PRIVACY POLICY
1. Introduction to who we are & General Terms
The Global Cybersecurity Association (GCA), Zürich, Switzerland is a not-for-profit organisation (NGO) with the unique aim of countering cyber crime and advancing cybersecurity resilience. In doing so, we work with some of the most well-known global cyber professionals and sponsors to provide strategies and practical plans through our symposium, conferences and job portal. Our aim is to forge a pathway to cybersecurity resilience.
We are committed to protecting your (and your team’s) personal information when you are using GCA services or participating in events while acting in accordance with legislation at all times. We want our services and conferences to be safe and enjoyable environments for our participants and users.
This Privacy Policy will explain what type of personal data we may collect from you, how we will use your personal data, when we will process your personal data and whether we will share your personal data with any third parties. We may change this Policy from time to time in accordance with national legislation and the EU General Data Protection Regulation (GDPR) requirements. This is why we invite you to please occasionally check this page so that you are happy with the way we process your personal data.
For any question regarding the processing of your personal data, you can email us at contact martin.tang@globalcybersecurity.ch. Or you can call us at +41 78 915 9142.
Our address is: Neunbrunnenstrasse 151, 8050 Zürich, Switzerland.
2. What type of personal data we may collect from you?
In order for us to provide you the full range of Global Cybersecurity Association services, we may need to collect your personal data. This means that we may collect your personal data when you use our website, LinkedIn page, when you email us, send us letters or other types of correspondence or when you call us. We may do so also when you ask us to sponsor a conference or event or when you want to engage with our events, newsletters, competitions.
Whenever you use our website or LinkedIn page, we may collect your name, address, email address, internet protocol (IP) address, time zone and location, the type of device used to access the website, the browser type and version. You can find more information in our Cookie Policy here.
When you register for one of our events, we may collect your name, address, email address, professional contact details and phone number. By submitting your personal details, you allow the Global Cybersecurity Association to provide you with the services, events, activities or online content you select. As required under GDPR, we will process this type of personal data for the limited purpose stated in the event registration form/link and for no longer than what is necessary unless you provide us your consent to get in touch with you and to be added to our mailing list.
We do not collect or process “sensitive personal information” as defined under article 9 of GDPR.
You have the right to exercise any of your rights under Chapter 3 of GDPR including the right to lodge a complaint to the Federal Data Protection and Information Commissioner (FDPIC) of Switzerland.
We will be happy to help with any of your concerns and try to help before you contact the FDPIC so please get in touch with martin.tang@globalcybersecurity.ch.
2.1 Mailing list and sponsors
Whenever you provide us your consent to be kept up to date with our events, you allow us to store your personal data so that we can contact you. You have the right to opt out from our mailing list at any time and you can either email us at martin.tang@globalcybersecurity.ch or opt out from the mailing list directly.
In providing us your personal data, we may have the legitimate interest to share this information with our sponsors and/or potential sponsors. This will be for the sole purpose of sponsoring one of our events or to provide you with one of our services. Our sponsors may at times also collect personal data on GCA’s behalf. In doing so, they will act as data processors for GCA, which will make sure they comply with our and the legal requirements at all times.
3. How will the Global Cybersecurity Association use the information it collects about me?
At the Global Cybersecurity Association, will use your personal information for several purposes including the following:
- to provide our services, which include but are not limited to events, activities or online content and to deal with your requests and enquiries;
- for “service administration purposes,” which means that Global Cybersecurity Association may contact you for reasons related to the service, event, activity or online content you have signed up for, as set out in section 4 below (e.g.to notify you that a service, event, activity or online content has been suspended, updated or cancelled, or to provide details of such);
- to fulfil legal obligations under the laws of Switzerland;
- to contact you about a submission you have made, including any content you provide;
- to provide you with information about our services, events, activities or online content;
- to personalize the way Global Cybersecurity Association content is presented to you;
- to use IP addresses to identify the location of users, to block disruptive use, to establish the number of visits and to determine where you are accessing the services from;
- to analyze and improve the services offered on Global Cybersecurity Association websites;
- to understand the type of and industry domains of our participants to help planning, content decisions and location of events;
- to allow you to use our job portal.
Whenever there is the need to process your personal data for a purpose other than those listed, we will inform you through our event registration forms. At GCA, we will process your personal data for a specific purpose and for no longer than what is necessary while acting in accordance with legislation. We have retention periods in place that we continuously review to meet legislation requirements.
4. When will the Global Cybersecurity Association process my personal data?
The Global Cybersecurity Association may process your personal data for the following purposes:
- To provide you with a service, to allow you to participate to an event, activity or to allow you to engage with online content you have signed up to;
- To correspond with you when we receive a query from you in relation to your personal data or if you want to exercise any of your rights under GDPR (e.g to opt out from our mailing list) or the Swiss Federal Act on Data Protection 1992;
- To process any contribution you might have submitted to or about Global Cybersecurity Association and our services, events and activities, including online blog posts, tweets or other media;
- To invite you to participate in surveys about the Global Cybersecurity Association services and events;
- To send information relevant to the operations of the Global Cybersecurity Association and sponsorship of our events whenever you give us the consent to do so.
5. Will the Global Cybersecurity Association share my personal information with anyone else?
We will keep your information confidential except where disclosure is required or permitted by law (for example, when we have to report to governmental bodies, law enforcement agencies or to comply with judicial requirements) or as described in section 6 below.
We do not share your personal data with any 3rd parties without your explicit permission unless it is for a legitimate interest (e.g to sponsor one of our events with our sponsors) or to comply with contractual obligations.
The Global Cybersecurity Association uses 3rd Party solutions, including, but not limited to Google G Suite, Google Analytics, Eventbrite, Linked-in, Evenito, Eventbrite, Mailpoet and multiple streaming platforms for our events such as Streamyard or GotoWebinar. We strive to only use services that have a compatible privacy policy. In some cases, the data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). By submitting your personal data, you agree to this transfer and storage. We will take all steps reasonably necessary to ensure that your data is treated and stored securely and in accordance with legislation and with this privacy policy.
Third party service provider | Privacy Policy | Purpose | Lawful basis |
To promote and sponsor our events and other services | Legitimate interest | ||
GotoWebinar | To provide online events and conferences | Legitimate interest | |
Interxion | To sponsor our events | Legitimate interest | |
Evenito | To promote our events | Legitimate interest | |
Eventbrite | To promote our events | Legitimate interest | |
Mailpoet | To manage our mailing list | Legitimate interest | |
Restream | To stream online conferences and events | Legitimate interest | |
To stream online conferences and events and email correspondence | Legitimate interest |
5.1. How do you keep my personal data safe?
At GCA, we do our best to comply with the legal requirements. Once we receive your personal data, we treat it and process it while putting in place organisational and technical measures to prevent unauthorized disclosures or access so that your personal data is safe. We will process this type of data according to our retention schedules and for no longer than what is necessary.
6. Offensive or inappropriate content at Global Cybersecurity Association events or on websites.
If you post or send offensive, inappropriate or objectionable content anywhere on or to Global Cybersecurity Association websites or otherwise engage in any disruptive behavior on any Global Cybersecurity Association service, Global Cybersecurity Association, we may use your personal information to stop such behavior.
Where the Global Cybersecurity Association reasonably believes that you are or may be in breach of any applicable laws (e.g. because of content you have posted may be defamatory), the Global Cybersecurity Association may use your personal information to inform relevant third parties such as your employer, Internet provider or law enforcement agencies about the content and your behavior.
7. What if I am a user aged 18 or under?
If you are under the age of 18 years old, you must obtain your parent or legal guardian’s consent before engaging with our website or registering for an event. Users without this consent are not allowed to provide us with personal information.
8. How long will the Global Cybersecurity Association keep my personal information for?
As required by legislation, we will process and retain your personal data on our systems for no longer than what is necessary to achieve the purpose for which we collected your personal data in the first place and/or for as long as legislation requires us to do so. We often review our retention schedules.
You have the right to opt out your consent, to exercise any of your rights protected under GDPR at any time. When/If you cancel your registration from one of our events, your personal data will be deleted unless you give us your consent to get in touch with you through our mailing list.
At GCA, we want you to be in control of your privacy at any time.
