Twebcast is a web-based platform providing digital event management and interactivity.
In order to provide a relevant service to Event Organizers who use our platform as well as participants at Twebcast based events we often process personal data.
Our Data Protection policy exists to explain to all our users how we handle your personal data and which rights you have within the Twebcast platform.
We have a strong belief that every user of our platform should be aware of what data they own and what they share, for how long and to whom, if at all.
In order to provide our services, it is necessary for us to process your personal data. We also process such personal data that you choose to share with us when you set up a Twebcast user account. When Twebcast processes your personal data you can rest assured that your personal data is never monetized or sold to any third party. We only process your data in order to provide our service.
All sensitive data, including user-data is always encrypted at rest. When data flows between our platform and you, the data is also strongly encrypted, making it virtually impossible for others than the owner herself to gain access to the data.
The diagram below describes the Flow of Data, Data Access and Data Ownership when you register to an event as a participant. All data you provide during an event, that does not reveal any personal data (i.e. data that would be considered anonymous if one does not know who provided the data), is accessible by the event organizer, who is considered the owner of that data. Examples of such data can be questions you answer or text you write in a chat.
All the data that is of a personal nature, such as your email address, your name, and similar data, is stored on your own personal profile, which you own. This data can be provided as a temporary copy to the event organizer. They may need to know who registered for their event, to give one example. When the event and the stipulated retention time is over, the copy of the personal data you provided is removed, making your answers anonymous.
Your private user data vs the shared limited and temporary copy provided to the event organizer
We collect the personal data that you choose to share with us in order to access the service and register an account.. This includes such personal data as shown above in the diagrams. In order to be able to relay video and sound signals we may also need to process personal data.
We do not collect your personal data from any third party, other than when we are acting as a processor of personal data on behalf of another data controller. In such cases Twebcast is not the controller of data and any questions you may have regarding any such processing should be aimed at the data controller.
In order to provide a functional service, we have to collect and process your personal data. We do this for the purpose of identification within events hosted on the Twebcast platform and we also use anonymized and aggregated data for analysis and improvement purposes.
We may also process your personal data when we are required to do so by law, e.g., for accounting purposes as required by the Swedish Bokföringslag (1990:1078).
We do not process or use your personal data for any other purpose unless you have given your express consent or if we are legally required to do so.
If you choose to opt in for our newsletter we may also process your personal data for this purpose.
In order to process your personal data we need to have a legal basis. We process your personal data on the following legal basis:
- When the processing of personal data is necessary for the fulfilment of service or a contract which we have signed with you or your employer
- When the processing of personal data is required for the fulfilment of a legal obligation, e.g., if we are ordered to do so by a court of law.
- When we have a legitimate interest in processing your personal data. We use legitimate interest for marketing purposes when you have opted in for our newsletter.
This policy, and this section in particular, is only applicable on such personal data for which Twebcast is the data controller. Personal data related to events hosted on the Twebcast platform may be shared with the event organizer. In such cases the event organizer is the data controller for any personal data you may share within the event and may process your personal data on other terms. For more information on how your data is shared see below, and always read the individual terms for any event in which you participate.
We process your data for as long as you have a registered account on the Twebcast platform. If you choose to terminate your account, any personal data that we have processed will automatically be erased or anonymized. The granted copy to specific events will be anonymized according to the event agreements.
Any personal data related to an event hosted on the Twebcast platform is deleted or anonymized upon completion of the event in question.
If you have opted in for our newsletter we will continue to process your personal data until you opt out, or for a maximum of 2 years.
In some cases we are required by law to process your personal data for longer periods, e.g. the Swedish Bokföringslag (1999:1078). In such cases we will only process the personal data required for that purpose and your personal data will be separate from any active processing.
Since Twebcast is a platform for social interaction through video, sound, and text, your personal data is inevitably shared with other users under certain conditions. You should always be careful about personal information that you choose to share within an event hosted on the Twebcast platform since the event organizer and other users may have access to, and store, this information. Other than personal information that you choose to share you should always read in the specific event terms how the event organizer will use personal data connected to your Twebcast account.
Twebcast does not conduct any “data mining” or otherwise sell your personal information to any other entity.
Personal information that you share within the Twebcast platform
When you communicate with other users, or with an event organizer within the Twebcast platform, or any event hosted on the Twebcast platform, you are sharing your personal data with an entity over which Twebcast has no control. Always make sure you know who the recipient of your personal data is and what they intend to do with it before you attend an event within the Twebcast platform.
Personal information which you have made publicly available, either on your account (such as username etc.) or within an event (such as an event specific public chat etc.) can potentially be viewed by anyone on the Twebcast platform or within the event. Twebcast is not liable for any information that you choose to make public on the Twebcast platform.
Personal information shared with our partners
We have partnerships with other organizations as an integrated part in our business to be able to provide and improve our services. Such partners are, in the event that they process any personal information about you, data processors in relation to Twebcast. In such cases we always sign a Data Processing Agreement with the partner in question that stipulates that they may not process your data in any other way than specifically instructed by Twebcast.
Within the events, Twebcast also shares data with the event organizer as shown in the diagrams above. Always make sure if any other data is shared for a specific event by reading the specific event terms. Information about your availability and participation in events organized on the Twebcast platform may also be shared within the event. Always check the event terms if any other personal data may be shared.
Most of your personal data is processed only within the EU/EEA.
For some functions we do however share your personal data outside of the EU/EEA, more specifically to our data processor Mailchimp (The Rocket Science Group, LLC) which is a corporation based in the United States of America. Any automated e-mails related to your account on the Twebcast platform is handled by Mailchimp. If you or the event organizer chooses to use any functions within the service requiring automated e-mails, your personal data may be processed outside the EU/EEA. If this is the case, we will take measures to protect your personal data in accordance with applicable mandatory rules of the law, for example by demanding guarantees that the supplier protects the data in accordance with applicable data protection rules. Contact us if you want to know more about our safeguard measures. Personal data can also be disclosed pursuant to law, regulation, order, or official decision.
Some events, with global participants, do also open up for real time video to be processed on servers outside of the EU/EEA. A real time video conversation between a person within EU and another person outside of EU will many times result in video signals being processed outside of EU. In such cases the video and audio signals are processed by Agora LLC.
Request for an extract from the register
You have the right to, at any time, request information on the personal data we have about you (an extract from the register). If you request this more than once in each calendar year, we may charge you an administrative fee to provide the information.
A request for an extract from the register is handled by Twebcast. We answer your requests without undue delay. If we for any reason cannot fulfil your wishes, a justification will be provided and we will inform you on how long we will need to answer your request.
Your extract from the register will be sent to your registered address or to the e-mail address you left in connection with the start of the processing activities.
Request for rectification, alteration and erasure
If your data is inaccurate, incomplete or irrelevant, you are entitled to request to have them rectified, altered or erased.
Recalling of consent
If we process your personal data on the legal basis of your express consent, you have the right to, at any time, recall such consent.
Objecting to processing
You have the right to object to processing based on where we have set a legitimate interest as basis for the processing.
If you wish to transmit the personal data that you have shared with us to someone else, you have the right to receive a copy of the personal data concerning you in a commonly-used format.
Restriction of processing
You can also have the right to request that the processing of your personal data is restricted when possible. However, if you request such restriction of the processing, it may lead to us not being able to fulfil our commitments toward you during the ongoing restriction.
The right to lodge a complaint
We ask you to primarily contact us by mail if you are dissatisfied with the way we process your personal data.
You also have the right to lodge complaints to the relevant Data Protection Authority.
If you have any questions regarding our policy you can always contact our Data Protection Officer: David Rinnan, firstname.lastname@example.org.
For general matters regarding Twebcast or inquiries about your data, please contact email@example.com.
Magnus Ladulåsgatan 3
118 65 Stockholm