Privacy Policy

Welcome to BSides Bournemouth

We are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018, and any other relevant data protection and privacy laws. This Privacy Policy explains how we collect, use, share, and protect your personal data, as well as your rights in relation to it.

1. Who We Are

Controller: For the purposes of the UK GDPR, BSides Bournemouth is the “data controller” of any personal data collected through this Site. This means we determine how and why your data is processed.

Contact Details:

• Email: [email protected]
• Registered Address: Suite A, 82 James Carter Road, Mildenhall, United Kingdom, IP28 7DE

2. Data We Collect

• Email Address & Company Name: When you sign up via our Mailchimp form for potential sponsorship opportunities, we collect your email address and, optionally, your company name.
• Event Registration Information: When you register or purchase tickets for our events via Eventbrite, we receive the information necessary to confirm your registration (e.g., name, email address). Payment details are handled directly by Eventbrite; we do not store or process your payment information on our servers.
• No Cookies: We do not use cookies or other tracking technologies on our Site. No additional data—such as IP addresses or browsing patterns—is collected automatically.

3. How We Use Your Data

• Sponsor Communication: To communicate with you about sponsorship opportunities or respond to any queries you submit through our Mailchimp form.
• Event Management: To manage event registrations and ticket sales through Eventbrite, including sending you information about event logistics, updates, and confirmations.
• Customer Support & Administration: To handle your requests, complaints, or enquiries, as well as to maintain the Site and our related services.

Legal Basis for Processing:

• Consent: Where required (e.g., sending you sponsorship updates), we rely on your consent, which you can withdraw at any time.
• Contract: In the context of registering for events, we process your data to perform a contract or take steps to enter into a contract with you (i.e., providing the event ticket).
• Legitimate Interest: In some instances, we may rely on our legitimate interests to communicate with you and ensure our services are functioning effectively, provided those interests are not overridden by your rights and freedoms.

4. How We Share Your Data

• Service Providers: Mailchimp: We use Mailchimp to manage sponsor-related mailing lists. By providing your email and company name via our Mailchimp form, you acknowledge that your data may be transferred to Mailchimp for processing in accordance with Mailchimp’s Privacy Policy.
• Eventbrite: We use Eventbrite to handle event registration and ticket sales. Your personal information is processed by Eventbrite in accordance with Eventbrite’s Privacy Policy.
• Legal Obligations: We may disclose your personal data if required by law or in response to valid requests by public authorities (e.g., a court or government agency).
• Business Transfers: In the event of a merger, reorganisation, or transfer of assets, your personal data may be transferred as part of the transaction. We will ensure appropriate confidentiality obligations are in place.
• No Sale of Personal Data: We do not sell or rent your personal data to third parties for their marketing or any other purposes.

5. International Transfers

Mailchimp & Eventbrite: These providers may process or store your data outside the UK or European Economic Area (EEA). Whenever we transfer your data internationally, we ensure a similar level of protection is afforded by implementing safeguards such as standard contractual clauses (SCCs) or ensuring providers are certified under appropriate frameworks.

6. Data Retention

We retain your personal data only for as long as is necessary for the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Once it is no longer needed, we securely delete or anonymise your data.

7. Your Rights Under UK GDPR

• Right to Access: You have the right to request copies of your personal data.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
• Right to Erasure (“Right to be Forgotten”): You have the right to request the deletion of your personal data in certain circumstances.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• Right to Object: You have the right to object to our processing of your personal data, in certain circumstances.
• Right to Data Portability: You have the right to request that we transfer the data you have given us to another organisation or directly to you, under certain conditions.
• Right to Withdraw Consent: If we rely on your consent to process your data, you can withdraw that consent at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request in accordance with applicable data protection laws.

8. Security Measures

We take appropriate security measures (technical and organisational) to protect your personal data from loss, misuse, unauthorised access, alteration, disclosure, or destruction. However, please note that no internet transmission can be guaranteed to be 100% secure.

9. Children’s Privacy

Our Site is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have collected personal data from a child, please contact us so we can promptly remove it.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. When we do, we will post the revised policy on this page and update the “Last Updated” date at the top. We encourage you to review this Privacy Policy periodically.

11. Complaints

If you have any concerns about our data processing, please contact us first so we can address your concerns. You also have the right to lodge a complaint with the UK’s data protection authority, the Information Commissioner’s Office (ICO), if you believe that your data protection rights have been infringed. For more information, please visit www.ico.org.uk.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise any of your rights, please contact us at: [email protected]