Skip to main content

Privacy Policy

This privacy policy explains how SMOFcon 43 (“we”, “us”, “our”) collects, uses, and protects your personal information. We are committed to protecting your privacy and handling your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Last updated: January 2025

1. Data controller

SMOFcon 43 is the data controller responsible for your personal data. If you have any questions about this privacy policy or our data practices, please contact us at info@smofconlisbon.org.

2. Information we collect

Main website: Our main website does not collect any personal information, use cookies, or employ any tracking technologies.

Registration site: When you register for SMOFcon 43, we collect the following information:

  • Name
  • Email address
  • Country of residence
  • Communication preferences
  • Access requirements
  • Areas of the convention you would like to help with

We only collect information that is necessary for the operation of the convention.

3. How we use your information

We use your personal information to:

  • Process your convention registration
  • Communicate with you about the convention (updates, schedules, important announcements)
  • Accommodate any access requirements you have disclosed
  • Coordinate volunteer activities if you have indicated interest in helping
  • Fulfil our contractual obligations to you as a member

4. Legal basis for processing

We process your personal data on the following legal bases:

  • Contract: Processing is necessary for the performance of our contract with you (your convention membership)
  • Legitimate interests: Processing is necessary for our legitimate interests in running the convention, provided these are not overridden by your rights
  • Consent: Where you have given consent for specific communications or data sharing

5. Cookies

Our main website does not use cookies.

Our registration site uses strictly necessary cookies to enable core functionality such as maintaining your logged-in session. These cookies are essential for the site to function and cannot be disabled.

6. Third parties

We share your data with the following third parties:

Stripe: We use Stripe to process payments. When you make a payment, Stripe will collect payment card details and other information necessary to process your transaction. Stripe's use of your data is governed by their privacy policy.

Mailchimp: We use Mailchimp to send emails to members. We share your name and email address with Mailchimp for this purpose. Mailchimp's use of your data is governed by their privacy policy.

We do not sell your personal data to any third parties.

7. International data transfers

Some of our third-party service providers (Stripe and Mailchimp) are based in the United States. When your data is transferred outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office, to protect your personal data.

8. Who has access to your data

Your personal information is only made available to convention committee members and volunteers who need access to perform their specific roles. Access is limited to what is necessary for each person's responsibilities.

9. Data retention

We retain your personal data for up to 2 years after the convention ends. This allows us to fulfil any post-convention obligations (such as accounting and tax requirements) and to respond to any queries. After this period, your data will be securely deleted.

10. Your rights

Under data protection law, you have the following rights:

  • Access: You can request a copy of the personal data we hold about you
  • Rectification: You can ask us to correct any inaccurate or incomplete data
  • Erasure: You can ask us to delete your personal data in certain circumstances
  • Restriction: You can ask us to restrict processing of your data in certain circumstances
  • Data portability: You can request a copy of your data in a machine-readable format
  • Objection: You can object to processing based on legitimate interests
  • Withdraw consent: Where processing is based on consent, you can withdraw it at any time

To exercise any of these rights, please contact us at info@smofconlisbon.org. We will respond to your request within one month.

11. Children

We do not have a minimum age requirement for registration. If you are under 18 years of age, you must have parental or guardian consent before providing personal information to us. Parents or guardians who become aware that their child has provided us with personal information without their consent should contact us at info@smofconlisbon.org.

12. Data security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.

13. Changes to this policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date.

14. Complaints

If you have concerns about how we handle your personal data, please contact us at info@smofconlisbon.org and we will do our best to resolve your concerns.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe your data protection rights have been violated. You can contact the ICO at ico.org.uk or by phone on 0303 123 1113.