United States site instead?A. Contact details of the controller:
Name: Graphisoft SE (hereinafter: Graphisoft)
Registered office: 1031 Budapest, (Graphisoft Park) Záhony u 7.
E-mail address: [email protected]
Telephone number: 00 36 1 437 3000
B. Data processors:
Graphisoft organizes online and offline events. At the 40 Years of Building Together and 2022 Graphisoft Launch Event events we use the services of the following data processors:
- Swapcard for providing platform for online events and measuring their viewership.
For further information visit: https://www.swapcard.com/privacy-policy - Slido for providing online survey.
For further information visit: https://www.sli.do/terms#privacy-policy - IBM Watson Media for providing videoplayer platform, and statistics on the viewership of the event’s recording.
For further information visit https://www.ibm.com/privacy - Google Ireland Limited for analytic and marketing purposes.
For further information visit: https://policies.google.com/privacy?hl=hu - Lime Creative Kft. for taking and using photos and videos.
For further information visit: https://www.limecreative.hu/ - When you take profile picture at the event, we use Brandmatic for creating selfie photos with the event logo.
For further information visit: https://brandmatic.co/privacy - When you ask a question online, we use Sparkup for providing interactive features during the event.
For further information visit: https://help.sparkup.app/hc/en-us/articles/360002604360- GDPR-compliance
Other than the above, Graphisoft does not transfer personal data to any other recipient.
C. Description of the data processing:
To verify your eligibility to participate in an online event, Graphisoft asks your username and password provided during the registration.
During the event, a video recording will be made so that those who were not present can follow the news and events. In this case the video will be available until the period described below (section D.).
To measure the level of interest in relation to the online events, Graphisoft collects and analyses statistics on the viewership of the events’ recording.
To provide internal benchmark, the recording will be stored for 2 years after the event took place but will only be available to a strictly limited number of employees.
Photos, videos (‘recordings’) will be taken about participants during the event, both distant group recordings and close individual recordings. On the distant group recordings the individuals can be hardly identified, and the recordings will be used on Graphisoft’s external platforms and social media for branding purposes. The close individual recordings will be made only if You consent to it; the recordings will be used internally, means that only Graphisoft’s employees and business partners (distributors, resellers) will have access to it.
When using Swapcard the following are applicable:
We use a virtual event platform where You can register and participate in the online event. This platform provides statistics on the viewership as well.
When using Brandmatic the following are applicable:
To encourage participation in an online event, and to make the event more fun and interactive for participants, Graphisoft provides the opportunity to create virtual selfie photo with the event logo. Creating these pictures are optional. When you take a selfie photo, that would be used for creating a mosaic.
When using Slido the following are applicable:
In order to collect feedback about the event, Graphisoft uses Slido as a survey tool. Fill in the survey is optional.
When using Sparkup the following are applicable:
To encourage participation in the event, and to make the event more fun and interactive for participants, Graphisoft uses interactive features during the event. These features are optional for the participants.
When using IBM Watson Media the following are applicable:
We use videoplayer platform where You can watch the video. This platform provides statistics on the viewership of the event’s recording.
When using Google Ireland Limited the following are applicable:
We use Google Analytics for analytic and marketing purposes.
D. Purpose, legal basis and duration of the data processing
| Purpose of data processing | Legal basis of data processing | Scope of the processed personal data | Duration of data processing |
| Register the participants of the event | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): Operating the event |
When You attend in-person, we process the following additional data:
|
Until the end of the event |
| Your consent (point a) of Art. 6(1) of GDPR) | When You attend in-person:
|
||
| Verification of eligibility to participate in an online event | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): Providing personalised content |
|
Until eligibility is verified |
| To let those who were not present watch the event | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): Providing opportunity to be informed about the happenings of the event. |
|
Participants can re- watch the event 30 days after the event took place. |
| Measuring the level of interest in relation to an online event (based on viewing statistics) | Legitimate interest of GRAPHISOFT according to point f) of Article 6 (1) of GDPR: Tailoring the topics of future events to the participant’s interest. |
|
Until preparing the viewing statistics. |
| To provide internal benchmark | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): To standardize the high quality of Graphisoft’s events |
|
The recording will be stored for 2 years after the event took place but will only be available to a strictly limited number of employees. |
| To make statistics for analytic purposes | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): Improving the quality of future events |
|
2 years after the event took place |
| Collecting feedback related to the speakers | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): Improving the quality of future events |
|
1 year after the event took place |
| Taking and using photographs and videos of the important, key happenings of the event to inform the public about the event | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): Promoting the events of Graphisoft |
|
The photos will be published and stored for 3 years after the event took place. |
| Taking and using photographs and videos of the participants to inform the employees about the event | Your consent (point a) of Art. 6(1) of GDPR) |
|
The photos will be stored for 3 years after the event took place but will only be available on the internal network. |
| When using Slido the following are applicable | |||
| Creating participant’s profile and collecting feedback about the event from a large number of participants in a simple way | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): Improvement of the quality of the future events |
|
30 days after the event took place. |
| Operating participant’s profile | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): To provide an easy access to Q&A sessions, surveys of the following online events |
|
30 days after the event took place. |
| When using Sparkup the following are applicable | |||
| Providing interactive features during the event. | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): To make the event more fun and interactive for participants (Strengthening cohesion) |
|
2 weeks after the event took place |
|
Voice data and camera picture won’t be stored | ||
| When using Brandmatic the following are applicable | |||
| Providing participants with the opportunity to create profile pictures with the event logo. | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): To make the event more fun and interactive for participants (Strengthening cohesion) |
|
Until the end of the event |
| Create and publish mosaics on the internal network | Legitimate interest of Graphisoft (point f) of Art. 6(1) of GDPR): Make a memory of the event available to employees, strengthening cohesion |
|
Until 31 July 2022 |
The data processed do not contain any special categories of personal data, except for dietary information, which only concerns persons participating in-person if they explicitly consent.
E. Data transfer outside the EEA, EU:
Graphisoft does not transfer personal data outside the EU.
When Slido transfers personal data to third countries, the data transfer is based on standard contractual clauses (Article 46 (2) c) of GDPR). You can find more information about Slido’s activities here: https://www.sli.do/terms#privacy-policy.
When Brandmatic transfers personal data to third countries, the data transfer is based on standard contractual clauses (Article 46 (2) c) of GDPR). You can find more information about Brandmatic’s activities here: https://brandmatic.co/privacy.
When Google Ireland Limited transfers personal data to third countries, the data transfer is based on appropriate safeguards (Article 45-46 of GDPR). You can find more information about Google Ireland’s activities here: https://policies.google.com/privacy?hl=hu.
When IBM Watson Media transfers personal data to third countries, the data transfer is based on appropriate safeguards (Article 45-47 of GDPR). You can find more information about IBM Watson Media’s activities here: https://www.ibm.com/privacy.
Swapcard and Sparkup are located in the EU, and use Amazon Web Services as cloud service provider, however their servers are located in the EU. You can find more information about Swapcard and Sparkup activities here: https://www.swapcard.com/privacy-policy.