your data processed You can withdraw your consent to have your data processed at any time. This concerns the personal data that are processed by the Administrator based on your consent. Withdrawal of the consent will not impact the legality of processing that had been done based on your consent, prior to its withdrawal.

To perform your rights, please send your request to: hello@snow.dog or send it to the following address: SNOWDOG limited liability company, Mostowa 11, 61-854 Poznań.

IX. Information on a necessity/voluntarity of providing data:

The act of providing of the data by you in order to participate in the Conference is voluntary, however it is a condition for participation in the Conference.

The act of providing of the data for direct marketing purposes of products or services, including sending newsletters, saving data in cookie files, is voluntary.

X. Information on the source of data:

The personal data of entities represented by the Attendees or Speakers of the Conference were obtained by the Administrator from either a Speaker or an Attendee.

XI. Cookie files:

  1. The https://meetmagento.pl/ website utilizes cookie files, which are defined as information data, particularly text files, stored in users’ terminal devices that can be used to access web pages.
  2. Information collected with cookie files allow for customization of services and content for both individual needs and preferences of the user, as well as are used to formulate overarching statistics about the ways users use web pages.
  3. Personal data collected by cookie files are collected exclusively to perform clearly defined functions on behalf of the users and are encrypted in a way that makes it impossible for unauthorized people to access it.
  4. By principle, two types of cookie files is used - session and persistent:
    • session cookies are temporary files, which remain on user’s device up until leaving the web page or turning off the software (the Internet browser);
    • persistent cookies are files that remain on the user’s device for a time period defined in cookie files parameters, or up until their manual deletion by the user.
  5. Software used to browse web pages (Internet browser) usually allows for storing of cookie files in the user’s terminal device by default. The user can enact changes in this area. The Internet browser allows the user to delete cookie files. It is also possible to block cookie files. Details on this topic can be found in help setting or the Internet browser documentation. Accordingly with the above, utilizing cookie files, for example, for marketing purposes, requires the user’s consent. This consent can be expressed by a correct configuration of the user’s Internet browser and can be withdrawn at any moment, particularly by cleaning the cookie file history and turning off cookie servicing in the browser’s settings.
  6. Limiting cookie files use can impact some functionalities available on web pages.

    *RODO - a decree by the European Parliament and The Council of the European Union 2016/679 from 17.04.2016 concerning the protection of physical entities in the area of processing personal data, as well as the flow of such data, and revocation of the 95/46/WE directive (an overall decree on data protection).

    Last updated: 27.08.2021
Meet Magento is organized as part of