PRIVACY POLICY - EVENT NEWSLETTER

By voluntarily subscribing to the event newsletter, the owner of the personal data gives their free, specific, informed, and unambiguous consent to the processing of their personal data, in accordance with the provisions of applicable legislation on personal data protection.

This Privacy Policy has been drafted in accordance with the following regulations:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).

  • Law No. 13,709/2018, which regulates the protection of personal data in Brazil (LGPD).

  • Law No. 1581 of 2012 and Decree 1377 of 2013, which establish general provisions for the protection of personal data in Colombia.

  • Federal Law on the Protection of Personal Data Held by Private Parties, published in the Official Gazette of the Federation on July 5, 2010 (Mexico).

  • Law No. 29733 and its Regulations approved by Supreme Decree No. 003-2013-JUS, which regulate the protection of personal data in Peru.

  • USA - Florida Information Protection Act (FIPA), in accordance with Florida Statutes § 501.171;

  • USA - California: The provisions of the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) do not apply to the data controller, as the legal requirements of territoriality, turnover, or data collection required by these regulations are not met.

This policy aims to provide clear and transparent information about the processing that will be carried out in relation to the personal data collected, as well as the rights of data subjects under each national legislation.

1. Data controller.

The data controller for the personal data collected through the newsletter is:

Betandeal USA Corp.

EIN 88-2679370 2655 S

Address: 2655 S Le Jeune Road, STE 905, Coral Gables - FL 33134, Florida, United States

Contact email:awards@betandeal.com

Betandeal USA Corp. acts as the data controller in accordance with the terms established by the national and international data protection laws indicated.

In cases where data processing is carried out by external processors or platforms located outside the country of residence of the data subject, Betandeal USA Corp. undertakes to ensure that appropriate protection mechanisms are in place, such as standard contractual clauses, binding corporate rules, or other legally valid safeguards, in accordance with each legislation.

2. Personal data processed.

As part of the event newsletter subscription process, only the minimum personal data necessary will be collected and processed, in accordance with the principle of minimization provided for in the applicable regulations.

More specifically, the following categories of data may be processed:

  • Full name

  • Email address

  • Technical data relating to interaction with the mailings sent, such as records of emails opened, links clicked or unsubscriptions, collected for operational and statistical purposes to assess the performance of communications.

This data is collected directly from the data subject through forms enabled on the event website and will be processed exclusively for the purposes indicated in this policy.

No special categories of personal data (such as sensitive data) will be requested or processed through the newsletter.

3. Purposes of processing.

The personal data collected will be processed lawfully, fairly, and transparently, exclusively for the following specific, explicit, and legitimate purposes:

  1. To send informative communications related to the event, including official notices, press releases, reminders, and other relevant updates.

  2. To provide useful logistical information to subscribers, such as schedules, itineraries, program changes, location of activities, or operational details.

  3. Evaluate and optimize communications by analyzing aggregate technical metrics (such as open and click rates) for the sole purpose of improving the quality and relevance of the information service.

The data will not be used for purposes incompatible with those described herein, nor will automated profiles with legal or significant effects for the data subject be created.

4. Legal basis for processing.

The processing of personal data is based on the express, free, informed, and unambiguous consent given by the data subject when subscribing to the newsletter, in accordance with the provisions of applicable law:

  • Article 6.1.a of Regulation (EU) 2016/679 (GDPR).

  • Article 7, paragraph I, of Law No. 13,709/2018 (LGPD - Brazil).

  • Article 5 of Law 1581 of 2012 and Decree 1377 of 2013 (Colombia).

  • Article 8 of the Federal Law on Protection of Personal Data Held by Private Parties (Mexico).

  • Article 12 of Law No. 29733 - Personal Data Protection Law and its Regulations (Peru).

Consent may be revoked at any time by the data subject, without retroactive effect and without affecting the legality of the processing carried out until the date of revocation.

5. Data transfer and international transfers.

Personal data may be processed, stored, or managed through third-party technology platforms, such as electronic newsletter services, campaign management, or statistical analysis, located within or outside the country of residence of the data subject.

When the processing involves an international transfer of personal data, Betandeal USA Corp. guarantees that such transfer will be carried out in accordance with the requirements established in the applicable laws, adopting adequate safeguards to ensure a level of protection equivalent to that required in the country of the data subject.

These safeguards may include, among others:

  • Standard contractual clauses approved by the competent supervisory authorities;

  • Binding Corporate Rules;

  • Impact assessments, where applicable;

  • Explicit consent of the data subject, where legally required.

Under no circumstances will personal data be sold or transferred to third parties for purposes other than those set out in this policy.

6. Rights of the data subject.

Under applicable data protection legislation, the owner of personal data has the right to exercise the following rights at any time and free of charge in relation to the processing of their data:

  • Right of access: to obtain confirmation as to whether your personal data is being processed and to access it.

  • Right of rectification: to request the correction or updating of inaccurate, incomplete or outdated data.

  • Right to erasure or cancellation: request the deletion of your data when it is no longer necessary for the purpose for which it was collected, or when you withdraw your consent.

  • Right to object: object to the processing of your data on legitimate grounds, unless there is a compelling legitimate interest.

  • Right to restriction of processing: request the temporary suspension of the processing of your data in certain legally established cases.

  • Right to data portability: receive your data in a structured, commonly used and machine-readable format, and transmit it to another controller, where applicable.

  • Right to withdraw consent at any time, without retroactive effect.

  • Right to obtain information about international transfers and the recipients of your data.

The exercise of these rights will be subject to the requirements, conditions, and exceptions established in the applicable legislation in each country (including the GDPR, LGPD, and laws of Colombia, Mexico, and Peru).

7. Channel for exercising rights.

The owner of the personal data may exercise the rights recognized by applicable law at any time by sending a written request to the following email address: awards@betandeal.com.

In order to properly process the request, the owner may be asked to prove their identity or, if applicable, the legal representation conferred by means of a power of attorney or equivalent document, in order to ensure the confidentiality and security of the processing.

The response will be issued within the time limits established by applicable law, which may vary depending on the country of the owner:

  • 15 business days (LGPD - Brazil)

  • 10 business days (Colombia, for access requests)

  • 20 calendar days (Mexico, extendable for an additional 10 days)

  • 20 business days (Peru)

  • 1 month, extendable in complex cases (GDPR - European Union)

  • In Florida (USA), the exercise of rights is not formally regulated, although Betandeal USA Corp. will respond in good faith to any reasonable request related to the processing of personal data, within the scope of current legislation.

Requests will be met free of charge, except when they are manifestly unfounded or excessive, in which case they may be refused or subject to a reasonable fee for administrative costs, in accordance with applicable regulations.

8. Data security and integrity.

Betandeal USA Corp. implements appropriate technical, administrative, and organizational measures to ensure a level of security appropriate to the risk of processing, with the aim of preserving the confidentiality, integrity, availability, and resilience of personal data.

These measures are designed to protect data against:

  • Unauthorized or unlawful access.

  • Accidental or intentional loss, destruction, damage, or alteration.

  • Unauthorized disclosure or misuse.

The measures adopted include, among others:

  • Use of secure connections (HTTPS).

  • Access management and authentication.

  • Encryption of data in transit and, where applicable, at rest.

  • Backup copies and contingency plans.

  • Confidentiality agreements with suppliers.

In the event of a security incident that poses a significant risk to the rights of the data subject, containment measures will be taken immediately and the competent authority (such as the ANPD, AEPD, INAI, SIC or CNPD) will be notified, as well as, where appropriate, the data subject, in accordance with the applicable legislation (e.g., Articles 33 and 34 of the GDPR, Article 48 of the LGPD and equivalent provisions in local legislation).

9. Withdrawal of consent.

The data subject may withdraw the consent given for the processing of their data at any time, in a simple, free, accessible manner and without the need for justification.

The withdrawal may be made by any of the following means:

  • By clicking on the unsubscribe link included in the footer of each communication sent.

  • By sending a request by email to the address indicated in item 1.

The withdrawal of consent will not have retroactive effect and will not affect the lawfulness of the processing carried out previously based on the consent previously granted.

Once the revocation has been processed, the sending of communications will be suspended and the data subject's data will be deleted, unless there is a legal, administrative, or contractual obligation that justifies its retention for an additional period.

10. Data retention period.

Personal data will be kept only for as long as necessary to fulfill the purposes described in this policy and for as long as the data subject maintains their active subscription to the newsletter.

Once cancellation has been requested or authorization has been revoked, the data will be deleted securely and definitively, unless there is a legal, contractual or administrative obligation that justifies its retention for an additional period, such as:

  • Compliance with tax, accounting or auditing obligations.

  • Attention to possible liabilities arising from the processing.

  • Retention required by regulations on information society services or commercial communications.

In any case, the data will be blocked and kept only for the purposes of complying with these responsibilities or legal requirements, during the periods established by the regulations applicable in each jurisdiction.

11.- Promotional use of audiovisual content.

During the event, images, videos, sound recordings, and other audiovisual content may be generated in which participants or attendees may be identified.

This content may be used by Betandeal USA Corp. for promotional, informational, or institutional purposes, including its publication or dissemination through:

  • Official websites;

  • Corporate social networks;

  • Press releases or newsletters;

  • Audiovisual material related to the brand or future editions of the event.

The transfer of image, voice, and other content rights generated during the event is expressly regulated in the Legal Basis of the Event, which must be accepted independently by each participant when registering or attending the event.

If applicable law requires express consent for this use, it will be obtained by appropriate means separate from this policy.

12.- Use of cookies.

The event website uses its own and third-party cookies for analytical purposes only, in particular through the Google Analytics tool, in order to obtain aggregate statistical information on the use of the website by users (e.g., number of visits, most visited pages, time spent on the site).

These cookies allow us to improve the performance of the website and optimize its content, but they do not allow us to directly identify the user and are not used for advertising or individual profiling purposes.

Non-essential cookies are only installed when the user gives their consent via the banner or the configuration tool enabled on the website. These cookies are used for analytical and service improvement purposes. The user may accept, refuse, or customize their use at any time through this configuration tool. The user can obtain more information or modify their preferences at any time by accessing the website's Cookie Policy.

13. Multinational legal compliance.

This policy has been drafted in accordance with the personal data protection regulations in force in the European Union (General Data Protection Regulation – GDPR), Brazil (General Data Protection Law – LGPD), Colombia (Law 1581 of 2012), Mexico (Federal Law on Protection of Personal Data Held by Private Parties) and Peru (Law No. 29733), as well as with the legislation of the United States of America, including the Florida Information Protection Act (FIPA). Full respect for the rights of data subjects is guaranteed in accordance with the terms established by each applicable law.

The provisions of the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) do not apply to the data controller, as the legal requirements of territoriality, turnover, or data collection required by these regulations are not met. Consequently, the controller is not subject to its obligations and does not recognize any application of the same in the data processing it carries out.

We use own and third party cookies to provide a better user experience. By continuing to browse we understand that you accept our Privacy Policy.
Accept