Privacy policy | RetailTec Congress

Privacy policy

Privacy Policy and cookie files Website www.retailteccongress.com

1. General provisions

The following Privacy Policy and cookie files determines the rules regarding the processing of personal data obtained via the website www.retailteccongress.com.
The following Privacy Policy and cookie files is for informative purposes, which means that it is not the source of obligations for people using the website. The Privacy Policy and cookie files contains above all else rules regarding the processing of personal data by the Administrator on the website, including the legal grounds, purposes and scope of processing the personal data and the rights of those who the data regards, and also data regarding the application of cookie files and analytical tools on the website.

The Administrator of personal data, in the understanding of legal provisions on the protection of personal data, is MM Conferences S.A. with seat in Warsaw at ul. Długa 44/50, 00-241 Warsaw, entered into the Entrepreneurships Register of the National Court Register directed by the Regional Court for the Capital City of Warsaw, XII Economic Department under National Court Register No. 0000300045, Tax No. PL9522040486, REGON 141312256, e-mail address odo@mmcpolska.pl (hereinafter referred to as: „Administrator” or MMC).
The legal grounds for the processing of personal data by the Administrator is the Regulation of the European Parliament and Council (EU) 2016/679 of the 27th of April 2016 regarding the protection of natural persons in connection to the processing of personal data and regarding the free flow of such data and the repealing of directive 95/46/WE (a general regulation on data protection), hereinafter: “Regulation”.
The Administrator takes special care to respect the privacy of people visiting the website www.retailteccongress.com.

The Administrator guarantees the confidentiality of all provided personal data and ensures the taking of all security measures and personal data protection required by the legal provisions for personal data protection. Personal data is collected with due diligence and properly protected against access by unauthorised persons.

The Administrator does not collect or process any sensitive data, referred to in the Regulation as “specific categories of personal data”. It also does not want to collect or process data of minors under the age of 16 years old.

2. User permissions

The User has the following rights resulting from the processing of his/her personal data:
the right to request access to their own personal data – The User has the right to gain confirmation if the Administrator is processing his/her personal data and if so, is entitled to gain access to the data and receive data regarding such data, such as: the reason for processing, categories of data, data of recipients or categories of recipients, which data is remaining or has been publicized, the planned period of personal data storage and the criteria of deciding such a period; the above-mentioned rights also applies to the right to receive a free copy of such data (for all further copies for which the User requests, the Administrator may request a fee at a reasonable amount resulting from administrative costs),

the right to rectify personal data (when they are incorrect), which also includes making a request to supplement incomplete personal data,

the right to remove personal data (the so-called “right to be forgotten”), in the following circumstances: when the User’s personal data is no longer required for the purposes for which they were collected, the User has revoked approval for their processing and there is no other existing legal grounds for its their processing, the User has objected to the processing of personal data, the personal data was processed in an unlawful way, personal data must be deleted in order to comply with the legal obligation provided by European Union law or the law of the Member State of which the Administrator is subject, personal data was collected in connection with the offering of social data services,

the right to restrict the processing of personal data, when: the User questions the correctness of personal data (for a period allowing the Administrator to check the accuracy of this data), the processing is illegal and the User opposes the deletion of the data, the Administrator no longer needs the personal data for processing purposes, but it is necessary for the User to establish, asset or defend claims, the User objects to the processing – to a time when it is determined whether the legitimate grounds on the part of the Administrator override the grounds of the User’s objection

the right to object against the processing of personal data,

the right to transfer personal data, including receipt from the Administrator of a structured, commonly used machine-readable format for personal data which was provided to the User, including the right to request for personal data to be sent by the Administrator directly to another Administrator (as long as it is technically possible),

the right to withdraw consent for processing data at any given moment (with the withdrawal of consent not affecting the lawfulness of the processing which was made on the basis of expressed consent before its withdrawal),

the right to submit a complaint to the President of the Personal Data Protection Office, if the User considers that the processing of personal data violates the provisions of the Regulation.
In the event of any questions connected with the processing of personal data and in order to realize the above-mentioned rights, the Administrator should be contacted via e-mail odo@mmcpolska.pl

3. Entrustment of data

For the correct functioning of the website, including the realization of concluded sales contracts, the Administrator must use the services of external entities. The Administrator uses only the services of such processing entities who provide sufficient guarantees to implement appropriate technical and organizational measures, so that the processing meets the requirements of the Regulation and protects the rights of the subjects to which the data applies. The Administrator entrusts the processing of personal data to the following entities: service providers providing the Administrator with technical, IT and organisational solutions (specifically providing computer software, e-mail providers and hosting as well as providing software for company management, contact with clients and technical assistance to the Administrator), entities organising events with the Administrator, entities performing accounting services and HR – The Administrator shares collected personal data of the User with selected services operating on behalf of the Administrator only in the case and to the extent necessary to achieve one of the given purposes of data processing in accordance with this privacy policy.
All entities entrusted with the processing of personal data to the Administrator guarantee the use of appropriate security measures and the security of personal data required by law.
The Administrator may be obliged to share data collected via the website to an authorised entity on the grounds of lawful demands in the scope resulting from the request.

4. Selected purposes of processing, storage period and range of data:

Purpose of processing: contact with the Administrator via e-mail.
Legal grounds: Article 6(1a) Regulation – agreement.
Storage period: to the moment of revoking agreement by the User, and upon the revocation of consent for a period of time corresponding to the period of limitation of claims that may be raised by the Administrator and which may be raised against it.
Range of data: e-mail address, data voluntarily entered into the contents of messages by the User.
The consequence of not providing the above-mentioned data will result in the lack of possibility of the Administrator to contact the User via e-mail.

Purpose of processing: recruitment.
Legal grounds: Article 6(1a) Regulation – agreement.
Storage period: to the moment of revoking agreement by the User, and upon the revocation of consent for a period of time corresponding to the period of limitation of claims that may be raised by the Administrator and which may be raised against it.
Range of data: forename, surname, e-mail address and data voluntarily entered into the contents of messages by the User.
The consequence of not providing the above-mentioned data will result in the lack of possibility to take part in the recruitment process.

Purpose of processing: contact with the Administrator via the contact form.
Legal grounds: Article 6(1a) Regulation – agreement.
Storage period: to the moment of revoking agreement by the User, and upon the revocation of consent for a period of time corresponding to the period of limitation of claims that may be raised by the Administrator and which may be raised against it.
Range of data: forename, surname, e-mail address and data voluntarily entered into the contents of messages by the User.
The consequence of not providing the above-mentioned data will result in the lack of possibility for contact with the Administrator via the contact form.

Purpose of processing: sending marketing data regarding products or services of the Administrator and its partners.
Legal grounds: Article 6(1a) Regulation – agreement.
Storage period: to the moment of revoking agreement by the User, and upon the revocation of consent for a period of time corresponding to the period of limitation of claims that may be raised by the Administrator and which may be raised against it.
Range of data: e-mail address, data voluntarily entered into the contents of messages by the User.
The consequence of not providing the above-mentioned data will result in the lack of possibility of receiving marketing data.

Purpose of processing: initiation and execution of the contract with a client.
Legal grounds: Article 6(1b) Regulation – contract.
Storage period: to the moment to which it is required to execute the contract or for a period of time corresponding to the period of limitation of claims that may be raised by the administrator and which may be raised against it (legal ground: Polish Civil Code, Journal of Law 1964, No. 16, position 93 / Journal of Law 2018, position 1025).
Range of data: forename, surname, company, position, department, e-mail address and telephone number of the Participant; forename, surname, department, e-mail address and telephone number of the Applying Person. The consequence of not providing the above-mentioned data is the lack of possibility of participating in the event.

Purpose for processing: issuing invoices.
Legal grounds: fulfilling the legal responsibility of issuing invoices – Art. 6(1c) GDPR in connection with Art. 106b(1.1) Tax on Goods and Services Act (Journal of Law 2004, No. 54, position 535 / Journal of Law 2017, position 1221).
Period of storage: until the tax liability expires (legal grounds: Tax on Goods and Services Act, Journal of Law 2004 No. 54, position 535 / Journal of Law 2017, position 1221).
Range of data: full name, company, address, tax number, REGON, telephone number, e-mail address. The consequence of not providing the above-mentioned data means it will be impossible to issue an invoice.

Purpose for processing: recommendation of the event.
Legal grounds: Article 6(1a) Regulation – agreement.
Period of storage: to the moment of revoking agreement by the User, and upon the revocation of consent for a period of time corresponding to the period of limitation of claims that may be raised by the Administrator and which may be raised against it.
Range of data: forename, surname, position, company, e-mail address.
The consequence of not providing the above-mentioned data means it will be impossible to provide a recommendation.

Purpose for processing: registering journalist accreditation.
Legal grounds: Article 6(1b) Regulation – contract.
Period of storage: to the moment for which it is required to execute the contract or for a period of time corresponding to the period of limitation of claims that may be raised by the Administrator and which may be raised against it (legal grounds: Polish Civil Code, Journal of Law 1964, No. 16, position 93 / Journal of Law 2018, position 1025).
Range of data: forename, surname, position, e-mail address, telephone number, editorial office, company, type of accreditation.
The consequence of not providing the above-mentioned data means the lack of possibility for registering for a journalist accreditation and participating in the event as a journalist.

Purpose of processing: image publication.
Legal grounds: Article 6(1a) Regulation – agreement.
Period of storage: to the moment of revoking agreement by the User, and upon the revocation of consent for a period of time corresponding to the period of limitation of claims that may be raised by the Administrator and which may be raised against it.
Range of data: image.
The consequence of not providing the above-mentioned data will result in the lack of possibility of publishing photographs and video recordings with the participant’s image by the Administrator.

Purpose for processing: initiating and executing contracts with a Speaker.
Legal grounds: Article 6(1b) Regulation – contract.
Period of storage: to the moment for which it is required to execute the contract or for a period of time corresponding to the period of limitation of claims that may be raised by the Administrator and which may be raised against it (legal grounds: Polish Civil Code, Journal of Law 1964, No. 16, position 93 / Journal of Law 2018, position 1025).
Range of data: forename and surname, position, company name, e-mail address, telephone number of the Speaker and the forename, surname, e-mail address and telephone number of a person selected by the Speaker.
The consequence of not providing the above-mentioned data will result in the lack of taking part in the event as a Speaker.

Purpose for processing: participation in the Competition.
Legal grounds: Article 6(1b) Regulation – contract.
Period of storage: to the moment for which it is required to execute the contract or for a period of time corresponding to the period of limitation of claims that may be raised by the Administrator and which may be raised against it (legal grounds: Polish Civil Code, Journal of Law 1964, No. 16, position 93 / Journal of Law 2018, position 1025).
Range of data: forename and surname, position, company name, e-mail address, telephone number. The consequence of not providing the above-mentioned data is the lack of possibility of taking part in the Competition.

5. Analysis of network traffic and cookies, social plugins

While visiting our website, we use the so-called “cookie files”. Cookie files are small text files saved by the User’s browser. Cookie files don’t contain any data allowing for the direct identification of a specific User. The User may turn off the option to use cookie files in the browser settings, and also delete cookie files automatically or manually. We draw attention to the fact, however, that in such a case, our website may not work or work correctly.

On our website, we also use the Google Analytics traffic analysis tool (Google LLC., USA) to create anonymous user statistics. The Google Analytics tool uses cookie files. Generated data is processed in the USA only in special circumstances. If the User has any doubts about the use of Google Analytics, the User may block the tool, e.g. by installing the appropriate add-ons to the browser.

Our website also uses functions from various social media services (“social plugins”). Social plugins are buttons available on our website. Without the User clicking these buttons while visiting our website, they do not send any data to specific social media services. Only after clicking the given button is data sent directly to the server of the given social media service and may collect data using cookie files.
If the User is logged into social media, it may register its visit to the www.retailteccongress.com website to the User. We have no influence on the range of data which is downloaded by social media services after clicking the button. Information on the purposes of data collection, the range of data collection, their further processing and their use by specific social media services and the User’s rights connected with them and the possible settings in order to protect the privacy can be found in the privacy policies of the specific social media services.
We use social media plugins from the following services:
– Youtube Inc.;
– Facebook Inc.;
– Google LLC.;
– Linkedin Corp.

If the User have a profile in ay of the social media services, but does not want for the service administrator to collect the User’s data through our website and eventually connect them with other saved data, before visiting other websites, we ask for the User to be completely logged out of the given social media service and the deletion of all cookie files.

6. Server logs

Using the website involves sending queries to the server on which the website is stored. Each query directed to the server is saved in the server logs. The logs are saved and stored on the server. Data saved in the server logs are not associated with specific people using the website and are not used by the Administrator in order to identify the User. The above data is only used for server administration. The server logs are only helpful material serving for server administration, and their contents are not revealed to anyone other than people authorised to administrate the server.

Follow our event


I agree to the processing of my personal data in accordance with Regulation of the European Parliament and Council (EU) 2016/679 of the 27th of April 2016 regarding the protection of natural persons in connection to the processing of personal data and regarding the free flow of such information and the repealing of directive 95/46/WE in order to send marketing information regarding products or services of the Administrator and its partners (the current list of partners can be found on the website). Agreement is voluntary. I agree to receive trade information electronically from the Administrator in accordance with the Electronic Services Act of the 18th of July 2002 (Journal of Law 2002, No. 144 position 1204). Agreement is voluntary. I agree for the usage of telecommunications equipment and automatic systems resulting in direct marketing by the Administrator in accordance with the Telecommunication Act of the 16th of July 2004 (Journal of Law 2014, position 243 as amended). Agreement is voluntary.

The Administrator of personal data is MM Conferences S.A. with seat in Warsaw (00-193), ul. Stawki 2. Your data will be processed in order to realize contracts, send marketing information and for the Administrator to publish your image. More