Updated: February 21, 2019
This Privacy Statement applies to RSA Conference (“RSAC” “we,” “us,” or “our”) to explain how information you provide to us is used and shared. RSAC is part of the Dell Technologies group of companies. Our privacy practices set forth here reflect RSAC’s activity as a data controller. This Privacy Statement applies only to RSAC’s websites and mobile applications (our “Websites”) and does not apply to any other Dell Technologies companies (our “Corporate Affiliates”) that have published their own privacy and security statements or Business Partners (as defined below); or to any other third parties, even if links to their websites are on our Websites. We recommend that you review the privacy statements of the other parties with whom you interact.
For purposes of this Privacy Statement, “Business Partners” means subcontractors, vendors, exhibitors, sponsors or other entities with whom we have ongoing business relationships to provide programs, content, materials, products, services or information. “Personal Information” means information that can identify you, such as your name, telephone number, email address, Internet Protocol (“IP”) address and location data.
THE INFORMATION WE COLLECT
We may ask you to provide Personal Information when you:
- use our Website;
- register for or attend or participate in a RSAC event, program or webinar;
- request services, white papers or information;
- create and manage an account;
- participate in surveys, sweepstakes or other promotional acivities online or in any other venue;
- provide a testimonial;
- subscribe to newsletters, RSAC programs, marketing and promotional emails or other content or materials;
- contact us.
We may collect information you choose to provide about you and your company, which may include your company name, your name, title, e-mail address, postal address, and telephone number. Forms that you choose to complete will indicate whether information requested is mandatory or voluntary.
THE INFORMATION WE AUTOMATICALLY COLLECT
We may automatically collect behavioral and usage information about your visits to our Website, including the pages you view, the links and advertisements you click, search terms you enter, and other actions you take in connection with our website and services. We may also collect certain information from the browser you use to come to our website, such as your IP address, device identifier, location data, browser type and language, access times, the Uniform Resource Locator (URL) of the website that referred you to our website and the URL to which you browse away from our site if you click on a link on our site.
Some RSAC services may be co-branded and offered in conjunction with another company. If you register for or use such services, both RSAC and the other company may receive information collected in conjunction with the co-branded services, and may use the information according to each company’s privacy statement and other agreements with you.
INFORMATION FROM THIRD PARTY SOURCES
We may obtain information about you from third party sources such as public databases, our Business Partners, joint marketing partners, social media platforms, and from other third parties. Examples of the information we may receive from other sources include: page-view information from some Business Partners with which we operate co-branded services or joint offerings. We may use the information to better understand you to enhance our ability to provide relevant marketing, products and services to you and to help prevent and detect fraud.
HOW WE USE PERSONAL INFORMATION
RSAC may use your Personal Information to:
- Deliver the programs, events, services, information, materials, content, products and support or carry out the transactions you have requested;
- Send communications to you, such as your transaction status (including but not limited to, registration confirmations, and program attendance), information about programs available from RSAC and its Business Partners, event announcements, important notices including those announcing changes to our terms or policies, promotional offers and surveys;
- Facilitate the use of our Website and communications;
- Advertise and market RSAC events and related content of our Business Partners by, for example, delivering targeted ads on this and other web sites, analyzing the effectiveness of ads, and determining whether you would be interested in receiving offers about new programs, content or services;
- Administer, customize, personalize, analyze and improve our content and events (including the content and advertisements on our Website), technologies, communications and relationship with you;
- Enforce our conditions of sale, our Website terms and/or separate contracts (if applicable) with you;
- Prevent fraud and other prohibited or illegal activities;
- Protect the security or integrity of our Website, our business, or our events and content or services; or
- Perform other functions or serve other purposes, as disclosed to you at the point of collection or as required or permitted by law.
If RSAC is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.
HOW WE SHARE YOUR PERSONAL INFORMATION
We may share Personal Information with Business Partners to carry out transactions you request, to make our business or that of our Business Partners more responsive to your needs, including so that our Business Partners may provide you with information about those Business Partners’ products and services, or for research or analysis, where the such Business Partner has a legal basis to do so. We may also share Personal Information with Corporate Affiliates and Business Partners, to support RSAC’s internal business purposes, and in furtherance of the internal business operations (not for marketing purposes) of RSAC. We may also disclose Personal Information in connection with legal orders from law enforcement or other government bodies; as required by law or regulation; to protect the rights of RSAC, its customers, the public, or others; to combat fraud or criminal activity; or with your consent.
In addition, we may share Personal Information to carry out transactions you request with Business Partners that helps RSAC customize, analyze and/or improve our communication or relationship with you. This may include requests relating to RSAC events or content. We will only share Personal Information with Business Partners who share RSAC’s commitment to protecting your Personal Information. Except as described above, we will not disclose Personal Information to third parties for their own marketing purposes unless you have provided consent.
We may disclose your Personal Information for any purpose with your consent.
We may share information with a purchaser of all or part of RSAC, Dell or our Corporate Affiliates.
LEGAL BASIS FOR PROCESSING
Our legal basis for collecting and using your Personal Information as described in this Privacy Statement will depend on the Personal Information concerned and the specific context in which we collect it. In general, we collect and process your Personal Information on one or more of the following bases:
- To comply with a contractual obligation (for example, using your address details to make delivery where you have registered to attend an event or accessed content from us. We will advise you upon collection whether the provision of your Personal Information is mandatory and of the possible implications if you do not provide us with your information.
- For compliance with RSAC’s legal obligations where other laws require the processing of your Personal Information (for example, health and safety, taxation and anti-money laundering laws) or where we need your Personal Information to protect your vital interests or those of another person.
- RSAC’s (and its Business Partners’) legitimate interests which include the provision of this Website and/or relevant products and services, and/or the carrying out of marketing and profiling activities, provided always that our legitimate interests are not outweighed by any prejudice or harm your rights and freedoms.
If you have any questions or need more information concerning the legal basis on which we collect your Personal Information, please contact us at privacy@RSA.com.
RETENTION OF YOUR DATA
We will retain your Personal Information as necessary in connection with the purposes described in this Privacy Statement, where applicable, and in accordance with RSAC’s retention policies and applicable law. For more information on the relevant timeframe or criteria to determine the retention period please contact privacy@RSA.com.
RSAC may transfer your Personal Information to Corporate Affiliates and/or to our Business Partners, if required for the purposes described in this Privacy Statement. This may involve the transfer of your Personal Information to countries outside your home country or region, including outside the European Economic Area if that is your region, which may have a different level of data protection from your home country. Such countries may include, without limitation, the United States and other countries in which RSAC or its parent company, Corporate Affiliates or Business Partners maintain facilities. In order to provide adequate protection for the transfer of your Personal Information, where appropriate. We have in place contractual arrangements (such as the European Commission’s Standard Contractual Clauses as appropriate) with our parent company, Corporate Affiliates and Business Partners in respect of such transfers. We will take all reasonable technical and organizational measures to safeguard Personal Information we transfer.
YOUR EU DATA PROTECTION RIGHTS
Where the processing of your Personal Information is subject to EU data protection laws, you have the following data subject rights. Please note that these rights are not absolute and in certain cases are subject to conditions as specified in applicable law:
- Access: you have the right to request information about how we process your Personal Information and to obtain a copy of that Personal Information.
- Rectification: you have the right to request the rectification of inaccurate Personal Information about you and for any incomplete Personal Information about you to be completed.
- Objection: you have the right to object to the processing of your Personal Information, which is based on our legitimate interests (as described above).
- Erasure: you have the right to request the erasure of your Personal Information (subject to certain conditions).
- Automated decision-making: you have the right not to have a decision made about you that is based solely on automated processing if that decision produces legal or similarly significant effects concerning you.
- Restriction: you have the right to ask us to restrict our processing of your Personal Information, so that we no longer process that information until the restriction is lifted.
- Portability: you have the right to receive your Personal Information, which you have provided to us, in a structured, commonly used and machine-readable format and to have that information transmitted to another organization in certain circumstances.
In addition to the above, you have the right to lodge a complaint with a supervisory authority if you consider that our processing of your Personal Information infringes applicable data protection law.
If you have any questions about the type of Personal Information we hold about you or if you wish to request deletion or correction of Personal Information we hold about you, or exercise any other data subject right, please send a written request to privacy@RSA.com or to the postal address provided at the bottom of this Privacy Statement. While we will make reasonable efforts to accommodate your request, we reserve the right to reject such access requests or to impose restrictions or requirements upon such requests if required or permitted by applicable law.
SELECTING YOUR COMMUNICATION PREFERENCES & ACCESSING YOUR PERSONAL INFORMATION
You may choose to receive or not receive marketing communications from RSAC by indicating your preferences. Opportunities to select your preferences include the following:
- You can click “unsubscribe” in any marketing email communications we send you, or
- The following link allows you to choose whether you wish to receive marketing communications from RSAC, and to manage your communication preferences: https://go.rsaconference.com/emailunsubscribe,
- You can send us an email at privacy@RSA.com to opt out;
- If you wish to change or update your Personal Information, please contact us at privacy@RSA.com.
Please allow up to 10 business days for your email preferences and any updates of your Personal Information to take effect. We will then retain your information for as long as your account is active or as needed to provide you services and as necessary to comply with our legal, regulatory or compliance obligations. If you opt out of receiving marketing communications, we may still communicate with you in connection with transactions, content or materials you request.
Any marketing by RSAC, or any third parties on behalf of RSAC, will be conducted in accordance with applicable laws and include (where applicable) methods to allow you to express your preferences (including being removed from our marketing lists as set out above).
HOW WE SECURE PERSONAL INFORMATION
RSAC is committed to protecting the security of your Personal Information. RSAC takes all reasonable steps to protect your Personal Information from misuse, interference and loss, as well as unauthorized access, modification or disclosure. The ways we do this include:
- Using encryption when collecting or transferring sensitive information, such as credit card details;
- Having in place technical and organizational measures designed to ensure the ongoing integrity, availability and resilience of processing systems and services;
- Limiting physical access to our premises;
- Limiting access to the information we collect about you;
- Ensuring that we and our Business Partners have appropriate security safeguards to keep Personal Information secure; and
- Where required by law, destroying or de-identifying Personal Information.
We encourage you to keep any passwords you use confidential and to be careful to avoid “phishing” scams where someone may send you an email that appears to be from RSAC asking for your personal information. RSAC will not request your ID or password through email.
COLLECTION AND USE OF CHILDREN’S PERSONAL INFORMATION
RSAC takes children’s privacy seriously. We do not knowingly collect Personal Information from children through our Website. If you are a child as understood by laws of your country, please do not submit any Personal Information through our Website without the express consent and participation of a parent or guardian.
COOKIES AND SIMILAR TECHNOLOGIES
A cookie is a piece of text that is placed on your computer’s hard drive. Depending on the settings you have selected, your browser adds the text to your device as a small file. Many browsers are set to accept cookies by default. You have the ability to accept or decline cookies as you prefer. The Help portion of your web browser, most likely found on the toolbar, typically tells you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Note that disabling or declining cookies may prevent the use of certain features of our website, including the ability to login to a site.
ANALYTICS / LOG FILES
As is true of most web sites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. We may link this automatically-collected data to Personal Information in order to personalize our communications with you.
TARGETED DISPLAY ADVERTISING BY RSAC AND OTHERS
These cookies assist the third parties in identifying the pages you view, the links and ads you click on, other actions you take on those web pages, and the site from which you came before arriving at a web page.
To enable you to opt-out of interest-based advertising delivered by partners working with RSAC, or to customize your experience on our Website, please navigate to the main page and select “Cookie Consent” at the bottom of the page. If you opt-out, you may still see RSAC ads on other websites, but those ads will not be customized to you by RSAC or our partners.
“DO NOT TRACK” SIGNALS
TARGETED EMAIL MARKETING BY RSAC
Some marketing you receive, including email marketing, may also be personalized based on your visits to our Website and your browsing and purchase history. In addition, when you click on some links in email marketing you receive, our email service provider may place a cookie on your browser. This cookie would be linked to your email address and used to gather information about the products and services you view on our Website. Information gathered may be used to personalize and customize future email marketing messages you receive. You may opt out of this use by clicking on the unsubscribe or manage preferences links provided in every personalized email marketing message you receive sent from or on behalf of RSAC.
HOW WE AND OUR PARTNERS USE WEB BEACONS, PIXEL TAGS AND TRACKING TECHNOLOGY
RSAC may use web beacons, pixel and tags on our website, in our email messages, in our advertisements on other websites, or in our advertisements in others’ email messages.
A web beacon is an electronic image that can be used to recognize a cookie on your computer when you view a web page or email message. Web beacons help us measure the effectiveness of our Website and our advertising in various ways. For example, web beacons may count the number of individuals who visit our Website from a particular advertisement, or who make a purchase from our Website after viewing a particular advertisement, or they may tell us when a web page is viewed and provide a description of the page where the web beacon is placed. Web beacons may also measure the effectiveness of our email campaigns, by counting the number of individuals who open or act upon an email message, determining when an email message is opened and determining how many times an email message is forwarded. Subject to local laws, we may combine the information that we collect through web beacons with other Personal Information we have collected from you.
The information we collect through web beacons may include some limited Personal Information, and web beacons allow us to recognize users by accessing RSAC cookies. We use all of this information to better tailor our marketing to you and may use this information for other purposes, such as to enable a shopping cart, customize content on our Website and undertake internal research.
When you visit our Website or view one of our email messages, we may use pixel tags (also called “clear” gifs), tracking links and/or similar technology to note some of the pages you visit on our Website. We may also use pixel tags to determine what types of email your browser supports. We may use the information collected through, pixel tags, tracking links and similar technology in combination with your Personal Information to personalize your experience on our Website and to provide you with more useful and relevant advertisements.
SOCIAL MEDIA WIDGETS
Our Website includes social media features, such as a Facebook “Like” button and widgets, such as the “Share this” button or interactive mini-programs that run on our Website. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. Your interactions with these features are governed by the privacy statement of the company providing it and not by this Privacy Statement.
LINKS TO EXTERNAL WEBSITES
Our Website may contain links to third-party sites. RSAC cannot control and is not responsible for the privacy practices of such third-party sites. RSAC encourages users to be aware when they leave our Website, and to read the privacy statements of each website they visit. This Privacy Statement applies only to RSAC.
CHANGES TO THIS PRIVACY STATEMENT
RSAC reserves the right to change this Privacy Statement at any time. If RSAC materially changes its Privacy Statement, we will either notify users via e-mail or via a prominent notice posted on our Website prior to the change becoming effective. Changes are effective as of the date we post them on the RSAC Privacy Statement page. We encourage you to periodically review this Privacy Statement to be informed of how we are using and protecting your Personal Information.
For data subjects located in the EU:
Unless otherwise stated, RSAC is the data controller of your personal information. For the purposes of the General Data Protection Regulation, RSAC has appointed Dell Products to be its representative in the EU who can be contacted as follows:
70 Sir John Rogerson’s Quay
By email: firstname.lastname@example.org
HOW TO CONTACT US
If you have questions about this Privacy Statement or would like to contact us for any reason regarding our privacy practices, you may:
- Contact RSAC via e-mail at privacy@RSA.com or
- Send postal mail to the following address: RSA Conference
Attention: Law Department – Privacy
174 Middlesex Turnpike
- RSAC’s Data Representative, Dell Product (Ireland),
Attention: Law Department – Privacy
70 Sir John Rogerson’s Quay