Privacy policy
Updated July 4, 2024Web Summit (also referred to as “we”, “us” or “our”) runs the world’s largest technology events (“Events”), connecting people and ideas that change the world. In pursuit of our mission, we collect and use (“process”) certain personal information from you. Being transparent about the processing of your information and respecting your privacy is incredibly important to us!
This Privacy Policy applies when you provide us with your personal data to have access to any of our services or events. Please read it carefully and if you have questions, comments, or concerns regarding our Privacy Policy or practices, please contact us.
1. Scope
1.1 Data Controllers
For purposes of data protection laws, the data controller of your data depends on the location where you are based and/or attend to one of our events, namely:
– European Union: Connected Intelligence Limited (Company No.: 539413) of Tramway House, 32 Dartry Road, Dartry, Dublin 6, Ireland;
– Canada: Connected Intelligence Canada Ltd of 1055 West Hastings Street, Suite 1700 Vancouver Be V6E 2E9 Canada;
– Hong Kong: RISE Hong Kong Events Ltd (Company No.: 2209862) of of Tramway House, 32 Dartry Road, Dartry, Dublin 6, Ireland;
– Brazil: Web Summit Rio LTDA of Rua do Passeio, 00038, SAL 1501 SET 2, Centro, Rio de Janeiro, Brazil.
Collectively, the “Web Summit Group”.
– Qatar: Web Summit Doha to Organize Exhibitions W.L.L of Building No. 8, Zone 63, Street 905, Po BOX 10805, Doha, Qatar.
1.2 Joint Controllers
In certain cases, we may also have joint controllers who work with us to provide you with services and enhance your experience. For detailed information on our joint controllers, please contact us.
1.3 Specific additional rights
This is our global privacy policy, which applies to our global business. This policy is oriented by the rules and principles of the General Data Protection Regulation (EU GDPR). There are locations outside the EU where additional specific rights and/or rules should be applied. Please visit sections 14, 15, 16, and 17 below to find more information.
Where local data protection laws differ from the general rules provided by the EU GDPR, being more protective to data subjects, the local laws shall prevail.
1.4 Services in scope
Unless indicated otherwise, this Privacy Policy relates to our use of any personal information we collect or use in relation to the following services :
– Web Summit’s events;
– Web Summit’s websites and their related subdomains, including those pertaining to registration for attendance and/or volunteering at Web Summit’s events;
– Web Summit’s apps and the web-app;
– Online surveys relating to the Web Summit’s events;
– Messages sent via Web Summit’s apps, portals, websites;
– Notes and descriptions created in Web Summit’s apps and portals; and
– Web Summit’s events official social media channels.
2. Information we collect
When we provide the services, we collect and receive information in several different ways. In many cases, you may choose what information to provide. In some others,certain information is required for us to provide you the services.
2.1 Directly from you, or approved third parties
We collect a variety of information from you when you provide it to us directly, when we request it from you, or when you give us permission to get it from a third party source. These information include, but are not limited to:
– Attendee registration information. When you register to attend an event, you must provide us with basic information such as name, address, email address, telephone number, date of birth. We also give you the option to provide additional information.
– Volunteer registration information. When you register to volunteer at an event, you must provide us with basic information such as name, address, email address, telephone number, and date of birth. We also give you the option to provide additional information.
– Payment and credit card information. When purchasing tickets to attend an event, you must provide us with your name, address, telephone number, email address, credit card, debit card or bank information. This information will only be shared with third parties such as our payment provider who perform tasks required to complete the purchase transaction.
– Conference app profile information. To attend an event, you are required to download the Web Summit app. You will be required to provide us with profile information, such as name and email address, so that you can benefit from the functionalities and services we provide through the app. Certain profile information may be included on pages such as, but not limited to: our Featured Attendees page, our Chats page and/or our Explore page
– Conference survey responses. We may ask you to participate in optional surveys regarding your experience at the event in order to help us improve it and for related commercial purposes.
– Customer Support. So that we may provide customer services, respond to and resolve any enquiries or complaints.
– Third party social media accounts. If you choose to connect your social media account(s) with the Web Summit app, we may receive certain information from that account, such as your title, picture, and other information you authorize. We may use your friends or connections lists to make recommendations in the app, for example to suggest mutual connections.
– Call recordings. We may contact you for the purposes of sales, investment, or in the context of your past or future attendance at or participation in an event. In certain cases, we may record such calls for our legitimate interests in staff training and development.
2.2 Information you generate using our services
We may collect information about the ways in which you use and interact with our services, such as, but not limited to, the types of tickets you buy or the ways in which you interact with our app.
To understand and enhance your user experience, we may use tools for experience insights and behaviour analytics purposes. These tools may allow us to access heatmaps, recordings, surveys, and user interviews, for instance.
2.3 From your browser or device
We automatically collect certain information from your browser or device when you use certain services or read a message from us.
For example, we collect:
– data regarding the device you are using, such as its unique identifier and operating system; logs will be recorded by our servers based on the information sent from your app or browser;
– information automatically as you navigate through our websites using cookies and other tracking technologies. (Information collected automatically may include usage details, email address, IP addresses, and information collected through cookies and other tracking technologies).
Information may be recorded by cookies and similar technologies when you use the services. Please review our cookie policy for further detail on how we use cookies and similar technologies on our services and how to opt out of these.
2.4 From public sources
We also collect publicly available information from your social media accounts, such as the number of followers you have.
2.5 Startup, Investor and Speaker participation
If you choose to apply to join us as a Startup, Investor or Speaker you will complete an application including your name, contact details and any other information necessary for us to review and to get in touch with you.
If your application is successful, you will be asked to share more personal data in order for you to participate in our event. For example, you will be asked to complete your Startup or Speaker profile. The amount of information you share depends on your participation but generally includes your name and email address.
3. How we use your information
We use your information in order to provide, operate, improve, understand, customise, support, and market our services, including:
3.1 Providing and improving the requested services
We use your personal information as necessary to run the events, such as to register attendees, issue tickets, facilitate information sharing with partners with whom you have consented for us to share information, and provide you with relevant connections and content during the event based on this information and your use of the app.
Where you have provided us with your consent, we may access your contacts to help you find mutual connections during one of our events (“sync functionality”). To enable the synchronisation of your address book, we need to import information from your contacts, such as phone numbers, which are then hashed and securely stored. You can stop synchronising your address book at any time by contacting us. When you do this, it will delete all previously imported contacts. The same will happen if you ask for the deletion of your profile. All contact details from non-attendees are automatically deleted once the Conference is over.
3.2 Communicating with you
We use your personal information to contact you regarding your registration to attend, volunteer or speak at an event, to notify you of any changes to our policies and practices, for commercial, sales or investment purposes, and to respond to any requests or inquiries you may submit to us. If you subscribe to marketing, such as newsletters, we will use your information as described below. To opt out of our marketing communications and newsletters, please click the unsubscribe button at the bottom of marketing emails from us or alternatively email us via the contact info below. We may collect information from these communications to improve our services and for the training and development of our staff.
3.3 Marketing
If you opt-in to receiving marketing communications from us, we will use your personal information for outreach and marketing, such as to send you information about our future events and to exhibit attending companies. You can opt-out of these communications by using the unsubscribe links in our communications or by changing your app settings.
We may also use your image in our published list of event attendees, which is visible in our websites; as well as on promotional communications (such as emails), posts and videos of our events. If you want to object to this use, please contact us via the contact details at the bottom of this policy.
3.4 Tracking
Cookies & Web Beacons.
We may use information from beacons and cookies collected from your use of our website and app to target your online activity, browser or apps, with certain advertisements. We may also use these tools to determine the popularity of certain content or advertisements on our website.
3.5 Third-Party Tracking
We may use third party tools such as Facebook Advertising, Facebook Pixel Remarketing, LinkedIn Insight Tag, and Google’s remarketing technology. These tools allow us to understand and deliver ads and make them more relevant to you. The collected data remains anonymous and we cannot see the personal data of any individual user.
3.6 Advertising
We use your personal information to be able to show you advertising on other websites. Please also review our cookie policy for your options to control how we use cookies and similar technologies for advertising.
3.7 Combining your data for personalised direct marketing and analytics
To help us form a better overall understanding of you as a customer, we combine your personal data gathered across our cookies, form submissions, chat functionality on our websites and from our app, for example when you request to receive email communications from us. In order to do this we also combine the data that we collect directly from you with data that we obtain from third parties to whom you have given your consent to pass that data onto us. These third parties include Facebook, Instagram, Linkedin and Twitter. If that combination permits you to be identified, we will treat the combined information as personal data for as long as it is combined.
3.8 Legal obligations and rights
We may use your personal information to protect Web Summit’s rights and properties in connection to our services, to enforce our policies and prevent fraud or potentially illegal activities, to comply with our legal obligations, to resolve any disputes we may have with you, and to enforce our agreements with third parties.
4. Legal bases for processing your information
We rely on a number of bases to lawfully process your personal information for the purposes described in this Privacy Policy. We process your personal information:
– when necessary to perform our Terms and Conditions and other legal policies, or to provide you with the services;
– where you have consented to the processing, which you may revoke at any time;
– when necessary for us to comply with a legal obligation, a court order, or to exercise and defend legal claims;
– when necessary to protect your vital interests, or those of others, such as in the case of an emergency;
– where you have made the information manifestly public;
– where necessary in the public interest; and
– where necessary for the purposes of our, your, or a third party’s legitimate interests, such as those of partners or other attendees or volunteers.
If you have questions or need further information about the legal bases on which we collect and use your personal information, please contact us.
5. Our legitimate interests
As indicated above, in certain cases we use your information where necessary to pursue our, your and others’ legitimate interests. These cases include, but are not limited to:
– Implementing and enhancing security measures and protections in respect to our websites, apps and services in general, protecting you and others against fraud, spam and abuse;
– Enforcing our policies, such as our Terms and Conditions;
– Enhancing the event and our services in general, as well as our websites and apps, to improve your user experience;
– Conducting access control and enforcing security at the events;
– Conducting data analysis and analytics across our services;
– Recording sales and other calls to you for our business interests in the training and development of our staff (where you have not objected);
– Making your profile discoverable in the app of the particular event you are attending so that you can network with other participants;
– Using your image in our marketing materials in order to highlight the attendees participating in our events. We also use photos and audio-visual footage from past events which may contain your image or voice; and
– Providing seamless services with the Web Summit Group companies and affiliates.
If you want to exercise your right to object to any of these uses please email us via the email at the bottom of this page.
6. Sharing with third parties
We share information with attendees, service providers, affiliates, partners, and other third parties where it is necessary to perform the Terms and Conditions, this Privacy Policy and any other legal policy we may have; to provide the services; and for other purposes described in the Privacy Policy.
6.1 Our Group companies and joint controllers
We may share your personal information within the Web Summit Group or with our joint controllers to enable us to provide you with services and/or to carry out the purposes set out in the accepted Terms and Conditions and Privacy Policy.
6.2 Sharing with other attendees and organisations
Our services, such as the Web Summit app, provides attendees with the means of making connections with other attendees. For example, the profile information that you choose to provide us will be accessible to other attendees of the event, subject to your settings. QR code scanning functionality on your badge is activated by default. You can provide your information to other attendees and organisations (e.g., partners, investors, startups, etc.) by allowing them to scan the QR code on your attendee badge at our events and/or by clicking “Connect” or accepting the connection request on the App with another attendee or organisation. Once this happens, you may consent to the sharing of your contact information with these individuals and companies.
6.3 Marketing
We rely on third-party marketing platforms and service providers to assist us and perform certain marketing services for us.
If you share your email address with us we might use information we hold about you to tailor sponsored content on social media sites, like Facebook, Google or Twitter. We securely match encrypted email addresses via our third party processor. The social media site can only see an email address if it’s already used for an account on their site. We don’t provide any new data on users.
6.4 Advertising
We share your personal information with common advertising platforms such as Facebook, Google and LinkedIn to show you advertising when you use those services. Please also review our cookie policy for your options to control how we use cookies and similar technologies for advertising.
6.5 Third party service providers
We may share your personal information to help us operate, provide, improve, understand, customise, support, and market our services. These third parties provide us with services including for customer support, data storage and website hosting, ticketing and payments processing, legal advice and compliance, and marketing and data analysis. These third parties are contractually required to use it only to provide their service to us, and prohibited from using it for their own purposes.
6.6 Business reorganisation
In instances where we are subject to a reorganisation, such as a merger or acquisition of some or all of its assets, we may, in accordance with our legitimate interests, need to share information in the course of the transaction. In such circumstances, your information may be disclosed, where permitted by applicable law, in connection with such corporate restructuring, sale, or assignment of assets, merger, or other changes of control or our financial status.
6.7 Legal and safety reasons
We may retain, preserve, or share your personal information if we have a good-faith belief that it is reasonably necessary to (a) respond, based on applicable law, to a legal request (such as, a subpoena, search warrant, court order, or other request from government or law enforcement); (b) detect, investigate, prevent, and address fraud and other illegal activity, security, or technical issues; (c) protect our rights, property, or safety; (d) enforce our Terms and Conditions or any other agreements we have with you; or (e) prevent physical injury or other harm to any person or entity, including yourself and members of the general public.
6.8 Aggregated information
We may also share aggregated or de-identified information, such as counts of attendee job titles or their affiliated companies, with companies we do business with, including our advertisers, partners as well as other organisational members.
7. Data retention
We will retain your personal information for as long as necessary to provide you with the services, maintain our legitimate interests and business operations, and/or exercise, defend or establish our rights.
Generally, we will maintain your personal data for up to a period of six years after such information is collected to achieve the purposes set out in this Privacy Policy. If we record a call to you for training and development purposes, we will generally delete the recording after a period of 4 weeks. However, we may need to keep some of your information for a longer period to comply with our legal and regulatory obligations, to resolve disputes, and to enforce our Terms and Conditions.
8. Data transfers
As a global business, we access and transfer information around the world. This means that we access and transfer your personal information from within and outside the Web Summit events’ locations , including in and to the United States.
The data protection laws and the rights of authorities to access your personal information in some of these countries may not be the same as in your home country. We transfer your personal information in accordance with applicable law(s), and take steps to ensure that your information is appropriately protected.
In particular, where we transfer information to countries that are not viewed as providing an adequate level of protection, we rely on an approved mechanism known as the “standard contractual clauses” to protect the information transferred. These are template contracts published by the European Commission containing approved commitments to protect the privacy and security of the information transferred. To request a copy of the clauses, please contact us.
9. Your rights
You have a number of rights in relation to your information that we process. While some of these rights apply generally, certain rights apply only in certain limited cases. We describe these rights below.
If you wish to exercise your rights, please complete our Data Subjects’ Rights Form. Alternatively, you can contact us.
9.1 Access and Portability
You can access much of your information by logging into your profile. If you require access to additional information, or you do not have a profile, please contact us. Where legally required, we will provide your information in an easily accessible format and assist in transferring some of this information to third parties.
9.2 Rectify, Restrict, Delete
You can amend, update and delete some of your information by logging into your profile. If you don’t have a profile, or want us to amend, update or delete other information, please contact us.
9.3 Object
Where we process your information based on the legitimate interests described above, or in the public interest, you can object to the processing in certain circumstances. We will generally stop processing your information unless we have compelling grounds to continue processing, such as where needed for legal reasons. Where we use your information for direct marketing, you can always object using the unsubscribe link in such communications, changing your profile settings or by contacting us. When we inform you that we will record a call to you, we will provide you with the opportunity to object to such recording.
9.4 Withdraw consent
If we have specifically asked for your consent to use your information, you have the right to withdraw your consent at any time. For example, if we ask for your consent for direct marketing purposes, you can revoke your consent using the unsubscribe link in such communications, changing your profile settings or by contacting us.
9.5 Complain
If you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority or the lead supervisory authority, the Irish Data Protection Commission.
10. Security
The security of your personal information is important to us. We implement reasonable and appropriate security measures to help protect the security of your information both online and offline and to ensure that your data is always treated in accordance with this Privacy Policy. These measures vary based upon the sensitivity of your information.Despite these measures, the Internet is not a fully secure environment and we cannot guarantee that your personal information will never be intercepted or improperly accessed.
11. Children
Attendees under 18 years of age may attend a Web Summit event if accompanied by a parent or guardian at all times. You can find further information on our Terms and Conditions.
Generally, we do not process children’s personal information as only the parent’s and/or guardian’s data is required to enable the children’s attendance to the event. Where there is any exceptional need to collect children’s data for the referred purpose, we recognize the need to provide further privacy protections , namely:
– Informing their parents or guardian(s) about our information practices with regard to children, including the types of personal information we may collect, the uses to which we may put that information, and whether and with whom we may share that data;
– In accordance with applicable laws, and our practices outlined in this Privacy Policy, obtaining consent from their parents or guardian(s) for the collection of personal information from their children;
– Limiting our collection of personal information from children to no more than what is reasonably necessary to attend an event;
– Giving their parents or guardian(s) access or the ability to request access to personal information we have collected from their children, as well as the ability to request that the personal information may be changed or deleted.
For additional information about our practices regarding children’s personal information, please contact us at the contact details at the bottom of this page.
11.1 INSPIRE Program
INSPIRE offers students aged between 16 and 23 the opportunity to attend Centre Stage (only) on a day of their choosing. They do not have access to the Web Summit show floor, other Web Summit stages and/or Night Summit events, and are given a distinct badge so that staff can easily identify they are part of this program at all times.
INSPIRE ticket holders aged 16 to 18 do not require to be accompanied by a parent and/or guardian to attend Web Summit’s Centre Stage. We keep their personal data collection and general processing to a minimum, only to allow them to enjoy this single-day experience.
INSPIRE ticket holders can benefit from all of the rights outlined in this Policy.
12. How can you stop the use of personal data belonging to you for direct marketing?
There are several ways you can stop direct marketing communications from us:
– Click the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails.
– In our apps, you can manage your preferences and opt out from one or all of the different push notifications by selecting or deselecting the relevant options in your phones ‘Notification Settings’ section.
– Complete our Data Subjects’ Rights Form, available in section 9 of the Privacy Policy. Alternatively, you can contact us.
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.
13. California Consumer Privacy Act (CCPA)
California residents may ask us to provide them with a list of the types of personal data that we have disclosed to third parties for direct marketing purposes, and the identity of those third parties. If you would like such a list, please contact us via the contact details at the bottom of this page. with subject field: “CCPA”. If you exercise your rights, we will not charge you different prices or provide different quality of services. We do not sell personal data to third-parties.
Once we receive your request, we may verify it by requesting information sufficient to confirm your identity, including by asking you for additional information. If you would like to use an agent registered with the California Secretary of State to exercise your rights, we may request evidence that the agent has valid written authority to submit requests to exercise rights on your behalf.
14. Brazil General Data Protection Law (LGPD)
Web Summit Rio attendees can benefit from the rights outlined in the Brazilian General Data Protection Law (Law. no. 13.709/18). Where the Brazilian General Data Protection Law (LGPD) differs from the EU GDPR, it shall prevail.
Specific rights concerning Web Summit Rio attendees are as follows:
– International transfers:
Apart from the information outlined in section 8 above, where we transfer information to countries that are not viewed as providing an adequate level of protection, we rely on approved mechanisms such as “standard contractual clauses” and/or “specific contractual clauses for a transfer”, in line with art. 33 of the Brazilian LGPD, to protect the information transferred. To request a copy of the clauses, please contact us.
– Your Rights:
Apart from the rights outlined in section 9 above, Web Summit Rio attendees have the following rights as per art. 18 of the Brazilian LGPD:
a) Anonymization and blocking of data that is unnecessary, excessive or processed in violation of the provisions of the Brazilian LGPD;
b) Information on public and private entities with which their data has been shared;
c) Information on the possibility of not granting consent and its respective negative consequences; and
d) Lodging a complaint to the National Data Protection Authority (“Autoridade Nacional de Proteção de Dados”).
15. Hong Kong Personal Data Privacy Ordinance (PDPO)
RISE attendees can benefit from the rights outlined in the Hong Kong Personal Data Privacy Ordinance (PDPO). Where the PDPO differs from the EU GDPR, it shall prevail.
16. Canada Data Protection Legislation
Web Summit Vancouver attendees can benefit from the rights outlined in applicable local data privacy legislation, particularly in the Personal Information Protection and Electronic Documents Act (PIPEDA).
Where applicable local data protection legislation and/or the PIPEDA differs from the EU GDPR, it shall prevail. Particularly, personal data from Web Summit Vancouver attendees will only be processed with prior consent and/or for purposes that would be reasonably considered appropriate in the circumstances, as detailed in this Privacy Policy.
17. Qatar Data Protection Legislation
Web Summit Qatar attendees can benefit from the rights outlined in applicable local data privacy legislation, particularly in the Personal Data Privacy Protection Law (Law No.13 of 2016). Where applicable local data protection legislation differs from the EU GDPR, it shall prevail.
18. Changes to this privacy policy
We may update this Privacy Policy from time to time so please review it occasionally. If we make material changes, we will take steps to notify you. The date of the most recent revisions will appear on the top of this page.
19. Contact us & Data Protection Officer
If you have any questions or concerns about this Privacy Policy or our privacy practices generally, or if you would like to exercise your statutory rights, you can contact us at:
– Email: data.protection@websummit.com.
– Address: DPO, Web Summit. Tramway House, 32 Dartry Road, Dublin 6.
For matters not related to personal data, please contact our Attendee Support Team at info@websummit.com.