For the purposes of the General Data Protection Regulation (EU 2016/679), the data controller is SC sa (see Contact Details). SC sa is based in Luxembourg and is responsible for data collected in relation to websites and tradeshows managed by SC sa. You should be aware that although SC sa may be principally responsible for looking after your personal data, information may be held in databases which can be accessed by other affiliated entities of SC sa.
We may make changes to this Policy from time to time in order to keep it up to date and compliant with legal requirements. Please refer to the "Last Updated" date at the bottom of this page to see when this Policy was last revised. We may also notify you about significant changes by email, using the address you last provided or by posting an alert which will be displayed when you access our systems. This Policy is not intended to override the terms of any contract that you have with us or between buyers and suppliers (or any rights you might have available under applicable data protection laws).
The primary point of contact for all issues arising from this Policy, including requests to exercise data subject rights, is our Data Protection Officer. If you have a complaint or concern about how we use your personal information, please contact us in the first instance and we will attempt to resolve the issue as soon as possible. The Data Protection Officer can be contacted by:
- Email at firstname.lastname@example.org
Alternatively, you may contact our Customer Services Department
- Email at email@example.com
- Phone +352 691320633
You also have a right to lodge a complaint with a data protection authority for your country or region or where an alleged infringement of applicable data protection laws occurs.
How Do We Collect Your Personal Data?
At Trade Shows, Roadshows, Seminars and Conferences
- Registration Forms
- We ask visitors to register their attendance by completing a form which we then enter into our systems.
- Check-In updates
- We ask visitors to update/complete data retrieved from previous registrations held in our system.
- Business Cards
- We scan and store details of visitor's business cards.
- Booth Visit History
- Exhibitors use the SC sa Supplier App to scan visitors' badges when visitors call at their booths. Visit data is then uploaded to our servers.
Through Website Forms
- Registration & Inquiry Forms
- We ask visitors to our online sites to register in order to personalize and use the site's messaging functions. We support both a full and a lite registration mode that captures minimal data. Additionally, we have a self-registration function for suppliers who wish to register as an advertiser on our site.
- Subscription Forms
- We capture details of site visitor's subscriptions and preferences to services such as Notifications, Product/Supplier Alerts, Print Magazines, and eMagazines.
- Sample/Small Order Forms
- We capture details of sample and small orders placed by visitors to advertisers on the site.
- Private Sourcing Events
- We capture basic details of buyers interested in applying for our Private Sourcing service.
Call Center Activities
- We periodically contact people and seek information for market surveys and research questionnaires or to qualify prospects for our services or those of our advertiser community, e.g., to qualify potential:
- visitors to our shows and/or online sites, or
- advertisers/exhibitors to our shows and/or online sites
- Customer Service
- Online users, and Trade Show visitors and potential advertisers contact us for enquiries, complaints, suggestions or feedback through our Customer Service Team via online chat system, hotline, fax or email.
- Additionally, there are small numbers of potential advertisers who call in. Their details are qualified and entered into our systems.
Systems Tracking Functions
We collect data from other sources, such as public databases, joint marketing partners and other third parties including third party software applications and social media platforms. The data collected through these third party sources will be combined with information we collect through our services where this is necessary to help manage our relationship with you.
What Personal Data Do We Collect?
The personal information we collect include:
- Contact and Communication Details
- This includes your name, addresses, telephone numbers, email addresses, and social media contact details.
- Business Details
- Job title, role, company name, and company demographics, i.e., number of employees, turnover, etc. Please note that contact details typically are work related since our mission is to facilitate B2B trade.
- Marketing preferences inferred from subscriptions to product/supplier alerts, print and eMagazines and Trade Show news.
- Display and language preferences
- Details of calls/messaging made between:
- Customer service team members and visitors and advertisers/exhibitors
- Sales Team members and advertisers/exhibitors or prospects
- Advertisers/exhibitors and online visitors sent through Message Center, e.g., RFI, RFQ, RFS.
- Advertisers/Exhibitors and online visitors sent though Tencent chat facility
- Buying & Payment History
- What sample requests or other orders placed between advertisers and site visitors
- What seminars/events booked at Trade Shows
- What print and eMagazines subscribed to
- Device and Log Information
- The internet domain and IP address from where you access our websites and apps.
- The type of browser software and operating system used to access our websites and apps.
- The date and time you access our websites and apps
- If you linked into our websites and apps from another website, the address of that website (referrer URL), and:
- The pages you enter, visit and exit our websites and apps from
- Your account log-in/online identifier
- Unique device identifiers (such as the address of the device's wireless network interface (MAC Address), or mobile phone number used by the device)
- Online Behavioral Data
- Session frequency
- Search terms used
- Pages visited and how they were accessed (for path analysis)
- Products /suppliers inquired on or profiles viewed
- Whitepapers downloaded
- Apps downloaded
- Offline Behavioral Data
- Trade shows, exhibitions, and conferences visitors attended
- Exhibitors visited (captured through SC sa Buyer App)
- Summits/seminars/events attended
What Do We Use Your Personal Data For?
We use the data to provide you with our products and services, to develop new offerings and to protect SC sa and our visitors, exhibitors, buyers, suppliers and advertisers as detailed below. In some instances, we will request that you provide data to us directly. If you do not provide the data that we request, or prohibit us from collecting such data, we may not be able to provide the requested products and services.
We use the data for our legitimate business interests, including the following:
- To create personalized product recommendations on behalf of online advertisers to present to online visitors by email or phone.
- To market relevant SC sa online services (e.g., Product/Supplier Alerts, Magazines) by print DMs, eDMs, telemarketing calls, SMS or other platforms including Facebook, LinkedIn or through third party agencies.
- To market relevant SC sa Tradeshows and services (e.g., Buyer apps, Summits, Start Up Launchpad) by print DMs, eDMs, telemarketing calls, SMS or through other platforms including Facebook, LinkedIn or through 3rd party agencies
- To create contact lists of Online and/or Trade Show visitors who have opted in to third party marketing. These lists are segmented based on visitor preferences, behaviors or demographics and can be rented/sold to verified third party vendor for direct marketing on behalf of their clients.
- Using third party marketing materials from our partners (advertisers or service providers) to market to SC sa Online and Trade Show visitors who have opted in to third party marketing. These visitors are segmented based on preferences, behavior or demographics, by print DMs, eDMs, telemarketing calls, SMS or through other platforms including Facebook, LinkedIn or through third party agencies.
- Create contact lists for surveys and similar market research activities.
- To facilitate review of visitor details for qualification purposes by Advertisers and Exhibitors who have received Requests for Information or similar from visitors to our Online site or Tradeshows, through our Messaging Service and to facilitate communications between parties by email/phone/chat in relation to such requests.
- Our Customer Services team may use your personal data when responding to your comments, feedback, inquiries, questions, to give you appropriate support to fulfil your needs and requests
- Our Technical Support team may use your personal data to (i) facilitate internal purposes such as auditing, data analysis, and research to improve our products, services and improve your user experience, including providing more relevant customized content to you; (ii) detect, investigate and prevent fraudulent transactions and other illegal activities and protect your rights and property as well as ours.
- Use the data for purposes associated with our legal and regulatory obligations.
We will only use your personal data for those purposes set out above and only where we are satisfied that it is necessary and that its use falls under one or more of the following legal grounds, i.e.:
- To comply with a relevant legal or regulatory obligation that we are subject to
- To fulfill obligations under a contract signed between you and us, or
- To support 'legitimate interests' that we have as a business provided it is always carried out in a way that is proportionate and that respects your privacy rights
- Or exceptionally for clearly defined and limited cases, where you have freely given consent
How Do We Secure your Personal Data?
Whilst we cannot guarantee to keep your data 100% secure, we are committed to protecting you (and us) from unauthorized access to, or unauthorized alteration, disclosure, destruction of personal information that we hold.
- We regularly review our information collection, storage and processing practices, including physical, logical and organizational security measures, to guard against unauthorized access to systems and data stores.
- Our regular reviews include engaging external security consultants to test effectiveness of implemented security measures.
- We restrict access to personal information to our employees, contractors and agents who need access to the relevant personal information in order for them to process it for us and who are subject to strict contractual confidentiality obligations.
- We implement strong access control mechanisms, such as two-factor authentication, identity & access management in addition to strong password policies.
- Where appropriate, we use technical solutions such as encryption, pseudonymization and anonymization to further protect data at rest and in transit.
On your part, we encourage you to use a unique and strong password to protect your account, activate the two-factor authentication (2FA) feature that we provide, limit access to your computer and log out after using our services. In addition, you should make sure your computer is updated with the latest security patches and protected with an anti-malware product at all times.
Please note that you are responsible for the personal information that you choose to share, disclose or submit voluntarily while using our website and which can be viewed by members of third party applications or messengers.
How Long Do We Keep Your Personal Data?
In some circumstances we may retain your personal information for longer periods of time, for example, where we are required to do so to meet legal, regulatory, tax or accounting requirements or in the event of any complaint or challenge, or if we reasonably believe there is a possibility of legal action relating to your personal information or dealings. Under normal circumstances this should not exceed 7 years from the date of the last engagement with you.
Who Do We Share Your Personal Data With?
We may share your personal information with third parties, to help manage our business and deliver services as outlined below:
- Service providers, who perform functions on our behalf such as fulfilling orders, who help manage our IT and back office systems, delivering packages, sending postal mail and email, removing repetitive information from customer lists, analyzing data, providing marketing assistance, providing search results and links (including paid listings and links), and providing customer services.
- Data protection authorities, regulatory authorities and law enforcement agencies, in Luxembourg, EU and around the world.
- Other third parties, for the purpose of detecting, preventing or otherwise addressing fraud, security or technical issues, protecting against harm to the rights, property or safety of our users or the public.
- We may disclose or transfer your data to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of SC sa business, assets or stock (including any bankruptcy or similar proceedings).
We may use your personal information to send you direct marketing communications about our products and services or our related services according to your preferences either with your consent or because we have a legitimate interest to do so, including our latest product announcements and upcoming events. This may be in the form of emails, SMS, telephone calls or targeted online advertisement. We limit direct marketing to a reasonable proportionate level, and to send you communications which we think will be interesting and relevant to you, based on the information we have about you.
You have choices when it comes to how we use your data and we want to ensure you have the information to make the choices that are right for you.
If you no longer want to receive marketing-related emails, SMS, or printed materials, you may opt out by following the instructions in any such emails, SMS or printed materials you receive from us.
Based on information we have collected about you and your viewing habits and analytics about performance of our content, offers and ad, we personalize the content, offers and ads made available to you to make your experience more relevant.
This constitutes profiling: We segment visitors by applying selection criteria and business rules using software code (and algorithms) to process relevant data semi-automatically to produce personalized content recommendations, e.g., recommended products which appear in marketing emails or online when you visit our sites. If you wish to opt-out of receiving personalized content, please contact the Customer Services Team or DPO.
Transfers of Personal Data to Non EU Countries or International Organizations
The data that we collect from you may be transferred to, and stored at, a location outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or one of our service providers. We will take all steps reasonably necessary to ensure that your data is treated securely, in accordance with this privacy notice, and will only transfer your personal information to other countries that are either:
- Recognized by the European Union as providing an adequate level of data and legal protection, for example, to the US under the EU - U.S. Privacy Shield which covers the protection of personal information transferred to the US. (https://www.privacyshield.gov/article?id=OVERVIEW )
- Or by ensuring that transfers to other Non-EU counties are protected by appropriate contractual commitments.
You have the right to request more information about the safeguards we have put in place. Please contact the DPO .
What Rights do you have?
You have a number of rights in relation to your personal information. Specifically, you have the right to request:
- Access to Your Data - You can ask us to:
- Confirm whether we are processing your personal information
- Give you a copy of that data
- Provide you with other information about your personal information, such as what data we have, what we use it for, who we disclose it to, whether we transfer it abroad and how we protect it, how long we keep it for, what rights you have, how you can make a complaint, where we got your data from and whether we have carried out automated decision making or profiling, to the extent that information has not already been provided to you in this notice.
- You can ask us to rectify inaccurate personal information in our files. We may seek to verify the accuracy of the data before rectifying it.
- Erasure (Right to be Forgotten) - You can ask us to erase your personal information, but only where:
- It is no longer needed for the purposes for which it was collected; or
- You have withdrawn your consent (where the data processing was based on consent); or
- It follows a successful right to object; or
- It has been processed unlawfully; or
- It is necessary to comply with a legal obligation.
We are not required to comply with your request to erase your personal information if the processing of your personal information is necessary:
- For compliance with a legal obligation; or
- For the establishment, exercise or defense of legal claims.
- Restriction - You can ask us to restrict (i.e. keep but not use) your personal information, but only where:
- Its accuracy is contested, to allow us to verify its accuracy; or
- The processing is unlawful, but you do not want it erased; or
- It is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
- You have exercised the right to object, and verification of overriding grounds is pending.
- We have your consent; or
- To establish, exercise or defend legal claims; or
- To protect the rights of another natural or legal person.
- You can object to any processing of your personal information which has our 'legitimate interests' as its legal basis, if you believe your fundamental rights and freedoms outweigh our Legitimate Interests. Once you have objected, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights, however, this does not apply as far as the objections refers to the use of personal information for direct marketing purposes.
- Data Portability
- You can ask us to provide your personal information to you in a structured, commonly used, machine-readable format, or you can ask to have it 'ported' directly to another Data Controller, but in each case only where:
- The processing is based on your consent or the performance of a contract with you; and
- The processing is carried out by automated means.
- Information about any automated processing e.g. segmentation or profiling using your data. You can ask not to be subject to such processing.
- Information about International Transfers.
- You can request details about international transfers of your data
- Identity - We take the confidentiality of all records containing personal information seriously and reserve the right to ask you for proof of your identity if you make a request.
- Fees - We will not ask for a fee to exercise any of your rights in relation to your personal information, unless your request for access to information is unfounded, repetitive or excessive, in which case we will charge a reasonable amount in the circumstances.
- Timescales - We aim to respond to any valid requests within one month unless it is particularly complicated or you have made several requests, in which case we aim to respond within three months. We will let you know if we are going to take longer than one month. We might ask you if you can help by telling us what exactly you want to receive or are concerned about. This will help us to action your request more quickly.
- Exemptions - Local laws, including in the EU member states, provide for additional exemptions, in particular to the right of access, whereby personal information can be withheld from you in certain circumstances, for example where it is subject to legal privilege.
In the context of marketing, please note that we will maintain a suppression list if you have opted out from receiving marketing content to ensure that you do not receive any further communications.
We can continue to use your personal information following a request for restriction, where:
To exercise your rights, you can contact us as set out above. Please note the following if you do wish to exercise these rights: