// Legal // Privacy Notice

Privacy Notice

STACK, STEM & AI Forum — Data protection information

Privacy Notice

Effective date
19 September 2025
Controller
Laboratorio de Soluciones del Sur, S.L. (“SURLABS”)
Address
C/ La Mina 2, 41701 Dos Hermanas, Sevilla, Spain
Email
info@surlabs.com

What this Notice covers

This Privacy Notice explains how we collect, use, share, and protect personal data for the STACK, STEM & AI Forum (29–30 January 2026, Dos Hermanas, Spain).

Data we collect

  • Registration data: name, work email, job title/role, institution, department, country, phone (optional).
  • Participation preferences: attendance days, dinner/tour choices, dietary needs, accessibility needs, proposal details for lightning talks.
  • Billing data: payer type, legal entity/company, VAT/Tax ID, billing address, billing contact details, PO/reference, notes.
  • Event operations: session sign-ups, check-in data, badge scans, on-site incident reports (if any).
  • Media: photos and videos. We only capture or publish identifiable images if you have provided consent.
  • Technical data: basic logs from our registration systems (e.g., IP address, timestamps) for security and compliance.

Legal bases for processing (GDPR)

  • Performance of a contract (Art. 6(1)(b)): manage your registration, attendance, and event participation.
  • Legitimate interests (Art. 6(1)(f)): ensure venue security, prevent abuse, produce high-level event metrics/improvements.
  • Legal obligations (Art. 6(1)(c)): tax and accounting records.
  • Consent (Art. 6(1)(a)): optional uses, such as marketing communications and identifiable photos/videos.

How we use your data

  • Process registrations, issue invoices, and communicate logistics.
  • Organize agendas, seating, and dietary/accessibility arrangements.
  • Operate on-site services (badges, check-in, safety).
  • Share post-event materials and (if you opt in) send future event updates.
  • Produce anonymized statistics to improve future editions.

Sharing your data

We share data only as needed with trusted processors (e.g., registration platforms, email providers, invoicing/accounting tools, on-site badge vendors, caterers for dietary planning). Contracts ensure GDPR-compliant processing. We do not sell your data.

International transfers

If a processor is located outside the EEA/UK, we use appropriate safeguards (e.g., EU Standard Contractual Clauses) to protect your data.

Data retention

  • Event administration: up to 12 months after the event.
  • Accounting records: retained per Spanish law (typically 6 years).
  • Marketing communications: retained until you withdraw consent or opt out.
  • Media (with consent): retained until withdrawn or replaced.

Your rights

You may request access, rectification, erasure, restriction, portability, and objection (where applicable). Where processing is based on consent, you can withdraw consent at any time.

To exercise rights, email info@surlabs.com. You also have the right to lodge a complaint with the Agencia Española de Protección de Datos (AEPD).

Security

We implement technical and organizational measures appropriate to the risk (access controls, encryption in transit, least-privilege principles). No method is 100% secure; we continuously improve our safeguards.

Children

This professional event is for adults. We do not knowingly collect data from children.

Updates to this Notice

We may update this Notice if necessary. Material changes will be communicated via email or on the event website.

Contact: info@surlabs.com