Last updated 2023-09-17

Privacy Policy

Data protection statement. Please read this privacy policy carefully before using our service.

Content

Simplified Introduction

NordicFuzzCon wants to put on a convention that is fun, enjoyable, and safe for its attendees each year. To do this, we enter into an agreement with our suppliers, our partners, our volunteers, and our attendees that spells out how the convention will be put on and what each person, or company, is responsible for.

Under the umbrella of the General Data Protection Regulations in the EU, we need to be transparent about how we handle any Personal Data (= Data which can be used to identify a natural person) that is collected directly or indirectly by us. This includes why we collect it, who we pass it on to, who will have access to it, how you can have it corrected, how you can have it deleted, etc.

This Privacy Policy is intended to spell out how we handle your data.

INTRODUCTION

At NORDICFUZZCON, org. no. 802467-4924, Bronsgjutarvägen 19, 145 72 Norsborg, Sweden (‘NordicFuzzCon’, ‘us’, ’we’, or ’our’), we respect your privacy and are committed to protecting your Personal Data – i.e. information that may identify you as an individual. This privacy policy will inform you about how we collect, use, disclose and store (‘Process’) your Personal Data when you use our website www.NordicFuzzCon.org, when you create an account with us to attend our events (‘Events’) and when you visit our events (all together ‘Service’).

The purpose of our Processing of your Personal Data is to fulfil our contractual relationship with you and to give you a better user experience when you visit our website or otherwise use our Service.

We use your Personal Data to provide and improve the Service. By using the Service, you agree to our Processing of your Personal Data in accordance with this policy.

WHO IS RESPONSIBLE?

Anyone who processes Personal Data is either a data controller or a data processor. A data controller is any person or entity that determines the purposes and means of the processing. A data processor is any person or entity that processes personal data on behalf of a data controller. The data controller is responsible for determining what data is to be used how and by whom.

Where we collect personal data and determine the purpose(s) for which they are used, we are the data controller. We may engage a third party processor and provide them with your personal data, in which case we are still the data controllers and they are the data processors. In the case you are entering into an agreement with us or using our Service, we are the data controller. In case we provide services or products that are not developed or provided by us, the third party providing such services or products is responsible for processing your data. We do recommend that you review the third party’s general terms, confidentiality undertakings and privacy policies.

LAWFULNESS

The primary purpose we, as a data controller, have in collecting and processing your personal data is:

  • to enter into a contractual relationship with you as the attendee and us as the convention
  • to fulfil the terms of this contract between you and us (i.e. hotel room booking, security or first aid related data processing, registration processing, etc.)
  • to fulfil one or more legitimate interests of ours (i.e. feedback processing, conbook preparation, etc.) after weighing our interest against yours, or with your consent.

For those processes where the lawful basis is “legitimate interest”, we evaluate what impact the processing could have on your rights and freedoms and document these. Only if our interest outweighs yours do we proceed with the processing. We undertake a regular review of our processing activities to ensure that your rights and freedoms are not infringed by our processing activities.

COLLECTION OF PERSONAL DATA

While using our Service, we ask you to provide us with Personal Data. The Personal Data can be provided directly from you or indirectly, such as;

  • Information you choose to send to us or provide us with, for example when you create an account and a profile with information such as e-mail, name, nickname, address, phone number, fursona species and any other information you enter. We may also collect information about your interests and preferences to better tailor our Events and Service to your needs, and you have the possibility to provide us with your photo and/or a photo of your avatar.
  • We may also collect information about your preferences to be able safeguard your food preferences and your health during the Event.
  • Information about when you use and for what you use our Services for, such as log activity and pages you visit, the kind of phone / tablet and operating system you are using, the city and country where you are located when using our Services, if and what version of our Terms & Conditions and policies you have approved.

USE OF PERSONAL DATA

We use the personal data we collect to provide you with access to our events and service, to communicate with you about upcoming events, and to improve our service. We may also use your personal data to personalise your experience with us and to send you information about our events.

In accordance with the law, you have the right to opt out of receiving information about our events in the sense of advertisement for an event that you have not yet signed up for. By signing up for an event, we will use your personal information to send you information about that event.

Your nickname may be included in NordicFuzzCon related publications such as the conbook, website, or videos (e.g., as part of the credits, the sponsor listing, etc.).

SHARING OF DATA TO THIRD PARTIES

Hotels

We may transfer your relevant personal data to the relevant hotels and service providers, as well as third parties organising Events together with us, in order to process your booking of an Event.

Organising the Event (Attendees)

We use external partners to provide the Service, for example for cloud service for storing data (Google Workspace and Azure). We may share your Personal Data with third-party vendors, consultants and other service providers. These companies include for example website analytics companies (i.e., Google Analytics, Microsoft Clarity) and payment processing providers.

Organising the Event (Staff and Crew)

We sometimes use platforms and applications from other providers (hereinafter referred to as “third-party providers”) for the purpose of holding video and audio conferences, webinars and other types of video and audio meetings, in order to organise Events and thereby fulfil our contractual obligations. When selecting third-party providers and their services, we observe the legal requirements. In this context, data of the communication participants are processed and stored on the servers of the third-party providers, insofar as they are part of communication processes with us. This data can include, in particular, registration and contact data, visual and vocal contributions as well as entries in chats and shared screen contents. If users are referred to third-party providers or their software or platforms in the context of communication, business or other relationships with us, the third-party providers can process usage data and metadata for security purposes, service optimization or marketing purposes. We therefore ask you to observe the data protection information of the respective third-party provider:

  • Google Meet
    (https://support.google.com/meet/answer/9852160?hl=de&ref_topic=10632347#safetymeasures&encryption&secure&privacy&incident&safety&),
  • Discord
    (https://discordapp.com/privacy) and
  • Telegram
    (https://telegram.org/privacy).

Bot Prevention

We also use Google reCAPTCHA to check and prevent automated servers ("bots") from accessing and interacting with our website. This service allows Google to determine from which website your request has been sent and from which IP address the reCAPTCHA input box has been used. In addition to your IP address, Google may collect other information necessary to provide and guarantee this service, please read more about what information and the handling of it, on https://policies.google.com/privacy.

HOW LONG WE STORE YOUR PERSONAL DATA

The time periods vary for the type of Personal Data we Process, for example:

  • Some Personal Data is deleted on an ongoing basis,
  • Some Personal Data, such as account information, may be retained for a longer period of time based on our contractual relationship.
  • We Process certain Personal Data for a longer period of time against the background that we have a legitimate interest or to comply with current legislation. Such treatment refers to, for example, record keeping.

DATA SECURITY

We use the level of security that is the industry standard when it comes to encryption, storage, firewalls, backups etc.

Note that no system is 100% secure and there is always a small risk that data will end up in the wrong hands. By using our Service, you accept this risk and will not hold us liable for any unauthorised entry or use, hardware or software failure or other factors that may compromise the security of Personal Data at any time.

We encourage you to use a strong password so that no one can guess your login details.

YOUR PRIVACY RIGHTS

You have the right to request access to the Personal Data we hold about you, to request that we correct any inaccuracies, and to request that we delete your Personal Data. You also have the right to object to the processing of your Personal Data and to request that we restrict processing in certain circumstances. You may at any time withdraw any given consents to our use of your Personal Data. For these requests, use the contact details of our Data Protection Officer provided below.

If you believe that we incorrectly Process your Personal Data, you can file a complaint with a supervisory authority. You can do this in the EU/EEA member state where you live. For us, the Swedish Authority for Privacy Protection (in Swedish Integritetsskyddsmyndigheten, or short, IMY) is the primary supervision authority.

Please note that we may ask you to verify your identity before responding to such requests in accordance with this section.

ACCOUNT DELETION

You can delete your NordicFuzzCon account at any time by sending an e-mail to [email protected]. Please note that we will then delete things that you have registered, including photos. This data cannot be recreated.

LINKS TO OTHER SITES

Our Service may contain links to third party web pages not operated by us, such as Google Maps and YouTube. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party web pages or services, including without limitation these third parties’ privacy policies and how such third parties Process your Personal Data.
We take great care to check the content of any links that we post on our website. Among other things, we check that the content of the website is neither unlawful nor unbecoming of the nature of our organisation. It is however not possible for us to continuously monitor every page. If you find something which would lead you to believe it to be in our interest to remove a link, please contact us (see below).

CHILDREN'S PRIVACY

Our Service does not address anyone under the age of 18 (‘Children’, ‘Child’).

We do not knowingly collect Personal Data from Children. If you are a Child, please do not attempt to register for our Services or send any of your Personal Data to us. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us (see “Contact Us” below).

If we become aware that we have collected Personal Data from Children without verification of parental consent, we will delete such Personal Data from our servers as quickly as possible.

CHANGES TO THIS PRIVACY POLICY

From time to time, it may become necessary to make changes to this Privacy Policy. We will alert you by placing a notice on our website. You can see when this Privacy Policy was last updated by checking the date at the top of this page.

You are responsible for periodically reviewing this Privacy Policy and keep up to date on any updates and / or changes.

COOKIES, PLUGINS, TRACKING, AND ANALYSIS

Our website uses cookies at several points. A Cookie is a small text file that is stored on your computer by your browser. They can have various different functions. Cookies allow the user to use the internet more comfortably. Using Cookies allows the browser to have a kind of memory - the website remembers that a user has already accessed it before and may make it unnecessary to log in again if the site is encrypted. Cookies also make it possible to determine complex usage and surfing behaviours. You can store information about usage and behaviour and transmit it to the user. The use of cookies is therefore a type of profile creation, which is critical in terms of data protection law.

Primarily, cookies are used for online marketing, for example, to display personalised advertising. The keyword “targeting” summarises those activities intended to enable advertising on websites to be specifically targeted to groups of people fitting a profile. An extension of this strategy is so-called retargeting where a provider or advertiser marks the customer using a tracking cookie when they visit the company’s own homepage and tracks them as they browse the internet. A company’s own advertising can then be placed as a banner on other websites to remind you of services from the company.

We reserve the right to use so-called targeting on our site. You have two options to prevent this:

  • You prevent the storage of cookies in your browser. By doing this, your settings will apply to every page you visit. The procedure for doing this depends on your browser.
  • You inform us of your wish that our websites are not allowed to store cookies from you. We are happy to comply with this request. To do this, use the cookie banner and click “reject all”.

Most of the cookies we use are so-called “session cookies”. These are automatically deleted after your visit. More information about how these cookies are used or what information is collected through them is listed throughout this Privacy Policy.

List of functional cookies

These cookies are considered functional cookies because they serve a security and functionality purpose and are not used for advertising or marketing purposes.

  • Cloudflare
  • YouTube

CLOUDFLARE

Cloudflare is a traffic optimization and distribution service provided by Cloudflare Inc. We use this service on our websites. The provider is Cloudflare Inc., 101 Townsend St., San Francisco, CA 94107, USA (“Cloudflare”).

Cloudflare offers a globally distributed content delivery network with DNS. Technically, the information transfer between your browser and our website is routed via the Cloudflare network. This enables Cloudflare to analyse the traffic between your browser and our website and act as a filter between our servers and potentially malicious traffic from the Internet. Cloudflare can also use cookies or other technologies to recognize Internet users, but these are used solely for the purpose described here.

Cloudflare keeps track of this data:

  • IP Address
  • Location (based on IP address)
  • The type of browser you are using
  • What device you are using
  • What operating system you are using

The use of Cloudflare is based on our legitimate interest in providing our website as error-free and securely as possible (Art. 6 Para. 1 lit. f GDPR). As such this is considered a Functional Cookie.

Data transfer to the USA is based on the EU Commission's standard contractual clauses. Details can be found here: https://www.cloudflare.com/privacypolicy/.

Further information about security and data protection at Cloudflare can be found here: https://www.cloudflare.com/privacypolicy/.

YOUTUBE

We use the video platform YouTube on our websites. This allows us to offer you moving image material about our offerings and at the same time make you aware of our offerings on youtube.com

On our website we use the video platform YouTube, which is operated by YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066 in the USA, (“YouTube”). YouTube is a platform that allows the playback of audio and video files. When you access a page on our website, the YouTube player integrated there establishes a connection to YouTube to ensure the technical transmission of the video or audio file. When connecting to YouTube, data is transferred to YouTube. We have no knowledge of the content of the transmitted data or its use by YouTube. Please find out more about how YouTube handles your data as well as your related rights and setting options to protect your privacy on the YouTube website.

Contact

If you have any questions about data protection at NFC, please contact our Data Protection Officer:

Ryan McKown
℅ NordicFuzzCon
Bronsgjutarvägen 19
145 72 Norsborg, Sweden
E-Mail: [email protected].