Privacy Policy – find out how we process your personal data
Thank you for choosing us for this event!
We have to process some of your personal data so that you could attend our events. The purpose
of this document is for you to find out how we process your personal data. Please read it
carefully, and in case you have any questions, feel free to contact us by using information
mentioned below.
Who are we? We determine the purpose and means of processing of your personal data (‘data’)
and we are considered to be a controller under the General Data Protection Regulation and the
Serbian Data Protection Law. Controller of your personal data is Milica Andrejevic pr Minerva
Company Number: 66405630, Tax Number: 112865458 (‘Minerva’, ‘Platform’, ‘We’ or
‘Controller’).
Purpose of processing, categories of personal data and legal bases
In order to attend our events and use our Platform, we have to collect and process certain
personal data. Some of the data is required to enter into a contract with you, and if you decide
not to disclose that data to us, you will be unable to use our Platform or attend our events. More
information about what data we collect, for what purposes and what are our legal bases for that
can be found in the below table.
Categories of personal
data
Purpose of processing
To attend our event.
To receive payments from you.
Storing data to be able to defend
against legal claims and to be able
to comply with laws that require
us to store personal data for longer periods of time
To provide you with
customer/technical support – in
case you have any complaint,
feedback or suggestion, we have
to process your personal data to
provide you with the support.
To respond to request from
authorities and law enforcement
agencies.
Legal basis for processing
Processing is necessary for the
performance of a contract to
which the data subject is party
or in order to take steps at the
request of the data subject prior
to entering into a contract.
Processing is necessary for the
performance of a contract to
which the data subject is party
or in order to take steps at the
request of the data subject prior
to entering into a contract
Processing is necessary for compliance with a legalobligation to which thecontroller is subject /If you are in the EU processing of your
personal data is necessary for
the purpose of the legitimate
interest pursued by us
Processing is necessary for the performance of a contract to
which the data subject is party
or in order to take steps at the
request of the data subject prior
to entering into a contract
Processing is necessary for compliance with a legal obligation to which the controller is subject /If you are in the EU processing of your personal data is necessary for the purpose of the legitimate interest pursued by us
First, last name, email
address, company name,
and event details you wish
to attend to
First, last name, address, bank
account and purchase
details
First, last name, email
address, company name,
event details, bank and
purchase details, address, details of
the correspondence
between you and us
First name, last name,
email address, details of
your requests and similar
messages
First, last name, email
address, organisation you
work for, address, purchase and
event details
Legitimate interest as a legal basis
In case where we process your personal data on a basis of legitimate interest, we carefully
balance your interests against ours. If your interests, fundamental rights and freedoms override
the legitimate interest pursued by us, we will find another legal basis or we will not process
personal data for that purpose. You can always contact us to find out how did we apply the
legitimate interest assessment for the particular processing activity.
Recipients of the personal data
We have to share some or all of your personal data with third parties (‘Recipients’), so that you
could use our platform.
Some of them help us operate our Platform. These are hosting companies, our IT vendors who
are helping us to operate the Platform, and similar. Where we are requested by authorities, we
might disclose your personal information.
Recipients can be independent controllers, joint-controllers or processors (e.g., hosting
companies). For more information on this, you can always contact us.
Transfers of personal data to third countries
Your personal data may be transferred to third parties in the Republic of Serbia or other
countries.
If you are in the European Union at the time of collection of your personal data, and we transfer
your personal data outside the European Union, European Economic Association or countries
deemed to provide adequate level of protection of personal data by the European Commission we
use standard contractual clauses approved by the European Commission.
Where we collect your personal data while you are in Serbia, we transfer your data to countries
deemed adequate by the European Commission, they are signatories of the Convention for the
Protection of Individuals with regard to Automatic Processing of Personal Data or to countries
on the List of countries, parts of their territories, one or more sectors in which an adequate level
of protection is provided available here. If the countries where we export personal data are not in
the aforementioned categories, we employ Standard Contractual Clauses.
Retention periods
Data collected is stored until we deliver the requested service to you and until it is required for us
to keep it in order to comply with laws and to be able to defend of legal claims.
Your rights
1. Right of access
You can always contact us to find out if we process your personal data, and where that is
the case, to acquire additional information about the purpose of processing, recipients, to
receive copies of personal data processed and similar.
2. Right to rectification
If you think that some of your personal data is inaccurate or outdated, you can rectify
them through your profile or contact us so that we could do it for you.
3. Right to erasure
Where conditions prescribed by laws are met and you request erasure of your personal
data, we will fulfil your request and delete your personal data.
4. Right to restriction of processing
You can request us to restrict your data from further processing where permitted by Law
(e.g., where your data is inaccurate).
5. Right to data portability
We deliver your data in a structured, commonly used electronic format. You have the
right to request to have this data transferred to another controller where legal
requirements are met.
6. Right to object
You can always object to processing of your personal data. If your personal data is
processed for direct marketing purposes, including profiling related to direct marketing,
we will stop processing your personal data for those purposes.
Where we process your personal data on a basis of legitimate interest or the processing is
necessary or the performance of a task carried out in the public interest we will stop
processing your personal data, unless our legitimate grounds for the processing override
your interests, rights and freedoms of the data subject or for the establishment, exercise or
defence of legal claims.
7. Right to withdraw consent
If we process your personal data on a basis of your consent, you can always withdraw
your consent (e.g., where you have given your consent to have you data processed for
direct marketing purposes). Withdrawal of your consent does not affect lawfulness of
processing prior to that.
8. Use of cookies
Our website uses cookies. For more information visit our Cookie policy. Where cookies
process personal data, this Privacy Policy applies in addition.
Right to lodge a complaint with Serbian Commissioner or Supervisory Authorities in the
European Union.
If you think that we process your personal data contrary to the Serbian Data Protection Law, you
can lodge a complaint with the Serbian Commissioner for Information of Public Importance and
Protection of Personal Data. You can contact the Commissioner here.
If you are in the European Union when we collect your personal data, you can lodge a complaint
with one of the bodies responsible for monitoring the application of the GDPR or a National
Member State Law. You can find the list here.