Privacy Policy

HOME/ Privacy Policy

Book Tickets

1. Scope

c0c0n is an annual international cybersecurity, data privacy and hacking conference organised by the international public-private partnership led by the Kerala Police and The Society for the Policing of Cyberspace (POLCYB) in association with Information Security Research Association (ISRA). We are committed to protecting your personal information. We invite you to read this Privacy Policy, which explains the types of information collected and created in connection with the Conference, how and why we use such information, who we share it with and your legal rights.

Unless indicated otherwise, this Privacy Policy relates to our use of any personal information we collect or use in relation to the following services (collectively, the “Services”):

– the Conference

– the Conference websites and their related subdomains including those pertaining to registration for attendance at the Conference and to be a volunteer at the Conference;

– the Conference apps;

– online surveys relating to the Conference;

– messages sent via the Conference support portal; and

– the Conference official social media channels.

Personal information processed in connection with the Services is controlled by the international public-private partnership led by the Kerala Police and The Society for the Policing of Cyberspace (POLCYB).

2. Information we collect

When we provide the Services, we collect and receive information in several different ways. In many cases, you choose what information to provide, although some information is required for us to provide you the Services.

2.1 Directly from you, or approved third parties

We collect a variety of information from you when you provide it to us directly, when we request it from you, or when you give us permission to get it from a third party source.

– Attendee registration information. When you register to attend a Conference, you must provide us with basic information such as name, address, email address, telephone number, date of birth. We also give you the option to provide additional information.

– Volunteer registration information. When you register to volunteer at a Conference, you must provide us with basic information such as name, address, email address, telephone number, and date of birth. We also give you the option to provide additional information.

– Payment and credit card information. When purchasing tickets to attend a Conference, you must provide us with your name, address, telephone number, email address, credit card, debit card or bank information. This information will only be shared with third parties such as our ticketing partner who perform tasks required to complete the purchase transaction.

– Conference survey responses. We may ask you to participate in optional surveys regarding your experience at the Conference in order to help us improve the event and for related commercial purposes.

– Third party social media accounts. If you choose to connect your social media account(s) with our website, we may receive certain information from that account, such as your title, picture, and other information you authorize.

2.2 From your browser or device

We automatically collect certain information from your browser or device when you use certain Services or read a message from us. For example, we collect data regarding the device you are using, such as its unique identifier and operating system; logs will be recorded by our servers based on the information sent from your app or browser, and information may be recorded by cookies and similar technologies when you use the Services.

2.3 From public sources

We also collect publicly available information from your social media accounts, such as the number of followers you have on your Twitter account.

3. How we use your information

We use your information in order to provide, operate, improve, understand, customize, support, and market our Services, including:

3.1 Providing and improving the requested Services

We use your personal information as necessary to run the Conference, such as to register attendees, issue tickets, facilitate information sharing with partners with whom you have consented for us to share information, and provide you with relevant connections and content during the Conference based on this information and your use of the Conference app.

3.2 Communicating with you

We use your personal information to contact you regarding your registration to attend or volunteer at a Conference, to notify you of any changes to our policies and practices, and to respond to any requests or inquiries you may submit to us. If you subscribe to marketing, such as newsletters, we will use your information as described below.

3.3 Marketing

If you opt-in to receiving marketing communications from us, we will use your personal information for outreach and marketing, such as to send you information about our future Conferences and to exhibit attending companies. You can opt-out of these communications by using the unsubscribe links in our communications. We may also use your information in order to market the Conferences. For example, we sometimes use your image in our published list of Conference attendees. If you want to object to this use, please contact us here info@is-ra.org

3.4 Advertising

We use your personal information to be able to show you advertising on other websites.

4. Legal bases for processing your information

We rely on a number of bases to lawfully process your personal information for the purposes described in this Privacy Policy. We process your personal information:

– when necessary to perform or provide you with the Services;

– where you have consented to the processing, which you may revoke at any time;

– when necessary for us to comply with a legal obligation, a court order, or to exercise and defend legal claims;

– when necessary to protect your vital interests, or those of others, such as in the case of an emergency;

– where you have made the information manifestly public;

– where necessary in the public interest; and

– where necessary for the purposes of ours, your, or a third party’s legitimate interests, such as those of partners or other attendees or volunteers.

5. Our legitimate interests

As indicated above, in certain cases we use your information where necessary to pursue our, your and others’ legitimate interests, including where necessary to:

– Keep the Services safe and secure. We use your information as it is necessary to pursue our legitimate interests, or those of our attendees, our volunteers or our partners in ensuring the Conference is a safe and secure event, such as enforcing our Terms and Conditions. We also act in the legitimate interests of these parties with respect to our Conference website, app and other Services, such as by implementing and enhancing security measures and protections and protecting against fraud, spam and abuse.

– Provide, develop and improve the Services. We process your information as necessary to pursue our legitimate interests in improving the Conference and our other Services, such as our Conference websites and apps. For example, we use your information in order to conduct access control and enforce security at the Conferences. We also use your information to conduct data analysis and analytics across our Services.

– Market the Services. We process your information in accordance with our legitimate interests of marketing the Conference and the Services to you. For example, we use your information to market future Conferences to you and to exhibit attending companies. We may also use your image in our marketing materials in order to highlight the attendees participating in the Conferences. We also use photos and audiovisual footage from past Conferences which may contain your image or voice. If you want to exercise your right to object to any of these uses please email us at info@is-ra.org

– Provide seamless Services with our partner companies and affiliates. We may share personal information amongst our partner company, subsidiaries, or affiliates for internal business purposes and to provide you with the Services in accordance with this Privacy Policy. If we share your information within our corporate group we will ensure that your information continues to be used only in accordance with this Privacy Policy and your expressed choices, and in accordance with applicable law.

6. Sharing with third parties

We share information with attendees, service providers, affiliates, partners, and other third parties where it is necessary to perform or provide the Services, and for other purposes described in the Privacy Policy.

6.1 Sharing with other attendees

Our Services, such as the Conference app, provides attendees with the means of making connections with other attendees. For example, the profile information that you choose to provide us will be accessible to other attendees of the Conference, subject to your settings.

6.2 Marketing

In order to further our legitimate interests in marketing the Services, we rely on third-party marketing platforms and service providers to assist us and perform certain marketing services for us.

6.3 Advertising

We share your personal information with common advertising platforms such as Facebook, Google and LinkedIn to show you advertising when you use those services. Please refer to this privacy policy for your options to control how we use cookies and similar technologies for advertising.

6.4 Third party service providers

We may share your personal information to help us operate, provide, improve, understand, customize, support, and market our Services. These third parties provide us with services including for customer support, data storage and website hosting, ticketing and payments processing, legal advice and compliance, and marketing and data analysis. These third parties are contractually required to use it only to provide their service to us, and prohibited from using it for their own purposes.

6.5 Aggregated information

We may also share aggregated or de-identified information, such as counts of attendee job titles or their affiliated companies, with companies we do business with, including our advertisers, partners as well as other organisational members.

7. Data retention

We will retain your personal information for as long as is necessary, up to a period of three years after such information is collected, to achieve the purposes set out in this Privacy Policy, such as to provide you with the Services. We may also need to retain some of your information for a longer period to comply with our legal and regulatory obligations, to resolve disputes, and to enforce our Terms of Service.

8. Data transfers

We access and transfer information around the world. If you are based in India, this means that we access and transfer your personal information outside India, including in and to the United States and EU. The privacy protections and the rights of authorities to access your personal information in some of these countries may not be the same as in your home country. We transfer your personal information in accordance with law and take steps to ensure that your information is appropriately protected.

In particular, where we transfer information to countries that are not viewed as providing adequate protection, we generally rely on an approved mechanism known as the “standard contractual clauses” to protect the information transferred. These are template contracts published by the European Commission containing approved commitments to protect the privacy and security of the information transferred. To request a copy of the clauses, please contact us.

9. Your rights

You have a number of rights in relation to your information that we process. While some of these rights apply generally, certain rights apply only in certain limited cases. We describe these rights below.

9.1 Access and Porting

You can access much of your information by logging into your Conference profile. If you require access to additional information, or you do not have a Conference profile, please contact us. Where legally required, we will provide your information in an easily accessible format and assist in transferring some of this information to third parties.

9.2 Rectify, Restrict, Delete

If you don’t have a Conference profile or want us to amend, update or delete other information, please contact us.

9.3 Object

Where we process your information based on the legitimate interests described above, or in the public interest, you can object to the processing in certain circumstances. We will generally stop processing your information unless we have compelling grounds to continue processing, such as where needed for legal reasons. Where we use your information for direct marketing, you can always object using the unsubscribe link in such communications, changing your profile settings or by contacting us.

9.4 Revoke consent

If we have specifically asked for your consent to use your information, you have the right to withdraw your consent at any time. For example, if we ask for your consent for direct marketing purposes, you can revoke your consent using the unsubscribe link in such communications, changing your profile settings or by contacting us.

9.5 Complain

If you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority.

10. Security

The security of your personal information is important to us. We strive to use appropriate technical and organisational to protect your personal information. Despite these measures, the Internet is not a fully secure environment and we cannot guarantee that your personal information won’t be intercepted or improperly accessed.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time so please review it occasionally. If we make material changes, we will take steps to notify you. The date of the most recent revisions will appear on the top of this page.

Contact us

If you have any questions or concerns about this Privacy Policy or our privacy practices generally, or if you would like to exercise your statutory rights, you can contact us at info@is-ra.org