PRIVACY POLICY FOR SVENSKA MÄSSAN GOTHIA TOWERS

• To manage your purchase, booking or event registration, and to manage your visit to us, e.g. give you access to the event you want to take part in and complete the purchase.
• To communicate relevant information to you. The information provided to you depends on the purpose of your visit to us. For example, we might need to send you booking confirmation, send you a seminar pass, inform you about updates to our terms and conditions or our privacy policy, or provide you with similar important information.

• Information from registration/booking/purchase, your first and second name and contact details.
• Payment information.
• If you visit Upper House or Gothia Towers, we also need to process information about what country you are from, about your credit card number (to enable us to take payment for any additional expenses or for damage) and your national identity number (for safety reasons in the event of evacuation). This data is deleted after your visit.
• If another person books your accommodation for you, that person registers this personal data about you.

Personal data are retained during the time you carry out your purchase, and after that for the purposes stated in the table below, e.g. for accounting purposes.

Information about your payment will be retained for longer in order for us to comply with legislation regarding accounting.

If you have chosen to interact with exhibitors or other parties at an event you take part in, they may subsequently process your personal data as independent data controllers.

• If you visit us in a private capacity and book your visit yourself, it is necessary for us to process your data to perform our contract with you (Article 6.1.b of GDPR). However, if another person books your visit, we process your data on the basis of our legitimate interest in being able to administer our contract with the person who booked the visit on your behalf (legitimate interest under Article 6.1.f of GDPR).
• If you visit us in a professional capacity and your organisation made the booking, processing is necessary on the basis of our legitimate interest in being able to process data about you in order to execute your participation and communicate with you as a contact for your organisation (legitimate interest under Article 6.1.f of GDPR).

• To meet any dietary preferences or other requests stated by you in connection with your booking/registration.
• To enable you to efficiently use parking space you have booked in our car park.
• If you visit Upper House or Gothia Towers, we also process your personal data to check you in faster and with accurate information.

• Information from your booking/registration.
• Other information that you provide to us, e.g. messages you send prior to your stay at Upper House/Gothia Towers or requests you send to us, which may contain information about allergies, medical conditions or other information you choose to provide.
• Your car registration number, if you have booked space in our car park and want to be granted entry immediately.
• If you visit Upper House or Gothia Towers, accurate data about you that we obtain from the Swedish state personal address register (SPAR) and use for check-in.

• If you visit us in a private capacity or communicate your personal preferences to us, processing is necessary in order for us to meet your requirements, i.e. to perform our contract with you (Article 6.1.b of GDPR).
• If your employer or another person handles your booking/registration, we process your data on the basis of our legitimate interest in being able to administer our contract with the person we are in communication with (legitimate interest under Article 6.1.f of GDPR).
• If you send sensitive personal information in messages to us, e.g. information about allergies or medical conditions, we process these personal data on the basis of your consent (Article 6.1.a and Article 9.2.a of GDPR).
• If you stay at Upper House or Gothia Towers, we obtain accurate data from the Swedish state personal address register (SPAR), and the passport number of foreign guests is entered on the booking card on the basis of our legitimate interest in checking you in faster and with accurate information (legitimate interest under Article 6.1.f of GDPR).

• Your name, contact details and any other information included in accounting material (e.g. contracts, verifications).
• Historic payments, transactions and other accounting material.

• To take photographs and videos during our events, which means you may be visible in pictures and videos or be heard in audio recordings during your visit, e.g. in pictures providing a general overview of the event, or of visitors mingling.
  However, we never take pictures that focus on you as a separate individual, unless you have given your prior consent.
• Subject to your prior consent, use images, videos and audio material to provide information about our activities on our website, in printed material and in social media.
  We will inform you clearly before and during our events if we plan to take any pictures, videos and/or audio recordings. We never want you to be surprised about this happening. Do not hesitate to contact us if you have any questions or concerns about our images, videos and audio recordings

• The use of overview pictures is necessary to meet our legitimate interest in providing information about our activities and marketing our business (legitimate interest under Article 6.1.f of GDPR). Do not hesitate to contact us if you want us to remove images or audio material in which you appear.
• Images, videos and/or audio recordings that focus on you are processed on the basis of your consent (Article 6.1.a of GDPR). We may also choose to request your consent in accordance with GDPR in other contexts where we deem this suitable, depending on the situation.
• We will always inform you if we plan to take pictures, videos or audio recordings, and request your consent in accordance with the Act on Names and Images in Advertising.

• To send newsletters and targeted marketing content about relevant offers related to the event you are attending, information about similar events, and other communications that we deem of relevance to you.
• To send evaluations following your purchase, your booking/registration or your visit, in order for us to improve our service and offering. If you take part in a survey, we will process your responses as described below. We do not request personal data for questionnaire surveys carried out on site.

We analyse how you open and use our newsletters as described below..

• Your name
• Contact details
• Information about what event you have registered for

You can unsubscribe from our mailings or object to marketing at any time, in which case we will retain your personal data as described in the table below.

• To contact you by email and phone to inform you about our events that are deemed of relevance to you based on your professional capacity, e.g. because your company belongs to an exhibitor category relevant to our events, or to invite you to relevant seminars based on your professional capacity.
• To send evaluations following your booking/registration or your visit, in order for us to improve our service and offering. If you take part in a survey, we will process your responses as described below. We do not request personal data for questionnaire surveys carried out on site.

We analyse how you open and use our newsletters as described below.

• Your name
• Email address and phone number
• Information about your professional capacity or position that we have collected from external, publicly available sources or from third parties
• If you visit us in your professional capacity, we also process information about the industry you operate in, your interests, your title, and information that you or your organisation provide (e.g. preferences regarding your booth)

• Email address
• IP address
• Information about how you open our newsletters and what you click on

• Email address and/or phone number
• Information that you no longer want to receive our newsletters
• Time of unsubscribing

• To provide you with optimal service when you use our website and digital services, e.g. to enable you to register for events, log in as a member at our hotels, to remember your choices and settings, and to be able to use live-streamed seminars. In order for these to function, we need to process your personal data on our website and in our digital tools.
• To maintain security, e.g. manage your password if you log in to Exhibitor Service Online, and identify you quickly and easily by scanning the bar code on your visitor badge, which contains your personal data.
• If you scan your visitor badge or have chosen to post information about yourself on the digital platforms we offer, your personal data will be shared with exhibitors, sponsors, trade organisations, speakers or other parties participating in the event. You decide if you want to let someone scan your visitor badge, or to post information about yourself and thus provide information to third parties.

When you use our website, other personal data are also processed if you consent to this in our cookie banner. Read more about cookies here.

• Your name
• Information about your device, e.g. type of device, such as mobile phone, computer or tablet
• Your password and user name in our services
• Information you provide when you use our website and our digital services.
• Information on your choices and settings

If you choose to interact with exhibitors or other parties during the event, they may subsequently process your personal information as independent data controllers, e.g. if you choose for your badge to be scanned by exhibitors.

• To communicate with you and respond to your questions if you contact us, regardless of whether you contact us by email or social media. If you contact us via social media, we recommend that you also read the GDPR information provided by the social media platform you use
• In the unlikely event that we have discussions, legal proceedings or claims in which you are involved, we will also need to process your personal data to process the case, e.g. to respond to your questions and manage any complaints or legal claims

• Your name
• Contact details, e.g. your email address and/or phone number
• Information relevant to the case, e.g. regarding booking/registration and your visit
• Your role and information about the company you represent
• If you communicate with us on social media, we will also process information from your profile
• Other information that you provide when we are in contact

You can delete comments and communications on social media when you want to. We will delete posts and comments that violate the platform’s rules or law.

• The processing is necessary on the basis of our legitimate interest in being able to communicate with you and respond to your questions, as well as process complaints and defend ourselves or, if relevant, initiate legal proceedings (legitimate interest under Article 6.1.f of GDPR).
• We are required by law to process your personal data in certain cases, e.g. if you exercise any of your rights under GDPR, or under consumer protection law. This means that certain processing of personal data is necessary to comply with a legal obligation (Article 6.1.c of GDPR). You may need to provide us with certain personal data in order for us to comply with our legal obligations.