The CIEC GL events (Beijing) International Exhibition Co.,Ltd. is very concerned about the protection of your Personal Data (defined below) and undertakes to collect and process your Personal Data in accordance with applicable laws and regulations of the People’s Republic of China (“PRC”) and the General Data Protection Regulation 2016/679 dated April 27th, 2016 (“GDPR”) (collectively “Applicable Laws and Regulations”) and under the conditions set out below.
WHO IS THE DATA CONTROLLER?
“We”, “us”, “Our” and “Data Controller” refer to CIEC GL events (Beijing) International Exhibition Co.,Ltd. registered in the PRC with registered address at http://www.build-decor.com/en/registration.shtml.
Data processed via the registered form of the CIEC GL events (Beijing) International Exhibition Co.,Ltd. is accessible via http://www.build-decor.com/en/registration.shtml.
WHAT CATEGORIES OF DATA do WE COLLECT and how do we collect?
We collect different categories of information and data as follows:
“Personal Data” is any information, or combination of information, that relates to you, that can be used (directly or indirectly) to identify you.
We collect Personal Data either directly through you, or automatically on our Website, or indirectly.
Ø PERSONAL DATA WHICH YOU COMMUNICATE TO US DIRECTLY
You may have to communicate your Personal Data to us directly when:
- You fill in your data in one of the forms on our Website
- Signs up to receive our newsletters
- Submits a request via the contact form
- Accept our cookie policies
In this context, the categories of Personal Data collected by us are as follows:
- Personal Data concerning your identification (surname, first name, gender, user name, nationality, date of birth, geographical location, etc.)
- Personal contact data (postal address, email address, telephone number, etc.)
- Data concerning your professional life (interests, preferences, company, position occupied, etc.)
- Economic and financial data (means of payment, etc.)
Ø PERSONAL DATA WHICH WE COLLECT AUTOMATICALLY
We automatically collect some of your Personal Data when you browse on our Website.
We thus collect certain data concerning your connection and browsing (IP address, date and time of connection, pages visited, operating system, type of browser you are using, the link through which you arrived on our Website, etc.).
Ø PERSONAL DATA WHICH WE COLLECT INDIRECTLY
Lastly, we may collect your Personal Data via social media (Facebook, Twitter, LinkedIn, etc.). This applies in particular when you use these social media via the Website by clicking the social media icons for example.
If you do not want your Personal Data to be collected via social media when you click dedicated icons, you must refer to the confidentiality/Personal Data/cookie policies of the social media concerned.
“Non-Personal Data” is any information that is not reasonably practicable to directly or indirectly identify you, including the following:
- “Location Data” is information that is derived from your GPS, WIFI, compass or IP address that contains location information. You will disclose certain location information to us when you:
o Use certain location-based features, and
o Access our Website, as we derive location information from your IP address, device, or internet service to prevent multiple or fraudulent log-ins to your account.
- FOR WHAT PURPOSES ARE YOUR personal DATA PROCESSED?
Your Personal Data are processed for the following purposes:
1. Use, development and management of our customer/prospect databases
a. Sending newsletters or information
b. Commercial prospecting
c. Processing requests to exercise your rights
d. Managing contact requests
e. To manage our business, including the protection of users, maintain the security of our services, and protect our rights or property
2. Improving our services and personalizing our services for you
a. Compiling statistics
b. Conducting satisfaction surveys
c. Managing subscriptions to newsletters / e-newsletters
d. To provide and improve the functioning and security of this Website for all users
3. Complying with legal obligations
a. To make disclosures as may be required by any law or regulation, government official or other third party, including any card association or other payment network. Such disclosures may also be made pursuant to any subpoena, court order or other legal process or requirement applicable to us
b. To make disclosures to third parties including relevant regulators to prevent any harm or financial loss, to report suspected illegal activity or to deal with any claim or potential claim brought against us
4. We may also use your Personal Data in other ways for which we provide specific notice at the time of collection.
WHAT ARE THE LEGAL GROUNDS FOR THE PROCESSING WHICH WE CARRY OUT ON YOUR PERSONAL DATA?
We process your Personal Data only when the processing envisaged can be justified on one of the following four (4) legal grounds:
1. The processing is necessary to meet a legal obligation
2. The processing constitutes a legitimate interest for us
In cases in which we have a legitimate interest in processing your Personal Data, we take care not to act against your interests or in breach of your fundamental rights and freedoms.
In addition, we take care to guarantee you the possibility, at the time of the collection of your data and subsequently, of opposing the processing your Personal Data, justified by a legitimate interest, if the purposes of this processing concern commercial prospecting.
We have a legitimate interest in processing your Personal Data when:
- You are one of our customers or prospects and we wish to send you communications and carry out commercial prospecting for any product or service and/or we wish to carry out internal analyses.
Legitimate interest: use of our commercial database.
- You make a contact request.
Legitimate interest: management of our customers/prospects’ requests.
3. You have consented to the processing carried out on your Personal Data.
4. This is the case when we wish to transfer your Personal Data to partners or trusted third parties.
- IS IT COMPULSORY TO COMMUNICATE YOUR PERSONAL DATA?
The Personal Data which you must imperatively communicate to us are identified by asterisks in our data collection forms or identified as such.
If you choose not to communicate the abovementioned Personal Data to us, we will be unable to answer your contact request.
- WHO ARE THE RECIPIENTS OF YOUR PERSONAL DATA?
The recipients of your Personal Data are the departments concerned of the Data Controller.
Our partners are also liable to receive your Personal Data if you have agreed to this.
We are also liable to use trusted third parties such as IT service providers, who may then be recipients of your Personal Data.
Lastly, we may also have to share your data with subsidiaries of the GL events Group, either because you have agreed to this or because this is necessary to meet your request.
Some of these partners, trusted third parties or subsidiaries of GL events Group may be located outside the European Union and/or the PRC. When necessary, appropriate guarantees have been provided, particularly through the introduction of standard data protection clauses adopted by the European Commission as well as the national data protection standards of the PRC, being subject to the requisite formalities with the governmental authorities.
- Where Do We Store and Protect Your Data?
- HOW LONG DO WE STORE YOUR PERSONAL DATA?
We store your Personal Data for the time necessary for operations, for the time required to meet legal obligations in accordance with the Applicable Laws and Regulations and/or, when we carry out commercial prospecting for a maximum period of three years starting from the last effective contact with the prospect/customer, apart from exceptions justified by a particular context.
- WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?
You have a right to access, correct and delete data concerning you, a right to limit the processing carried out on your data, a right to the portability of your data and the right to define general and specific guidelines defining the way in which you wish your rights to be exercised after your death.
You are expressly informed that you also have a right to oppose the processing of your Personal Data for legitimate reasons, and a right to oppose the use of these data for commercial prospecting purposes.
To exercise your rights, please send an email to this email address: email@example.com
- SECURITY OF YOUR PERSONAL DATA
We ensure the security of your Personal Data by setting up reinforced data protection through the use of physical and logistic security means in accordance with the Applicable Laws and Regulations.