PRIVACY POLICY

PRIVACY POLICY

Protecting your privacy and personal data during the conduct of the HackAIthon event is very important to QUADCODE.

IMPORTANT INFORMATION

This Privacy Policy relates to your use of this website and your registration at the “HackAlthon” event through http://www.quadcodehackathon.com/ (Website) organized by us, and to the information collected by us in relation to your participation to the event and the services provided by QUADCODE.

WHO WE ARE

For the purposes of this Privacy Policy, QUADCODE or Organizer includes:

QCL QUADCODE CY LIMITED, is a company duly registered in the Republic of Cyprus, with registration number HE391725, having its registered office at 82nd Street, No.4, 4153 Kato Polemidia, Limassol, Cyprus.

Companies that are affiliated or belong to the same group as QCL QUADCODE CY LIMITED, and are responsible for collecting and/or processing your data (each a QuadCode company and together QuadCode companies).

Your personal data shall be controlled by the Organizer and may be exchanged between more than one QUADCODE company, as applicable. Any inquiries about the use of your personal data should be sent to the email stated at the Contact Details section.

PURPOSE OF THE PRIVACY POLICY

This Privacy Policy is intended to help you understand why and how we may use your information and may be supplemented from time to time by additional policies or guidance ("Additional Policies"). Wherever such Additional Policies are in any respect inconsistent with this Privacy Policy, this Privacy Policy shall only apply to the extent that it is consistent, or may be made consistent, with that Additional Policy.

TO WHOM THIS PRIVACY POLICY APPLIES

This Privacy Policy applies when you register at the HackAIthon event, and after your registration (e.g., for the purposes of forming the participants lists, communication purposes etc.). This Privacy Policy does not apply to any other products, services, websites, or content offered by us and/or any third party, and/or products, services, websites, or content which have their own privacy policy.

DATA PROTECTION PRINCIPLES

We shall at all times comply with the EU General Data Protection Regulation (“GDPR”) and all applicable local data protection law (as may be amended and/or supplemented). This means that the personal data we hold about you must be:

Used lawfully, fairly and in a transparent way.
Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
Relevant to the purposes we have told you about and limited only to those purposes.
Accurate and kept up to date.
Kept only as long as necessary for the purposes we have conveyed to you.
Kept securely at all times.

THE KIND OF INFORMATION WE HOLD ABOUT YOU

We may collect, use, store and share different kinds of your personal data, such us:

*Type of Personal Information*	*Examples* Please note that the examples are illustrative and non-exhaustive
Identity & location data:	Full name, age, nationality, country, gender, date of birth, ID/passport
Contact data:	Full name, telephone, email address.
Usage data:	Registration date
Feedback data:	Feedback, survey responses,
Financial and banking data:	IBAN, bank account information
Conformity data:	Education details, employment status, employment nature, place of work
Profile data:	photos, social media accounts (like LinkedIn profile), videos
Skills data:	place of work, records of skills, qualifications, experience, details of programming languages/frameworks that you are proficient, information about previous projects, your idea for the project to be developed in HackAIthon (AIdea)
Correspondence & Audio data:	Videos, voice recordings, chats, communication content and metadata associated with your communication with us.

HOW WE USE PARTICULARLY SENSITIVE PERSONAL INFORMATION

Some types of information are classified as ‘sensitive’ for the purposes of the GDPR and there are additional restrictions on how we may use and hold this information. Sensitive personal information is information that relates to a person’s:

Racial and ethnic origin;
Physical or mental health;
Genetic or biometric data;
Alleged or actual criminal convictions and proceedings.

The above are merely illustrations and we do not collect the above information. However we may, if absolutely necessary, be required to collect some information that may be classified as “sensitive”. Generally, it is necessary to obtain your consent before we can hold and use such information. However, we may hold and use such information without consent for limited statutory purposes such as monitoring compliance with our equal opportunities policies and health and safety rules, or if necessary to protect your vital interests, for legal claims, or in the public interest.

In any case, we will make clear the purposes for which we wish to use your sensitive information when it is being collected, and, if necessary, obtain your consent at that time.

HOW IS YOUR PERSONAL INFORMATION COLLECTED

We obtain your personal data mainly through any information you provide directly to us, including when you enter and use our Website, including when you register, participate, and/or attend the HackAIthon event (offline), when you accept our terms and conditions, when you contact us for any enquiries, for the submission of complaints or for any other reason.

We also process personal data generated by us in the course of facilitating your participation to the event and the organization of the event.

We may ask for other personal data from time to time (for example, through market research, surveys or special offers). If you choose not to provide the information we need to fulfill your request for a specific service, we may not be able to provide you with the requested product or service.

Throughout our website we may link to other websites owned and operated by certain trusted third parties to make additional products and services available to you. Those third party websites may also gather information about you in accordance with their own separate privacy and cookies policies. This Privacy Policy is valid only for our website and does not cover other websites, including but not limited to websites that you go to using links on our website. We recommend that you review the privacy and cookie policy of each website whose use involves transferring personal data.

HOW WE WILL USE INFORMATION ABOUT YOU

We process all data based on the following legal basis:

1. For compliance with our legal and regulatory obligations;

2. For the performance of our contractual obligations and/or our duties;

3. For the purposes of safeguarding our legitimate interests and your interests and fundamental rights do not override those interests; and/or

4. On the basis of your consent (in relation to sensitive personal information).

Indicatively, we set out below a description of all the ways we plan to use your data and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process the data for more than one lawful ground, depending on the specific purpose for which we are using your data.

We will process your personal data, among others for the administration and support of our Website, for the purpose of allowing us to competently perform our duties, serve you efficiently, optimize the support we provide and to enable us to comply with our legal obligations as the Organizer. In some instances, we may use your personal data to pursue legitimate interests of our own, or those of third parties, provided your interests and fundamental rights do not override those interests.

The situations in which we will process your personal information are listed below (Permitted Purposes).

	PURPOSE ACTIVITY	TYPE OF DATA	LAWFUL BASIS FOR PROCESSING, INCLUDING BASIS OF LEGITIMATE INTEREST
	(a) For your registration purposes (b) For your participation purposes	Identity and Location Data Usage Data	1. Necessary to perform the Terms and Conditions of the Website and carrying out HackAIthon 2. Necessary for our legitimate interest (reject late registrations and verify valid ones, proper administration of the Website)
2.	(a) To provide you updates for the event (b) To notify you in case you are the winner of the event (c) To inform you on upcoming events	Contact Data	1. Necessary to perform the Terms and Conditions of the Website and carrying out HackAIthon 2. Necessary for our legitimate interests (for administration).
3.	(a) to allow us to train our employees for your benefit (b) To improve your experience of participation in the event	Feedback Data	1. Necessary to perform the Terms and Conditions of the Website and carrying out HackAIthon 2. Necessary for our legitimate interest
4.	(a) For your registration (b) For your participation (c) For payment of any prize (if applicable)	Financial and Banking Data	Necessary to perform the Terms and Conditions of the Website and carrying out HackAIthon
5.	(a) For your participation (assignment to correct group)	Conformity Data	Necessary to perform the Terms and Conditions of the Website and carrying out HackAIthon
6.	(a) Your event allocation group (b) For future job opportunities with us for your benefit (c) to enable us to check the teams, their ability and skills and confirm whether they are eligible to participate in the event	Skills Data	1. Necessary to perform the Terms and Conditions of the Website and carrying out HackAIthon 2. Necessary for our legitimate interest
7.	(a) For promotional and marketing purposes of the QuadCode group	Profile Data	Necessary for our Legitimate Interest (for promotion)
8.	(a) to evaluate your idea for the project produced in HackAIthon (b) to respond to any inquiries (c) to provide you with support	Correspondence Data & Audio Data	1. Necessary to perform the Terms and Conditions of the Website and carrying out HackAIthon 2. Necessary for our legitimate interest (respond to complaints)

Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.

IF YOU FAIL TO PROVIDE PERSONAL INFORMATION

Please, kindly note that you are not under obligation to provide the personal data to the Organizer. However, provision of the personal data by you and its processing by the Organizer are necessary for the purposes named under the present Privacy Policy, and to allow the Organizer to lawfully fulfil its respective rights and obligations under the HackAIthon’s Terms and Conditions and enable you to participate in the HackAIthon. Therefore, failure to provide the personal data to the Organizer, may lead to illegality, impracticability, and impossibility of cooperation between the Organizer and you, as well as it may lead to impossibility to allow you to participate in the HackAIthon.

Hence, in making the decision on whether to provide the personal data we expect and rely on you to take it on fully your own initiative without any compelling from any side. However, please kindly note that if you decide not to provide the personal data we will be forced to stop your participation in HackAIthon, and in such a case we release ourselves from all and any obligations and/or responsibility under the Terms and Conditions of the HackAIthon, as well as we reserve all and any rights we may have in this connection under the named Terms and Conditions and the applicable law.

CHANGE OF PURPOSE

We will only use your personal information for the Permitted Purpose for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the purpose for which it has been collected. In such a case, we shall notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

AUTOMATED DECISION-MAKING

We generally do not use automated decision-making. If we use this procedure in individual cases, we will inform you of this separately.

SHARING YOUR DATA

We may share your data in the following circumstances, the following are examples of where and how your information may be transferred, but please note this is not an exhaustive list and that due to ongoing changes, this may change at any time:

Any member of the Quad Code group of companies (this means our subsidiaries, affiliates, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this Privacy Policy.
We may have to share your data with third parties and other entities within the Quad Code group, which are engaged in the HackAIthon arrangement, performance and conduct.
Governmental and regulatory bodies, including law enforcement authorities, in connection with enquiries, proceedings or investigations by such parties or to enable us to comply with our legal and regulatory requirements.
To our insurers and/or professional advisers insofar as reasonably necessary for the purposes of managing risks, obtaining professional advice, or the establishment, exercise, or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure
Partners and contractors and/or vendors in order to perform any obligations that we have towards you.
for potential HR matters/recruitment purposes.
Third party outsourced IT and document storage providers where we have an appropriate processing agreement (or similar protections) in place.

When we do so, we require those third parties to respect the security of your data, treat it in accordance with the law and have appropriate technical and organizational measures in place to protect your personal data. We will not share any of your personal data for any purpose other than the purposes described in this Privacy Policy. We will only process your personal data when the law allows us to and as expressly authorized through the HackAIthon Terms and Conditions.

We note that upon submission of the participation/registration form by you, you make a direct submission with TYPEFORM SL, a Spanish entity with registered address at C/ Can Rabia 3-5, 4th floor, 08017 – Barcelona, which collects, processes, and stores your participation/registration form and any data included therein, in accordance with the Privacy Policy of TYPEFORM SL.

International Transfers of Personal Information

When making transfers between the QUADCODE entities and/or to a third country, we will ensure that they are subject to appropriate security measures and safeguards as deemed appropriate, under GDPR and the relevant national and international laws. These may include entering into the appropriate contractual relationships to regulate any such transfers and safeguard any personal information transferred to them.

In particular, if a data transfer is required to a QUADCODE entity located in third country, we will, prior to proceeding with such transfer, provide you with more information on the particular data protection laws and regulations regulating the collection and processing of data in that particular jurisdiction.

All entities within QUADCODE will ensure an adequate level of protection for your personal data at all times.

Please note that 100% protection against unauthorized access in the case of data transfers across the internet or a website cannot be guaranteed, but we and our service providers and business partners do our utmost to protect your personal data in line with the prevailing data protection legislation by means of physical and electronic physical precautions.

If you want to obtain further information on any data transfers mentioned above, please contact us through the points of contact listed in the section OUR CONTACT DETAILS below.

DATA SECURITY

We have put in place measures to protect the security of your information. Details of these measures are available upon request. Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.

We further adopted appropriate security measures to prevent your personal information from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.

DATA RETENTION

How long will we use and keep your information

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Once the retention period of your personal data lapses, we will ensure that your personal data is securely destroyed.

RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION

Under certain circumstances, by law you have the right to:

Request access to your personal information.
Request correction/rectification of the personal information that we hold about you.
Request erasure of your personal information/right to be forgotten.
Object to processing of your personal information. We shall no longer process personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise or defense of legal claims.
Request the restriction of processing of your personal information.
Request the transfer of your personal information to another party/right to data portability.

If you have any questions about our privacy policy or wish to obtain more details in relation to the process of your personal data or wish to exercise any of your rights set herein, please contact us through the points of contact listed in the section OUR CONTACT DETAILS below.

We endeavor to address all your requests promptly.

DATA PROTECTION OFFICER

We have appointed a data protection officer (DPO) to oversee compliance with this Privacy Policy. If you have any questions about this Privacy Policy or how we handle your personal information, please contact the DPO. You have the right to make a complaint at any time to the Office of the Commissioner for Personal Data Protection, the Cyprus supervisory authority for data protection issues.

OUR CONTACT DETAILS

If you have any questions about this Privacy Policy, please contact our DPO officer at dpo@quadcode.com.

To enable us to process your request we may require that you provide us with, inter alia, proof of your identity (i.e. copy of a valid form of identification). This is to ensure that we appropriately protect the personal data we hold from unauthorized access requests and comply with our security obligations.

CHANGES TO THIS PRIVACY POLICY

We reserve the right to update this Privacy Policy from time to time by publishing a new version on our website.

Last update: 17.04.2024

Innovate. Integrate. Elevate.

JUNE 15th-16th, 2024, The Warehouse by IT Quarter, Limassol.

Have any queries? Email us directly at hackathon@quadcode.com