Data protection and privacy notice/cookies

This Data Protection and Privacy Notice was last modified on May 5, 2023.

This notice provides information on how Salzburg Global Seminar, Leopoldskronstrasse 56-58, 5020Salzburg, Austria (“we”) processes personal data.

Salzburg Global Seminar is an independent non-profit organization founded in 1947 to challengecurrent and future leaders to shape a better world. Our multi-year programs aim to bridge divides,expand collaboration, and transform systems.

Salzburg Global convenes outstanding talent across generations, cultures and sectors to inspire newthinking and action, connect local innovators with global resources, and foster lasting networks andpartnerships for creative, just and sustainable change.Our programs address challenges in the arts,education, environment, finance, health, human rights, rule of law and media.

Over 36,000 Fellows from more than 170 countries have come together through our work, with manyrising to senior  leadership positions. Our historic headquarters at Schloss Leopoldskron in Salzburg,Austria – now also the award-winning Hotel Schloss Leopoldskron – allows us to welcome allparticipants in conditions of trust and openness.

Salzburg Global complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Salzburg Global has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov. The United States Federal Trade Commission has jurisdiction over Salzburg Global’s compliance with the Privacy Shield.

1. KEY TERMS USED IN THIS DATA PROTECTION AND PRIVACY NOTICE

Below is a list of terms and definitions used in this notice. These terms and definitions are listed inArticle 4 of the EU General Data Protection Regulation (“GDPR”).

Consent: Consent of the data  ubject means any freely given, specific, informed and unambiguousindication of the data subject's wishes by which he or she, by a statement or by a clear affirmativeaction, signifies agreement to the processing of personal data relating to him or her;

Personal data: Any information relating to an identified or identifiable natural person ('data subject').An identifiable natural person is one who can be identified, directly or indirectly by reference to anidentifier such as a name, an identification number, location data, an online identifier or to one ormore factors specific to the physical, physiological, genetic, mental, economic, cultural or socialidentity of that natural person;

Processing: Any operation or set of operations which is performed on personal data or on sets ofpersonal data,  whether or not by automated means, such as collecting, recording, organizing, structuring, storing, adapting, altering, or retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure ordestruction;

Recipient: A natural or legal person, public authority, organization,  program partner, agency oranother body, to which the personal data are disclosed, whether or not a third party. However, publicauthorities which may receive personal data in the framework of a particular inquiry in accordancewith European Union or Member State law shall not be regarded as recipients; the processing ofthose data by those public authorities shall be in compliance with the applicable data protection rulesaccording to the purposes of the processing.

2. PURPOSES FOR WHICH WE PROCESS DATA

We process personal data for the following purposes:

  1. Hotel bookings for guests, clients, and program participants;
  2. Administration of program recruitment, travel and participation;
  3. Production and dissemination of program materials (for example program schedule andparticipant directory);
  4. Invitations and promotional events;
  5. Fellowship communications and networking;
  6. Program related research;
  7. Solicitation and fundraising.

Purposes for processing your personal data while visiting our website:

  1. To make this website available to you and to further improve and develop this website;
  2. To createusage statistics (see chapter 5);
  3. To detect, prevent, and investigate attacks on our website;
  4. To respond to your requests;

We collect this data when it is provided to us voluntarily, from official program partners, and/or from identified public sources (i.e. publically available websites).

In order to operate effectively, transparently, and in compliance with the GDPR, we ask guests,clients, and program participants to provide personal data on a voluntary basis.

3. PROCESSED DATA CATEGORIES AND LEGAL BASIS OF THE PROCESSING

Consistent with Article 6(1) of the GDPR, we process personal data in compliance with to thefollowing provisions of the GDPR:

Data for which we need explicit consent (Article 6(1)(a) GDPR):

  1. Photographs;
  2. Professional biographies;
  3. Personal  preferences  relevant  to  guests,  clients,  and  participants  in  our  programs  that  may  be considered sensitive data (for example food allergies, specific medical conditions, religious beliefs, etc.)

Data for which we do not need explicit consent (Article 6(1)(f) GDPR –“legitimate interests”):

In accordance with our “legitimate interests” to provide services as part of our operations, we mayprocess the following categories of personal data as an integral part of our service delivery:

  1. Contact information (for example: title, name, position, institution, address, phone, email);
  2. Billing data (where appropriate);
  3. Contractual data (where appropriate).

Data we process during your visit of our website:

  1. Date and time of the visit of our website
  2. Your IP address
  3. Name and version of your web-browsers
  4. The website (url) you visited before the visit of our website
  5. Specific cookies (see chapter 6)
  6. The information that you provide yourself (for instance by registering for a session)

There is no obligation to actually disclose any information we request you to submit on our website.However, if you do not, you will not be able to use all functions of the website.

4. TRANSFER OF PERSONAL DATA

We seek to protect and ensure the privacy of all personal data processed as part of our operations.We will never sell or trade the personal data of our guests, clients, or program participants forcommercial gain.

For the purposes set out in Point 2 above, we may transfer some personal data to organizations withwhom we work. These recipients may include:

  • Travel agents and transport companies;
  • IT service providers with whom we have contractual relationships;
  • Event and program partners.

Recipients  to  whom  we  transfer  personal  data  may  be  located,  or  process  personal data,  in  a  rangeof countries. We will only transfer your personal data to recipients:

In countries listed by the European Commission as having an adequate level of data protection as determined in accordance with Article 45 of the GDPR and as published in the Official Journal of the European Union [or After taking measures to ensure that the recipient provides an adequate level of data protection compliant with the GDPR, for example by entering into appropriate data transfer agreements based on Standard Contractual Clauses (2010/87/EC and/or 2004/915/EC). Such agreements are accessible upon request from dataprotection@salzburgglobal.org.

We will also disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Salzburg Global commits to cooperate with the panel established by the EU data protection authorities (DPAs) and comply with the advice given by the panel with regard to customer data and data collected from website visitors, which is transferred from the EU in the context of providing services to you.
Additionally, we shall remain liable under the Privacy Shield if the organization which we share personal information processes such information in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.

5. MATOMO

We use the web analysis tool "Matomo" to design our website according to needs. Matomo creates user profiles based on pseudonyms. Matomo uses so-called cookies. These are text files that are stored on your computer and that enable Matomo to analyze the use of its website. For this purpose, the information about usage obtained by the cookie is transmitted to the server and stored so that usage behavior can be evaluated. Your IP address will be anonymized immediately; this way you remain anonymous as a user. The information generated by the cookie about your use of this website will not be passed on to third parties. In this way we are able to recognize and count returning visitors.

The data processing takes place on the basis of your consent in accordance with Section 25 (1) TTDSG, Article 6 (1) (a) GDPR, provided you have given your consent via our banner. You can revoke your consent at any time. Please make the appropriate settings via our banner.

Further information on Matomo's terms of use and data protection regulations can be found at: https://matomo.org/privacy/

6. FACEBOOK

We use the “visitor action pixels” from Facebook Inc (1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”)) on our website.

This allows user behavior to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal dataof individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and  also  use  it  for  its  own  promotional  purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.

The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can object to the  collection  of  your  data  by  Facebook  pixel,  or  to  the  use  of  your  data  for  the  purpose  of  displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.

Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

7. COOKIES

On this website so-called cookies are used. A cookie is a small file that can bestored on your computer when you visit a website. Basically, cookies are used to provide users with additional functions on a website. For example, they may be used to help you navigate a web page, to allow you to continue to use a web page where you left it, or to save your  preferences and preferences when you revisit that web page. Cookies cannot access, read or modify any other data on your computer.

Most cookies on this website are so-called session cookies. They will be automatically deleted when you leave our website. Permanent cookies, however, remain on your computer until you manually delete them in your browser. We use such permanent cookies to recognize you when you next visit our website.

If you want to control cookies on your computer, you can choose your browser settings to get a notification when a webpage wants to save cookies. You can also block or delete cookies if they have already been saved on your computer. If you want to know more about how to set these steps, please use the "Help" function in your browser. Please note that blocking or deleting cookies could interfere with your online experience and prevent them from fully using this website.

Cookie Settings


8. RETENTION PERIODS

Personal data will only be kept for:

  1. As long as we reasonably consider necessary to achieve the purposes set out under Point 2
  2. above and as permitted under applicable legislation;
  3. Where there are statutory retention obligations that require us to retain personal data, or;
  4. In cases where potential legal claims are not yet subject to a statute of limitation.

9. YOUR RIGHTS IN CONNECTION WITH PERSONAL DATA

Consistent with the provisions of the GDPR, you have, among others, the right to:

  1. Check whether and what kind of personal data we hold about you and to request copies of suchdata;
  2. Request  correction,  supplementation  or  deletion  of  your  personal  data  that  is  inaccurate  orprocessed in non-compliance with applicable requirements;
  3. Request us to restrict the processing of your personal data;
  4. Object, in certain circumstances and for legitimate reasons, to the processing of your personaldata or revoke consent previously granted for the processingin the future;
  5. Request data portability;
  6. Know the identities of recipients to whom your data has been transferred (see 4.2 above); and
  7. Lodge a complaint with the competent authority.

10. REVISIONS TO OUR DATA PROTECTION AND PRIVACY NOTICE

Please note that we may revise its privacy notice at any time without notice. Such changes will takeeffect immediately upon posting on  our website. Such revisions may arise in response to changes inapplicable legislation or other factors. We encourage you to periodically visit our website to reviewSalzburg Global Seminar’s Privacy Notice.

11. OUR CONTACT DETAILS

Please address your requests or questions concerning the processing of your personal data to:

Salzburg Global Seminar
Leopoldskronstrasse 56-58
5020 Salzburg Austria
dataprotection@salzburgglobal.org

Last updated on 05/10/2023

12. RELEVANT PUBLIC AUTHORITY CONTACT DETAILS

The Austrian data protection authority can be reached the following ways:

Österreichische Datenschutzbehörde
Barichgasse 40-42
1030 Wien
Telefon: +43 1 52 152-0
E-Mail: dsb@dsb.gv.at

13. ADDITIONAL COMPLAINT RESOLUTION METHODS

You have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information, please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction