a. The Organizer does not collect personal data other than that which Contestant voluntarily provide on the website (hereafter “the Website”), in the Application Form and during the personal registration follow up (i.e. name, first name, contact details including email address, mobile phone number, function and organisation, altogether the “Personal Data”), when they register for the Hackathon.
b. Personal Data collected on the Website or during the Registration will be processed by the Organizer for the following purposes: (i) before the Hackathon, communicate with the Contestant and provide him/her with the information requested; (ii) during the Hackathon, and in particular the mobile phone number of one team member identified as “the Team captain”, communicate on (included but not limited to) the projects’ pitches agenda, special security and safety measures...; (iii) processing of access, rectification and opposition requests, and other rights with respect to Personal Data; (iv) claims and litigation management; (v) contact the Contestant for marketing purposes to provide him/her with information about similar events organised by the Organizer or one of its partners.
c. The processing of the Contestants’ Personal Data is necessary for the Organizer to provide them with the services they requested, as well as to enable the Organizer to organize the Hackathon.
d. Contestants’ Personal Data will be processed internally by duly authorized persons, within the limits of their respective attributions.
e. Personal Data may also be communicated to the Organizer’s data processors (including IT service providers) and external services providers such as web developers, marketing solutions providers, to the strictest extent necessary and subject to the existence of contractual guarantees to ensure the security and confidentiality of the data.
f. Contestants’ Personal Data will be processed by the Organizer as a data controller, in compliance with the applicable data protection legislation (i.e. for the time being the Law of 2 August 2002 covering the protection of individuals with regards to the processing of personal data, as amended, and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, - the GDPR -, which entered into force on 25 May 2018, as well as any other subsequent regulation).
g. The Organizer undertakes to implement technical and organizational security measures to ensure the protection of Contestants’ Personal Data against the risks associated with the use of information systems.
h. The Organizer applies generally accepted security standards to help protect Contestants’ Personal Data. However, no method of transmission over the Internet, or of electronic storage, is 100% secure. Therefore, the Organizer cannot guarantee the absolute security of the Personal Data.
i. Personal Data is kept for a period of three (3) years from collection by the Organizer or the last contact from the Contestant.
j. In accordance with the current data protection legislation, the Contestant or, as the case may be, its beneficiaries who can prove they have a legitimate interest, are entitled to obtain, free of charge: (i) access to the personal data concerning the Contestant, (ii) confirmation that the Contestant Personal Data is or is not being processed, (iii) information concerning at least the purposes of the processing, the categories of data to which the processing relates and the recipients or categories to whom the data is communicated, (iv) communication, in an intelligible form, of the data being processed, as well as any available information on the origin of the data.
k. The Contestant (or, as the case may be, his beneficiaries) also has the right to rectify its personal data and a right to object to the collection and processing of such data, on the basis of compelling legitimate grounds.
l. These rights may be exercised by an email addressed to the following address: firstname.lastname@example.org. As of 25 May 2018, the Contestant is entitled to request the erasure of all or part of the data or a restriction of the processing, object to the processing or make use of its right to data portability, within the limits provided by the applicable rules. In the event of a breach of the data protection rules, the Contestant may also lodge a complaint before a supervisory authority such as the National Commission for Data Protection (CNPD).
m. The documents and information submitted with the registration and during the Hackathon will only be submitted to the Juries solely in the context of the Hackathon and will be treated by them as confidential information.