Skip to main content

PRIVACY NOTICE

LIST’S TECH DAY 2023

PRIVACY NOTICE

Last revised: April 2023

  1. An overview of data protection

The Luxembourg Institute of Science and Technology (hereafter “LIST”, “we”) is committed to ensure the highest standards of data protection in compliance with the national applicable legislation and with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereafter “GDPR”).

The present notice aims at illustrating what personal data we collect about you, the reason why LIST uses your data and, as the case may be, share your data and the applicable retention periods. Additionally, the notice also provides you with information regarding your rights, how to exercise them and whom you can contact in case of any query.

  1. Scope of the notice

The present notice is directed to:

  • visitors of LIST’s Tech Day 2023 website (hereafter the “website”);
  • individuals who contact us by any means in relation to the Tech Day 2023 (hereafter the “Event”);
  • participants to the Event (hereafter the “Participants”);
  • speakers at the Event.

Hereinafter together “You”.

  1. Identity of the data controller

The data controller is LIST, having its registered office at 5, Avenue des Hauts-Fourneaux L-4362 Esch-sur-Alzette, Luxembourg.

LIST is responsible for collecting and processing your personal data in relation with LIST’s activities.

  1. Why and how your personal data is processed

LIST collects and uses your personal data for the following purposes:

Purpose

Details

To perform and execute agreements

In the case of sponsors and speakers, LIST processes personal data needed to perform and execute the required agreements. This includes:
  • to prepare and execute agreements;
  • to deliver the Event;
 
  • to process payments; and
  • to manage invoices and receipts.
 

Event management

LIST will process your personal data to properly organize and deploy the Event, which includes:

  • managing Participants’ registration and participation to an Event (e.g. distribution of badges, managing of dietary requirements, provide updates and details regarding an event, distribution of satisfaction forms, managing complaints, feedback and queries regarding the Event);
  • taking photographs and/or videos of the Event for dissemination in different media (LIST Intranet, LIST's social media accounts, conferences,…) and promotion to the general public;
  • publishing and sharing the Event’s program;
  • performing statistics and evaluation of the Events.  
 

Processing of contact details for answering inquiries related to the Event or LIST

LIST will process your personal data to contact you upon your own request at the contact details You indicate to provide you with information for the Event.

Processing of contact details for inviting Participants to future events

LIST will process your personal data to manage your subscription to the mailing list of LIST's future events.

Processing of contact details for sending Participants LIST newsletter

LIST will process your personal data to manage your subscription to LIST’s newsletter.

Processing of contact details for recontacting Participants to explore future collaboration opportunities

LIST will process your personal data to contact You through our Partnership Officers to discuss possibilities of future collaboration between You and LIST.

  1. How we obtain the personal data

We may collect your personal data directly from You

  • when You register to the Event
  • when You attend the Event,
  • when You communicate with us via email,
  • when You use or visit our website.
  1. Categories of personal data we process

The categories of personal data that we collect about you may vary depending on your use of the website. Those include:

  • Contact details (name, surname, e-mail, address, phone number),
  • Professional information (job title company/organisation, topic of interest),
  • Technical data: device identification data and traffic data (e.g. IP addresses, web logs, etc.),
  • Your dietary requirements,
  • Your image, audio and likeliness (as captured in photographs or recordings realised at the Event),
  • Any other requirement (such as accessibility requirements).
  1. Legal basis for processing

Below you can find the list of legal basis on whose grounds LIST collects and processes Participants’ personal data:

Purpose

Legal basis

To perform and execute agreements

The processing of personal data is necessary to execute a contract with the sponsors and speakers participating in the Event.

After the Event, in the case of financial transactions, LIST will need to process your personal data to comply with legal obligations.

Event management

LIST processes personal data for such purpose under LIST’s legitimate interest in properly organizing and deploying the Event. The use made of the personal data benefits You since it allows LIST to inform the public about the Event and deliver it to You. In case of dietary requirements, we process such personal data on the basis of your explicit consent provided when you voluntarily decide to communicate them to us.

Processing of contact details for inviting Participants to future events

Consent provided during the Event registration. To withdraw consentYou can click the unsubscribe link in the footer of any email received or contact LIST at communication@list.lu.

Processing of contact details for sending Participants LIST newsletter

Consent provided during the Event registration. To withdraw consent, You can click the unsubscribe link in the footer of any email received or contact LIST at communication@list.lu.

Processing of contact details for recontacting Participants to explore future collaboration opportunities

Consent provided during the Event registration. To withdraw consent, you can contact LIST at communication@list.lu.

  1. Share of your personal data with third parties

LIST may share your personal data with:

  • LIST’s internal departments on a need-to-know basis, in order to ensure the proper organization and management of the Event;
  • LIST’s Partnership Officers based on your interests in order to discuss with You about opportunities to collaborate with You;
  • The public in general in relation to dissemination of photographs and videos;
  • External service providers that perform services on LIST behalf, such as catering companies, event organisation or communication agencies service providers and IT service providers.

In case of disclosure of your personal data to the aforementioned external subjects, LIST shall take appropriate steps to ensure that third parties will apply adequate protection to this data as required by the applicable data protection legislation.

Some of the mentioned recipients of your personal data may be located in countries outside the European Union or the European Economic Area (EU/EEA):

•     Ungerboeck Systems International GmbH: We use Ungerboeck, a company based in Germany, as our event management platform. Ungerboeck as our processor must ensure the compliance of its subcontractors providing contractual services outside the EU/EEA with EU data protection regulations. Particularly, this processor is authorized to involve Ungerboeck Systems International, Inc (United States) under the European Commission's Standard Contractual Clauses. Further information can be found at: ungerboeck.com/privacy-policy.

•     The Rocket Science Group LLC d/b/a Mailchimp: Mailchimp is the online platform that we use to manage and send LIST newsletters. Mailchimp may transfer and process personal data to and in the United States and anywhere else in the world where Mailchimp, its affiliates or its sub-processors maintain data processing operations. As between LIST and Mailchimp, such processing is done in compliance with the standard contractual clauses. For more details, you can have a look at the following webpage: mailchimp.com/en-gb/legal/data-processing-addendum/.

•     Sli.do s. r. o.: This processor based in Slovakia, provides a cloud-based platform that enables real-time active engagement of participants at Events – Slido. In the absence of an adequacy decision, personal data may only be transferred to a third country outside the EEA where there are appropriate safeguards (e.g. pursuant to the standard contractual clauses). Further details are made available by the processor: www.slido.com/terms.

•     Mentimeter AB (publ): Mentimeter is a Swedish limited liability company that provides an audience engagement platform. Please refer to this recipient privacy notice: www.mentimeter.com/trust/legal/privacy-policy.

Further information about the mentioned transfers and the safeguard measures applied by LIST can be obtained by contacting us at dpo@list.lu.

  1. Ensuring personal data security and integrity

In compliance with the applicable data protection legislation, LIST has put in place appropriate technical and organisational measures in order to prevent or act upon any unauthorised and unlawful processing or disclosure, accidental loss, modification or destruction of personal data. These measures are implemented based on the current state of art, an evaluation of the risks derived by the processing activity and the need to protect personal data. Such technical and organisation measures are regularly updated and/or adjusted to new technical developments or any organisational change that may affect LIST.

  1. Cookies

This website uses cookies. Cookies are small text files that are sent and stored to your personal computer or device when you visit a website. The information stored may be returned to the website’s servers or to the servers of the relevant third parties during a subsequent visit.

Cookies have different functions. In general, cookies are necessary for the website to work in a correct way (for instance, by saving your current session). Cookies can also be used to analyse your browsing behaviour and to optimize your experience.

  1. Data retention periods

LIST will only retain your personal for a period of time that is strictly necessary for the purposes for which we collect your data, without prejudice to LIST to keep them for a longer duration for legal and/or regulatory obligations applying to LIST or due to exceptional situations that would justify them being kept longer (judicial procedure, etc.). Below are the details regarding the time we keep your personal data:

Purpose

Retention period

To perform and execute agreements

Your personal data will be retained for 30 years (maximum) from the termination of the agreement in accordance with Art. 2262. Code Civil.

Event management

In this case, we will keep your personal data in accordance with our retention schedule.

Processing of contact details for inviting Participants to future events

Until you unsubscribe to the newsletter.

Processing of contact details for sending Participants LIST Newsletters

Until you unsubscribe to the newsletter.

Processing of contact details for recontacting Participants to explore future collaboration opportunities

In this case, we will keep your personal data in accordance with our retention schedule.

  1. Your rights and how to exercise them

With regards to your personal data collected and processed by LIST, you may exercise at any time the following rights:

  • Right to access: You have the right to receive confirmation about whether or not your personal data is being processed by LIST. If that is the case, you have the right to know what data is being collected and processed and to obtain of copy of it;
  • Right to rectification: If the personal data we hold about you is inaccurate or incomplete, you have the right to request to have it rectified;
  • Right to erasure: Subject to certain conditions specified in art. 17 of the GDPR, you have the right to have your personal data deleted by LIST;
  • Right to restriction of processing: Subject to certain conditions specified in art. 18 of the GDPR, you have the right to obtain restriction of the processing of your personal data performed by LIST;
  • Right to data portability: Subject to certain conditions specified in art. 20 of the GDPR, you have the right to obtain a copy of the personal data you provided to LIST in in a structured, commonly used and machine-readable format and to request the transfer of these data to another data controller;
  • Right to object: You have the right to object the processing of your personal data when the conditions set out in art. 21 of the GDPR apply;
  • Right to withdraw consent: If LIST is processing your personal data based on your consent, you have the right to withdraw that consent at any time. The withdrawal of such consent shall not affect the lawfulness of processing based on consent before its withdrawal.
  • Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with the Commission Nationale pour la Protection des Données (CNPD). More information on how to lodge a complaint are available on CNPD’s website: https://cnpd.public.lu.

You may exercise any of these rights by contacting the Data Protection Officer (DPO) of LIST:

  • by e-mail at the following address: dpo@list.lu,
  • or by post at:

Luxembourg Institute of Science and Technology

Attn. Data Protection Officer

5, Avenue des Hauts-Fourneaux

L-4362 Esch-sur-Alzette, Luxembourg.

  1. Link to other websites

Please be aware that this website may contain links to other websites, that are not governed by this Privacy Notice. We encourage users to review the privacy notice of each website before disclosing any personal data.

  1. Changes to this notice

LIST may make changes to this privacy notice from time to time, to reflect our current privacy practices or to comply with changes in the applicable data protection legislation. LIST encourages you to regularly visit this page in order to remain informed on our data protection policies.