Privacy Policy

This Privacy Policy explains what personal data we collect, how and why we collect it during the conference registration process, the legal basis for processing it, how long we store it, as well as informing you about your rights, how to exercise them, and providing other relevant and important information related to the processing of your personal data.

Personal data refers to any information related to an identified or identifiable individual (“Data”), such as your name, address, or email address.

Please review the information provided in this Privacy Policy carefully and familiarize yourself with it thoroughly.

DATA CONTROLLER

The controller of your personal data is UAB “Confinn” (Company Code: 302862159, Address: E. Ožeškienės 18A, Kaunas LT-44254, Lithuania, Email: info@confinn.eu) (hereinafter referred to as the Controller).

CONFERENCE REGISTRATION

When registering for the conference, the Controller processes the following personal data:

Your personal details: Full name, contact phone number, email address.
If registering as a company representative: Company name, company code, VAT code (if applicable), company address.
Conference participants: Names and surnames of the participant(s) you are registering.

Payment-Related Data

Depending on the chosen payment method, we may process the following payment-related data:

Payment transaction date
Transaction amount
Payment service provider
Your bank and transfer reference number
Payment status
Your full name
Order ID/number
Order type (purchase)
Payment ID number (if paying by card)
Discount codes

The source of this data is you and third parties (such as payment service providers and banks, in cases where payment-related data is obtained from them). Some data may also be generated automatically (e.g., an assigned ticket ID number).

Purposes of Processing Your Personal Data

Your personal data is processed for the following purposes:

Administration and execution of financial transactions, including using your contact details (name, phone number, email) for communication (sending participant tickets, conference-related notifications).
Providing information about the upcoming conference or other relevant details related to the event you are attending or have attended.
Sending newsletters about the conference you are attending or have attended.
Marketing communications about similar conferences organized by the Controller.
Direct marketing purposes.

The specified personal data is processed on the legal basis of the concluded transaction and in accordance with the purposes defined in this document. You have the right to withdraw your consent at any time, as described in this Privacy Policy.

Retention Period for Your Personal Data

We process your personal data from the moment you register or place an order for the conference. Once the service is provided, documents confirming the transaction (data) are stored for 10 years, in accordance with the General Document Retention Terms Index, approved by the Chief Archivist of the Republic of Lithuania (March 9, 2011, Order No. V-100, Clause 10.15), based on legal obligations.

Evidence of your acknowledgment of data processing, as well as consent records, is retained as specified in this policy. The legal basis for processing personal data is legitimate interest.

Once the retention period expires, we securely delete your personal data.

CONFERENCE NEWSLETTERS AND MARKETING

By giving your consent on the conference website to receive information about the event, the Controller processes the following personal data:

Full name
Email address
Phone number

These data are collected during the registration process for the purpose of sending newsletters.

Your personal data is processed for direct marketing purposes based on your consent and for marketing similar products and services based on our legitimate interest.

You have the right to withdraw your consent or express your objection at any time by clicking the unsubscribe link at the bottom of any received email or by contacting us via email at info@confinn.eu.

PROTECTION OF LEGITIMATE INTERESTS

The Controller, based on its legitimate interest to protect its rights, including in cases of civil disputes, processes the following data of individuals involved in the case or their employees:

Full name
Personal identification number
Case details
Other relevant case-related information
Publicly available information

These data may be transferred to law enforcement authorities, lawyers, or bailiffs responsible for debt collection. The data is deleted one year after the final resolution of the case and the full satisfaction of the Controller’s claims (if applicable).

Additionally, based on the legitimate interest to protect its rights, the Controller processes personal data specified in:

Consent forms for data processing
Documents related to the exercise or refusal to exercise data subject rights

These personal data are deleted three years after the end of the calendar year in which the data processing was completed or the data subject’s rights were exercised (or denied).

DATA SECURITY

We will take all necessary technical and administrative security measures to protect your data from unauthorized loss, access, alteration, disclosure, or deletion.

RECIPIENTS OF YOUR PERSONAL DATA

Certain personal data may be transferred to authorized data processors, such as:

IT and cloud service providers (e.g., if we rent servers from an IT company, your personal data will be physically stored with that provider).
Companies providing online payment collection services when you make a payment.

We require our data processors to ensure appropriate protection of your personal data and to process it only as instructed by us and only for the specified purposes.

Your personal data may also be transferred to data recipients acting as independent or joint controllers, such as:

Social media platforms
Banks and payment service providers (for processing payments)

If you have questions about our service providers, please contact us at info@confinn.eu.

In certain cases, we may also disclose your data to other entities beyond those mentioned above:

To comply with legal requirements or mandatory court orders (e.g., if required by law or a court ruling).
To protect our legal interests, rights, property, or ensure security.
With your consent or at your legitimate request.

DATA TRANSFER IN CASE OF A CONTROLLER CHANGE

In the event of a business transfer, your personal data processed by us will be transferred to the acquiring company, which will become your new data controller. The legal basis for this data transfer is our legitimate interest in transferring the business.

If the data controller changes, you will be notified separately by us. Additionally, if there are any significant changesto this Privacy Policy after the transfer, you will be informed by the new data controller.

Following such changes, your personal data will continue to be processed only for the purposes for which it was originally collected.

DATA TRANSFER TO THIRD COUNTRIES

The parent companies of social media platforms (Facebook, Instagram, LinkedIn, X, YouTube) and search engine providers (Google) are based outside the European Union, specifically in the United States, which has been deemed to have an adequate level of data protection.

Data Processing by Social Media Platforms

Facebook & Instagram:
- Data of EU residents published on Facebook and Instagram is processed by Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland).
- To learn more about your data subject rights, visit: Facebook Privacy Policy.
- If you have complaints regarding Meta Platforms Ireland Limited’s data processing practices, you can file a complaint with the Irish Data Protection Commission or the State Data Protection Inspectorate.
LinkedIn:
- Data of EU residents published on LinkedIn is processed by LinkedIn Ireland Unlimited Company(Wilton Plaza, Wilton Place, Dublin 2, Ireland).
- To learn more about your data subject rights, visit: LinkedIn Privacy Policy.
- If you have complaints regarding LinkedIn Ireland Unlimited Company’s data processing practices, you can file a complaint with the Irish Data Protection Commission or the State Data Protection Inspectorate.
Google & YouTube:
- Data of EU residents published on Google and YouTube is processed by Google Ireland Limited Company (Gordon House, Barrow Street, Dublin 4, Ireland).
- To learn more about your data subject rights, visit: Google Privacy Policy.
- If you have complaints regarding Google Ireland Limited Company’s data processing practices, you can file a complaint with the Irish Data Protection Commission or the State Data Protection Inspectorate.

Cookies and Third-Country Data Transfers

Some cookies that may be stored on your device when visiting our website are also managed by third-party companiesestablished in non-EU countries.

For more details, please refer to our cookie policy or the cookie banner on our website.

HOW WE PROCESS YOUR PERSONAL DATA

We ensure that your personal data is processed in compliance with applicable legal requirements, including but not limited to the following principles:

Lawfulness, fairness, and transparency: Your personal data will be processed lawfully, fairly, and transparently.
Purpose limitation: Your personal data will only be used to the extent necessary to achieve the specified purposes.
Legitimate purposes: Your personal data will be collected only for legitimate purposes, which have been clearly communicated to you, and will not be used for any other incompatible purposes.
Accuracy and updates: Your personal data will be accurate and regularly updated.
Storage limitation: Your personal data will be retained only for as long as necessary to achieve the disclosed purposes (or as long as required by applicable laws).
Security: Your personal data will be processed securely, ensuring an adequate level of protection.

YOUR RIGHTS REGARDING YOUR PERSONAL DATA

In accordance with data protection regulations, you have the following rights:

Right to access your data
- You have the right to know whether we process your personal data.
- If we do, you can request a copy of your data and receive information about how we use it, whom we share it with, and how long we store it.
- If you repeatedly request the same information, we may refuse to provide it or ask you to cover the cost of additional copies.
Right to rectification
- You have the right to request correction, completion, or clarification of inaccurate, incorrect, or incomplete personal data.
Right to erasure (“right to be forgotten”)
- You have the right to request that we delete your personal data if:
  - It is processed illegally or unfairly.
  - It is no longer necessary for the original purpose.
  - There is no other legal basis for keeping it.
Right to restrict processing
- You have the right to request that we temporarily stop processing your personal data (except for storage) in the following cases:
  - If you challenge the accuracy of your personal data (until we verify its accuracy).
  - If data is processed unlawfully, but you do not want it to be deleted.
  - If you object to data processing (until we determine whether our legitimate interests outweigh your rights).
Right to data portability
- You have the right to request your personal data in a structured, commonly used, and machine-readable format.
- You may also request that we transfer your data to another data controller if technically feasible.
- This right applies only when data processing is based on your consent or a contract and is performed automatically.
Right to withdraw consent
- You can withdraw any previously given consent for personal data processing at any time.
Right to withdraw consent for cookies
- You can change your browser settings to reject cookies. The process depends on your operating systemand browser.
- More information on cookies and how to disable them is available at All About Cookies or Google Privacy & Ads.
Right to object to processing
- You may object to the processing of your personal data if it is based on the legitimate interests of the data controller or a third party.
Right to lodge a complaint
- If you believe your data is being processed unlawfully, you have the right to file a complaint with the State Data Protection Inspectorate in accordance with the Law on Legal Protection of Personal Data of the Republic of Lithuania.

SUBMITTING A REQUEST TO EXERCISE YOUR DATA SUBJECT RIGHTS

You have the right to request the exercise of your data subject rights by submitting a request through the following methods:

In person
By mail
By email
Through another communication channel, provided your identity can be verified (if necessary, based on specific circumstances).

Requirements for the Request

Your request must:

Be legible and signed
Include your full name, address, and contact details (to receive a response)

Submitting a Request via a Representative

If you authorize a representative to submit a request on your behalf, they must provide:

Their full name, address, and contact details
Your full name
A document or certified copy proving authorization

If we have doubts regarding your identity, we may request additional information for verification.

Response Time

After receiving your request, we will provide information on the actions taken within one month.

CHANGES TO THE PRIVACY POLICY

We continuously strive to develop and improve our activities, which may result in periodic updates to this Privacy Policy.

Any updates to the Privacy Policy will be announced on this page, and the changes will take effect immediately.
If the changes significantly affect your rights and freedoms, we will make every effort to notify you personally.

Confinn, UAB

Ožeškienės 18A, Kaunas LT-44254, Lithuania

Tel. +370 615 18868

E-mail: info@confinn.eu

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.