Last updated date: March 22, 2021
Introduction and who we are
We take the privacy and protection of data and information seriously and are committed to handling the personal information of all those we engage with, whether customers, suppliers, colleagues or any other community, responsibly and in a way that meets the legal requirements of the countries in which we operate.
What we collect
This section explains the personal information that may be collected when using the Platform and related services, and the other personal data we may receive from other sources.
• Contact details, such as your name, e-mail address, postal address and telephone number;
• Educational, nationality and professional background information;
• Usernames and passwords;
• Payment information, such as a credit or debit card number, bank details and billing address;
• Comments, feedback, posts and other content you submit;
• Identity verifying information such as passport details to comply with our legal obligations in certain countries;
• Interests and communication preferences, including marketing permissions where appropriate; and
• Location information (e.g. through mobile apps).
We collect and use your personal information in the following main categories:
• As customer data, related to transactions, prospective sales or analytics;
• As contact data, which includes corporate customer contact data such as details of an account manager/key contact at corporate customers, and subscriber/user data;
• In connection with digital products/publications, for instance as an application user, subscriber or as part of a circulation list;
• In connection to an event, for instance exhibition or conference visitors, delegates, exhibitors sponsors and speakers; and
• Product/intelligence data, collected through customer and market research surveys.
Children’s personal data
Our services and products are principally directed at business professionals. They are generally not intended for children under the age of eighteen or for underage people which cannot be bound by contract under applicable laws. We do not knowingly collect personal information from users in this age group and reserve the right to delete such information if we become aware of having collected it.
How & why personal information is used
This section explains in detail how and why we use personal information.
Joint Controllers collect and use personal information in providing and promoting their products and services The lawful bases we use for this activity, as required under European data protection laws, are:
• Where it is necessary for entering into or performing a contract with you;
• Where we have a legitimate interest to do so, provided your rights do not override these interests;
• Where you have consented to the use of data;
• Where it is believed it is in your vital interests to share your personal details, for example with emergency services; and
• Where required to comply with our legal obligations.
a) Services enquiry, request for information, registration to the Platform and administration
As part of services enquiry, request for information and for account administration, we collect information such as your name, country, job title, company information, postal address, e-mail address, telephone number as well as details about your company and business role (legal bases: performance of a contract or reply to data subjects’ requests; compliance with legal obligations vested upon the Joint Controllers).
If you have made an enquiry about us or our services, either online or over the phone, we will use your personal information to respond to the enquiry or to take other steps at your request, before you enter into a contract. For example, we collect the e-mail addresses and additional contact details of those who send e-mails to request information. Where a sales representative speaks to you over the phone, the calls may be recorded for training and monitoring purposes only (legal basis: Joint Controllers’ legitimate interest). In the latter case, specific technical measures will be applied to minimize the processing of your personal data (e.g. ID information will be deleted to the possible extent).
If you have registered for access to the Platform and use the related services, your personal information will be used to allow you such access and provide the service requested, communicate about it and handle payments, as is necessary for the performance of the contract entered into (legal bases: performance of a contract or reply to data subjects’ requests; Joint Controllers’ legitimate interest).
If your personal information is relevant to certain services and is freely available through public sources, such as on a website related to your work or profession, we may use this personal information to promote our products, as part of our legitimate interests as commercial organisations and to the extent allowed by law.
b) Event and exhibition management
If you have agreed to participate to WeCosmoprof International digital event provided in the Platform as a speaker, sponsor, exhibitor or visitor, personal information is used in connection with the organisation of the event, to handle payments or for other purposes, as is necessary for performing the contract entered into. We will also use your personal information to maintain our databases, assess your qualities as a speaker or sponsor/exhibitor, promote our events and encourage further engagement at our events, as part of the legitimate interests we have as commercial organisations (legal bases: performance of a contract or reply to data subjects’ requests; compliance with legal obligations vested upon the Joint Controllers; Joint Controllers’ legitimate interest).
We will use your personal information to send you newsletters, offers or other marketing e-mails to keep you up to date with our news, events and products and services that may be of interest. We will also send you information about other relevant events for the professional beauty sector organised by affiliates of the Joint Controllers. Subject to your permission, we may also send you sponsored advertising about our customers’ or partners’ products and services. Depending on the nature of your interaction with us and the laws of the country where you live or the applicable laws, you may have actively given your consent for this by opting in, or we may be entitled to rely on your implied consent or our legitimate interests.
The opportunity to opt out of future marketing e-mails will be provided on every marketing email and we will provide information on how to opt out when your personal information is collected. You have the right to amend your marketing preferences at any time.
To make a request to amend your details/preferences, please send an e-mail to: databi-hk@Informa.com or write to us at: Data Protections Coordinator, Digital Innovation & Business Intelligence Department, Informa Markets Asia Ltd
17th Floor, China Resources Building, 26 Harbour Road, Wanchai, Hong Kong
Tel: (852) 2827 6211.
d) Customer and prospects management (including analytics and product management)
We may use your personal information, combined with publicly available data and your demographic data, to choose relevant offers that may be of interest to you, to improve our existing services, and to develop new products and services, as part of our legitimate interests as commercial organisations or on the basis of your consent if applicable laws so require.
We may also use your data in advertising campaigns on Social Media platforms such as LinkedIn, Instagram and Facebook in order to provide information about our upcoming events/new products and to ensure that you only receive relevant advertising about our products and services.
e) Analytics – websites, emails and database (including location data)
We may combine visitor session information, or other information collected through tracking technologies with personally identifiable information, to understand and measure your online experiences and determine what products, promotions and services are likely to be of interest (legal bases: Joint Controllers’ legitimate interest; data subject’s consent).
Technical methods are also used in HTML e-mails, for purposes including: (i) to determine whether recipients have opened or forwarded e-mails and/or clicked on links in those e-mails, (ii) to customise the display of banner advertisements and other messages after closing an e-mail, and (iii) to determine whether a visitor has made an enquiry or a purchase in response to a particular e-mail.
f) Download of personal data pertaining to the parties to a confirmed virtual meeting
If you take part to a confirmed virtual meeting as part of a service provided in this Platform, your personal information will be communicated, after termination of such confirmed virtual meeting and upon request, to all the participants to the said confirmed virtual meeting.
(legal basis: reply to data subjects’ requests).
g) Compliance with our legal obligations
To ensure compliance with international trade sanction laws and regulations, we screen customers, vendors and other business partners against US, OFAC, BIS, UN, EU, UK and other applicable sanctions lists. Should any screening checks flag an issue where we cannot continue in a contract or other interaction with a customer, vendor or other business partner, they will always be informed (legal bases: compliance with legal obligations vested upon the Joint Controllers; Joint Controllers’ legitimate interest).
Provision of data and consequences for its refusal
The provision of personal data for the purposes set out under letters a), b), f), g) is optional, but necessary to manage and process your requests, as well as to fulfil our legal and contractual obligations and pursue our legitimate interests. In all such cases, failure to provide the data will make it impossible to respond to your requests, establish contractual relations with you and carry out the activities indicated above.
The provision of the aforesaid data for the purposes set out under letters c), d), e), is voluntary; failure to provide such data / consent to the relevant data processing purpose will just prevent us to carry out the activities indicated above, and in no way will result in a change in prices and/or rates.
How we protect personal information
Any personal information given to us will be treated with the utmost care and security. This section sets out some of the security measures in place.
A variety of physical and technical measures are used to keep data safe and prevent unauthorised access to, or use or disclosure of personal information. Electronic data and databases are stored on secure computer systems and on our hosting services provider and we control who has access to information, using both physical and electronic means. Our colleagues receive data protection training, and we have detailed security and data protection policies that colleagues are required to follow when handling personal data.
All reasonable steps are taken to ensure that your personal information is kept secure from unauthorised access.
International transfer of personal information
As an international business and because of the technologies we use, personal information may be accessed by our colleagues and third-party service providers from locations outside of the country in which it is collected, where data protection laws may not be as extensive as those in Europe.
If we transfer data outside of the country in which it is collected we will ensure the same level of protection is in place and we will use appropriate safeguards approved by the relevant privacy regulatory body.
If you are a European data subject, please also note that, in general, said transfer is necessary for the performance of the agreement between you and the Joint Controllers or to take steps at your request prior to entering into such agreement, or to exercise or defend a legal claim; alternatively, and to it is carried out consistently with appropriate safeguards approved by the relevant privacy regulatory body (for example, in case an adequacy decision adopted by the European Commission or consistently with standard contractual clauses) or other appropriate safeguards. If none of these conditions apply, we will require your consent, after having been informed that the country in question does not provide an adequate level of protection.
In general, cookies may be disabled by the user controlling and/or amending the browser settings according to the instructions made available by the relevant suppliers at the links listed here below:
• Internet Explorer
• Mozilla Firefox
• Google Chrome
• Apple Safari
Who we share personal information with
To provide you with products and services we may share your information for specific reasons. This section explains how and why we share personal data between the companies responsible for WeCosmoprof International, suppliers and other third parties.
Sharing within WeCosmoprof International organising companies
We may share your personal information within the organisational structure of WeCosmoprof for the performance of the digital event. For example, these companies may assist in the in registration to the Platform, providing products and services to you, carry out internal analysis of the usage of products and services. Such sharing between the entities involved in WeCosmoprof International is based on the parties’ legitimate interest or for the attendance to the digital event.
Sharing with service providers
We may share personal information with third parties to assist in providing products and services to you and/or to offer ancillary add-ons that are complementary to such products and services. These third-party data processors are bound to compliance with data protection legislation through contracts that protect the personal information shared with us. They may include: IT and marketing technology host suppliers (including the suppliers of companies within the ownership structure of WeCosmoprof International), web and data hosting providers, mailing houses, ad servers, and general service contractors, sales platform providers, communication tool providers, suppliers of sponsorship/marketing/PR collateral and other event collaboration partners.
Sharing with third parties
If you use one of our virtual products, e.g. Virtual Exhibitions, Webinars etc., we may pass the information you provide to third parties. Generally, this will be via a process whereby you, as the user, visit or interact with a third party, e.g. visit a stand at an online exhibition, click on an asset branded and provided by a third party. In some instances, for example, a products listing site, you may reach out directly to a supplier or exhibitor, who may contact you in return. In other instances, our virtual products or services are sponsored and, in such cases, the data you provided to us will be given to the sponsor. Generally, we will let you know at the time of collection if a product or services is sponsored.
Sharing with government departments or agencies
In some circumstances, we may be legally required to disclose your personal information because a court, the police, another judicial or law enforcement body or government entity has asked us for it.
How long information is kept
We will only retain your personal information for as long as is necessary and as permitted by applicable laws.
We will retain your personal information while we are using it, as described in the section above, and may continue to retain it after these uses have ended where we have a legitimate business purpose. For example, if you have opted out of marketing communications from us, we will retain limited details about you to ensure the opt out request is honoured. We may also continue to retain your personal information to meet our legal requirements or to defend or exercise our legal rights. The length of time for which we will retain personal information will depend on the purposes for which it is retained. After we no longer need to retain your personal information, it will be deleted or securely destroyed.
Generally, personal data will be retained for a maximum period of time equal to the statute of limitation of the rights, according to the relevant jurisdiction, or until the data subject opts out, if applicable.
How to update your information and marketing preferences
We want to ensure you remain in control of your personal information. We try to ensure that the personal information held about you is accurate and up-to-date, and will always give the opportunity to opt out of future marketing communications.
Information on how to opt out will be given to you when we collect your personal information and specified on every marketing e-mail sent to you. If at any stage you would like to update or correct such personal information, or opt out of future marketing communications please send an e-mail to databi-hk@Informa.com or write to us at: Data Protections Coordinator, Digital Innovation & Business Intelligence Department, Informa Markets Asia Ltd, 17th Floor, China Resources Building, 26 Harbour Road, Wanchai, Hong Kong, Tel: (852) 2827 6211.
We will always enable you to exercise the rights provided by applicable data protection laws
EU data protection laws give individuals a number of rights, where their data and information is collected and used by companies that are active and operating in Europe. Under the General Data Protection Regulation, these are:
• The right to confirmation of whether or not we have your personal data, obtain information on the data processing activities carried out and, if we do have your data, to obtain a copy of the personal information we hold. This is known as a subject access request;
• The right to have inaccurate data rectified;
• The right to have your data erased. This does not however apply for example, where it is necessary for us to continue to use the data for a lawful reason (e.g. processing is necessary for compliance with a legal obligation);
• The right to request the restriction of processing your personal data (such as, we will stop using the data but we may continue storing it);
• The right to obtain your personal data that you have provided to us, on the basis of consent or performance of a contract, and where technically feasible, transmitted in a common electronic format to you or directly to another company;
• The right to object to the use of your data. Specifically, you have the right to object to our use for marketing (including profiling to the extent that is related to such marketing) or for our legitimate interest;
• The right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
• The right to lodge a complaint with the competent supervisory authority.
There are exceptions to the rights above. Where you make a request to us as part of these rights, we will always try to respond to your satisfaction, although there may be situations where we are unable to do so.
Depending on the laws of the country where you live, you may have other rights in respect of your personal information. If you wish to exercise any legal right in respect of your personal information, please contact us via one of the methods set out in the ‘Contacting us’ section below.
In some cases, we may be entitled to decline a request you have made regarding your personal information, in accordance with applicable laws. We will explain if that is the case. Otherwise, we will meet your request as promptly as we reasonably can. Please note that it needs a short period to process your request. For European data subjects, your request will be generally dealt with within one month from the receipt thereof.
We hope to resolve any privacy concerns you may have. If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you can complain to any competent supervisory authority or other public body with responsibility for enforcing privacy laws.
We will ensure that all requests are processed promptly by the Joint Controllers.
The Joint Controllers are:
1. Cosmoprof Asia Limited, with registered office in 17th Floor, China Resources Building, 26 Harbour Road, Wanchai, Hong Kong. Contact details are the following: Tel: (852) 2827 6211. The Data Protection Coordinator can be addressed to the following: databi-hk@Informa.com.
2. BolognaFiere Cosmoprof spa, with registered office in Bologna, via Alfieri Maserati 16. The Data Protection Officer can be addressed to the following: firstname.lastname@example.org.
3. Informa Markets Asia Limited with registered office in 17th Floor, China Resources Building, 26 Harbour Road, Wanchai, Hong Kong. Contact details are the following: Tel: (852) 2827 6211. The Data Protection Officer can be addressed to the following: databi-hk@Informa.com.
This page will be updated regularly as and when further modifications are made to the website.