Privacy Policy - Wales Tech Week

1. Introduction and Scope

This is the Privacy Policy for Technology Connected’s Wales Tech Week event and associated websites, apps, and registration. This policy sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us. Please read the following policy carefully, it explains the types of information collected and created in connection with the Wales Tech Week event, how and why we use the information gathered, who we share it with, and your legal rights.

This Privacy Policy is issued on behalf of ESTnet Ltd, trading as Technology Connected for the Wales Tech Week summit and related events. When we refer to “We”, “Us” or “Our” in this Privacy Policy, we are referring to the relevant event/trading name of ESTnet Ltd, which is responsible for processing your data.

Wales Tech Week is a conference and networking event for the technology community and associated supporting ecosystem. We are committed to protecting your personal information.

Unless indicated otherwise, this Privacy Policy relates to our use of any personal information we collect or use in relation to the following services (collectively, the “Services”):

the Wales Tech Week Event, physical and digital (the “Event”);
the Wales Tech Week websites (including www.walestechweek.com) and their related subdomains and websites including those pertaining to registration for attendance at the Event;
any official Wales Tech Week apps;
online surveys relating to the Event;
messages sent via the Event support team; and
the Wales Tech Week official social media channels.

For UK data protection laws and UK General Data Protection Regulation (UK GDPR), the data controller for Wales Tech Week is ESTnet Limited whose registered office is at Trade Street Desks, 14 Trade Street, Cardiff, CF10 5DT.

1.1 Data Protection Principles

We should only process your data where we have legal grounds to do so. This means your personal information must be:-

processed lawfully, fairly and in a transparent manner;
processed for specified, explicit and legitimate purposes;
adequate, relevant and limited to what is necessary;
accurate and kept up-to-date;
kept for no longer than is necessary; and
processed in a manner that ensures appropriate security.

2. Information we collect

When we provide the Services, we collect and receive information in several different ways. In many cases, you choose what information to provide, although some information is required for us to provide you the Services.

Directly from you and from approved third parties

We collect a variety of information from you when you provide it to us directly, when we request it from you, or when you give us permission to get information from a third-party source.

Attendee registration information

When you register to attend the Event, you must provide us with basic information such as your name, email address, telephone number, nationality, company name, job title and location. We also give you the option to provide additional information (which may include Special Category Data (please see below).

We may also collect other personal data such as your photograph, video recording(s) or voice recording(s) whilst you are at the Event.

Event survey responses

We may ask you to participate in optional surveys regarding your experience at the Event in order to help us improve the event and for related commercial purposes.

We use attendee support customer messaging software, so that we may provide customer services and respond to and resolve any enquiries or complaints.

Special Category of data

Special category data is personal data that needs more protection because it is sensitive. It can include personal data revealing an individual’s racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health conditions, relate to an individual’s sexual life, sexual orientation, biometric or genetic data (“Special Category Data”).

When you register to attend the Event or to use any of our Services, you may provide us with Special Category Data, such as your gender, racial or ethnic origin. We will only process this Special Category Data if we have a lawful basis for doing so as set out in clause 5 and we have your explicit consent. Your consent will be requested upon registration; however, you are not obligated to provide this. In the event that you do provide us with any Special Category Data, you have the right to withdraw your consent at any time by contacting us (please see our contact details below).

From your browser or device

We automatically collect certain information from your browser or device when you use certain Services or read a message from us.

For example, we collect:

data regarding the device you are using, such as its unique identifier and operating system; logs will be recorded by our servers based on the information sent from your app or browser;
information automatically as you navigate through our websites using cookies and other tracking technologies. (Information collected automatically may include usage details, email address, IP addresses, and information collected through cookies and other tracking technologies).
Information may be recorded by cookies and similar technologies when you use the Services. Please review our cookie policy for further detail on how we use cookies and similar technologies on our Services and how to opt out of these.

Start-up, investor, speaker, exhibitor and partner participation

If you choose to participate in Wales Tech Week as a start-up company, investor, exhibitor, partner or speaker you will share information including your name, address, email address, telephone number, job title and any other information necessary to review and to get in touch with you.

3. How we use your information

We use your information to provide, operate, improve, understand, customise, support, and market our Services. We may use information we hold about you in the following ways:

to confirm your identity.
to administer your registration and facilitate your participation at the Event.
to provide you with Event updates, schedules and logistics.
to let you know about other relevant services, both ours and those of other parties whose products and services we have agreed should be made available to you.
to update and correct our attendance records and financial records of your transactions with us.
to carry out statistical and market analyses, including benchmarking exercises, to enable us to understand you better and improve our Services.
to develop, test and improve our systems.
to notify you about changes to our Services.
to ensure the content of our website is presented in the most effective manner for you and for your computer.
to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
to improve our website to ensure that content is presented in the most effective manner for you and for your computer.
to manage our relationship with you which will include (i) notifying you about changes to our terms or privacy policy and (ii) dealing with your requests, complaints and queries.
to enable you to partake in a quiz, competition or survey.
Internal management and planning, which includes:-
- resource management;
- planning of tasks or meetings;
- keeping records of sources of new enquiries; and
- storage and archiving of files and documents.

We will only use your personal information for the purpose(s) for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, or where this is required or permitted by law.

Communicating with you

We use your personal information to contact you regarding your registration, to notify you of any changes to our policies and practices, for commercial, sales or investment purposes, and to respond to any requests or feedback you submit to us.

Marketing

If you opt-in to receiving marketing communications from us, we will use your personal information for outreach and marketing, such as to send you information about our future events and to exhibit attending companies and partners. We may collect information from these communications to improve our Services and for the training and development of our staff.

You can opt-out of these communications by using the unsubscribe links in our communications or by emailing us at the contact details below. Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.

We may also use your information in order to market the Event and/or Services. For example, we sometimes use your image in our published list of Event attendees or your public social media posts to promote the Event. If you want to object to this use, please contact us via the contact details at the bottom of this page.

Cookies & Web Beacons

We may use information from beacons and cookies collected from your use of our website and app to target your online activity, browser or apps, with certain advertisements. We may also use these tools to determine the popularity of certain content or advertisements on our website. To access our cookie policy, please click here.

Third-Party Tracking & Advertising

We may use third party tools for profiling and remarketing such as Facebook Advertising, Facebook Pixel Remarketing, LinkedIn Insight Tag, and Google Ads. These tools allow us to understand and deliver ads and make them more relevant to you. The collected data remains anonymous without personal data connected to the individual users.

We may use your personal information to be able to show you advertising on other websites. Please also review our cookie policy for your options to control how we use cookies and similar technologies for advertising.

4. Data Sharing with Event Partners

As part of Wales Tech Week, your data may be shared with our Event Partners and/or Event exhibitors, but only if you explicitly opt-in during the registration process. This ensures we have your consent to share your information.

How Partners and/or Exhibitors May Use Your Data

Partners and/or Exhibitors may contact you via email or phone to share relevant opportunities, insights, or offers related to their services.

Data Usage Details

Who: Your data will be shared with approved Event Partners and/or Exhibitors.
When: Shared for event-related purposes, typically within a defined timeframe post-event.
How Long: Data will be retained no longer than necessary, adhering to UK GDPR guidelines.
Purpose: To provide direct marketing and relevant updates about Partner and/or Exhibitor services, under the lawful basis of consent.

You retain full control of your data:

Opt-out options are available during registration or by contacting us at any time.
Partners are contractually required to handle your data responsibly and in compliance with UK GDPR.

5. Legal basis for processing your information

UK GDPR and UK data protection law sets the lawful legal basis (or ‘conditions’) which allow us to collect, hold and use your personal information. We rely on several basis to lawfully process your personal information for the purposes described in this Privacy Policy.

We process your personal information:

when necessary to perform the contract that we are about to enter or have entered with you or to provide you with the Services;
where you have consented to the processing, which you may revoke at any time;
when necessary for us to comply with a legal obligation, a court order, or to exercise and defend legal claims;
when necessary to protect your vital interests, or those of others, such as in the case of an emergency;
where you have made the information public;
where necessary in the public interest; and
where necessary for the purposes of our, your, or a third party’s legitimate interests, such as those of partners or other attendees or volunteers.

6. Our legitimate interests

As indicated above, in certain cases we use your information where necessary to pursue our, your and others’ legitimate interests, including where necessary to:

Keep the Services safe and secure

We use your information as it is necessary to pursue our legitimate interests, or those of our attendees, our volunteers or our partners in ensuring the Event is a safe and secure event, such as enforcing our contract with you. We also act in the legitimate interests of these parties with respect to our Event website, app and other Services, such as by implementing and enhancing security measures and protections and protecting against fraud, spam and abuse.

Provide, develop and improve the Services

We process your information as necessary to pursue our legitimate interests in improving the Event and our other Services, such as our Event websites and apps. For example, we use your information in order to conduct access control and enforce security at the Event. We also use your information to conduct data analysis and analytics across our Services. In certain cases, and where you have not objected, we may record sales and other calls to you for our business interests in the training and development of our staff.

Market the Services

We process your information in accordance with our legitimate interests of marketing the Event and the Services to you. For example, we use your information to market future Events to you and to exhibit attending companies. We may also use your image in our marketing materials in order to highlight the attendees participating in our Event. We also use photos and audio-visual footage from past events which may contain your image or voice. If you want to exercise your right to object to any of these uses please email us via the email at the bottom of this page.

Provide seamless Services with Technology Connected brands and Our affiliates

We may share personal information amongst our parent company, subsidiaries, or affiliates for internal business purposes and to provide you with the Services in accordance with the our contract with you and this Privacy Policy. If we share your information, we will ensure that your information continues to be used only in accordance with this Privacy Policy and your expressed choices, and in accordance with applicable law.

7. Sharing with third parties

We share information with attendees, service providers, affiliates, partners, exhibitors and other third parties where it is necessary to perform our obligations under our contract with you, to provide the Services, and for other purposes described in the Privacy Policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Sharing with other attendees, exhibitors and Partners via our App

Our Services, such as the website and related Event app, provides attendees with the means of making connections with other attendees, exhibitors and partners. For example, the profile information that you choose to provide us may be accessible to other attendees, exhibitors and partners of the Event (attendees have full control over their visibility and data-sharing preferences and can manage these settings directly within the platform).

The Event platform app also operates under its own privacy policy, which governs data collection, processing, and storage by the platform provider. Attendees are encouraged to review this policy when creating an account. Additionally, the app’s data visibility features are designed to foster professional connections, align with Event objectives, and enable meaningful engagement among participants.

Marketing

In order to further our legitimate interests in marketing the Services, we rely on third-party marketing platforms and service providers to assist us and perform certain marketing services for us.

If you share your email address with us we might use information we hold about you to tailor sponsored content on social media and other common advertising sites, like Facebook, LinkedIn, Google or Twitter. We securely match encrypted email addresses via our third party processor. The social media site can only see an email address if it’s already used for an account on their site. We don’t provide any new data on users. Please also review our cookie policy for your options to control how we use cookies and similar technologies for advertising.

Third party service providers

We may share your personal information to help us operate, provide, improve, understand, customise, support, and market our Services. These third parties provide us with services including for customer support, data storage and website hosting, ticketing and payments processing, legal advice and compliance, and marketing and data analysis. These third parties are contractually required to use it only to provide their service to us. They are prohibited from using it for their own purposes.

Business reorganisation

In instances where we are subject to a reorganisation, such as a merger or acquisition of some or all of its assets, we may, in accordance with our legitimate interests, need to share information in the course of the transaction. In such circumstances, your information may be disclosed, where permitted by applicable law, in connection with such corporate restructuring, sale, or assignment of assets, merger, or other changes of control or our financial status.

Legal and safety reasons

We may also share your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect our rights, property, or safety of our members and their employees, or others.

Aggregated information

We may also share aggregated or anonymised information, such as the number of attendees from an organisation or their role-related data, with companies we do business with including partners, sponsors, and advertisers.

8. How long we store your information

We will generally keep personal information about you no longer than is needed for us to carry out the functions described in this notice. We will usually delete personal information that we collect related to the Event and our Services after twelve months. However, we may retain some information (such as attendance records) for longer where it is in our legitimate interests to do so or where we are required to do so, for example, for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We will keep personal information held as part of our membership records for the duration of that organisation’s membership.

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

9. Data transfers

As a business registered in England & Wales, we process data within the UK but our digital platforms or global partnerships mean we may need to access and transfer information around the world. We transfer your personal information in accordance with applicable UK data protection law and must take steps to ensure that your information is appropriately protected to the standards set in UK law.

Whenever we transfer your personal data out of the UK to third parties, we ensure a similar degree of protection is afforded to it by ensuring that the following safeguards are in place:

we will only transfer your personal data to countries that have been deemed by the UK to provide an adequate level of protection for personal data; or
we may use specific standard contractual terms approved for use in the UK which give the transferred personal data the same protection as it has in the UK, namely the International Data Transfer Agreement or The International Data Transfer Addendum to the European Commission’s standard contractual clauses for international data transfers. To obtain a copy of these contractual safeguards, please contact us.

10. Your rights

You have various legal rights in relation to the information you give us, or which we collect about you, as follows:-

You have a right to access the information we hold about you, together with various information about why and how we are using your information, to whom we may have disclosed that information, from where we originally obtained the information and for how long we will use your information.
You have the right to ask us to rectify any information we hold about you that is inaccurate or incomplete.
You have the right to ask us to erase the information we hold about you (the ‘right to be forgotten’). Please note that this right can only be exercised in certain circumstances and, if you ask us to erase your information and we are unable to do so, we will explain why not.
You have the right to ask us to stop using your information where:-
- the information we hold about you is inaccurate;
- we are unlawfully using your information;
- we no longer need to use the information; or
- we do not have a legitimate reason to use the information. Please note that we may continue to store your information, or use your information for the purpose of legal proceedings or for protecting the rights of any other person.
You have the right to ask us to transmit the information we hold about you to another person or company in a structured, commonly-used and machine-readable format. Please note that this right can only be exercised in certain circumstances and, if you ask us to transmit your information and we are unable to do so, we will explain why not.
Where we use/store your information because it is necessary for our legitimate business interests, you have the right to object to us using/storing your information. We will stop using/storing your information unless we can demonstrate why we believe we have a legitimate business interest which is more important than your interests, rights and freedoms.
Where we use/store your data because you have given us your specific, informed and unambiguous consent, you have the right to withdraw your consent at any time.
You have the right to object to us using/storing your information for direct marketing purpose

If you wish to exercise any of your legal rights, please contact Avril Lewis by writing to the address at the top of this policy, or by emailing us at avril.lewis@technologyconnected.net.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

You also have the right, at any time, to lodge a complaint with the Information Commissioner’s Office if you believe we are not complying with the laws and regulations relating to the use/storage of the information you give us, or that we collect about you. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

11. Security

The security of your personal information is important to us. We strive to use appropriate technical and organisational skills to protect your personal information. Despite these measures, the Internet is not a fully secure environment and we cannot guarantee that your personal information won’t be intercepted or improperly accessed. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

12. Children

Attendees under 18 years of age may attend Wales Tech Week if accompanied by an adult or guardian, depending on the age of the attendee. Attendee data for individuals under the age of 18, particularly those participating in Talent4Tech, will not be shared with any partners or exhibitors under any circumstances. You can find further information on our age limitations in our contract with you.

13. Changes to this privacy policy

We may update this Privacy Policy from time to time so please review it occasionally. If we make material changes, we will take steps to notify you. The date of the most recent revisions will appear here.

Last updated 18th December 2024

Contact us

If you have any questions or concerns about this Privacy Policy or our privacy practices generally, or if you would like to exercise your statutory rights, you can contact us at:

Data Protection Officer (“DPO”)

You can contact our Data Protection Officer at avril.lewis@technologyconnected.net

Or alternatively write to us at:

Wales Tech Week, ESTnet Ltd, Trade Street Desks, 14 Trade Street, Cardiff, CF10 5DT