Date of last version: 15.03.2019.
Provision of Consent
Registering Another Attendee
Type of Information We Collect
The reason we ask for your Personal Data is because we require it to complete the order and delivery of your ticket(s) to our MasterClass 2019 event. We do not collect nor process any special categories of personal data.
Categories of Personal Data Processed
Personal Data includes:
- Your personal details: first and last name, address, city/town, state, postal (zip) code, e-mail address
- Data re your purchase: quantities and price
- Attendee info: first and last name
Purpose and Legal Basis of Personal Data Processing
The Academy processes Personal Data based on the Law and the consent of the Data Subject. The Academy processes Personal Data with aim to:
- execute the rights and obligations derived from the business relationship between the Academy and the Data Subject to fulfil our contractual obligations, this includes, in particular, the delivery of the tickets ordered.
- fulfill our legal obligations such as the storage of business papers and contractual documents. Such obligations may arise from the GDPR, the Serbian Company Law, Serbian Tax Legislation or the Serbian Civil Code.
- execute legislative obligations of the Academy (in accordance with the Personal Data Protection Law and the GDPR)
How Long Do We Process Your Personal Data?
The Academy shall process Personal Data collected for the purpose of executing the rights and obligations derived from the business relationship until the completion of the business relationship with the Data Subject (within 7 days from the final day of the MasterClass 2019 event ) except in cases when the Academy is obliged to keep data even after the business relationship with the Data Subject has ended, according to the Law and in accordance with the Data Subject’s consent or legitimate interest (e.g. in the event of a legal dispute between the Data Subject and the Academy).
Who Receives Your Personal Data?
The Academy’s employees will receive your personal information for the purposes outlined above. If we are legally obliged to do so, we will also transfer your Personal Data to state bodies and authorities. In addition, companies commissioned by us (in particular, IT or payment services and back office providers) will receive your Personal Data if they need it to fulfill their respective tasks. These providers are obliged to treat your Personal Data with confidentiality, to process it only to the extent necessary for their service provision and have undertaken to ensure an adequate level of Personal Data protection.
Are You Obliged to Provide Personal Data?
For the fulfilment of our contractual obligations, it is necessary that you provide your Personal Data, otherwise we cannot enter into a contractual relationship with you and you will not be able to order your ticket(s).
Your Rights in the Context of the Processing of Your Personal Data
The Data Subject has the right to access the Personal Data being processed by the Academy.
In cases stipulated by regulations in the area of personal data protection, the Data Subject has the right to require rectification, update, erasure, as well as the right to object to and restrict processing. The Data Subject has the right to submit a complaint in regard to his/her Personal Data processing at any moment.
Right to Lodge a Complaint with a Supervisory Authority
Under the conditions set forth by the regulation, if you believe that we have violated your rights under the GDPR or Serbian Personal Data Protection Act while processing your Personal Data, please contact us. In this manner, will address your concerns as quickly as possible.
The Data Subject has the right to lodge a complaint with a supervisory authority (the Commissioner for Information of Public Importance and Personal Data Protection of Serbia) regarding the Personal Data processing of his/her Personal Data.
We do not apply automated decision-making or profiling.
When you access our website for payment processing, we do not retain any information which may be used for personal identification or any financial information that you have entered into our website in order to execute a payment transaction. We do not collect or store any information that is entered into our website contained on payment cards. This applies in both payment methods – bank transfer and the use of credit or debit cards.
Data protection for card payments
During the entering of payment card information, confidential information is transmitted via a public network in a secure (encrypted) form using SSL protocols, using the latest methods of sensitive data tokenization, and in accordance with PCI-DSS standards. The security of the data during the purchase is guaranteed by the processor of payment cards UniCredit Bank Belgrade. No information about the payment card is available to the Academy as the merchant at any moment.
3D Secure Protection for All Merchants and Customers – AllSecure Payment Gateway uses the highest global standards of protection and privacy of data. All merchants who use AllSecure Payment Gateway are automatically included in 3D-Secure protection, which guarantees customers the security of purchasing. Customer payment card numbers are not stored on the merchant system and the entry itself is protected by SSL data encryption.
PCI DSS Standards – AllSecure Payment Gateway is consistently compliant with all the requirements of card organizations in order to increase the level of security of traders and customers. From 2005 to the present, without interruption, the system has been certified as PCI-DSS Level 1, which is the highest standard in the industry. PCI Data Security Standard (PCI-DSS) is a standard that defines the necessary security measures for processing, storage and transmission of sensitive card data. PCI Standards are sensitive to sensitive cardholder data during the entire payment process: from the moment the data is entered at the merchant’s point of sale, during communications between the trader and the relevant banks and card organizations and the subsequent storage of such data.
When the customer card data, at his request or upon the Academy’s decision, is stored in a certified manner for later use, this data is stored on AllSecure PCI-DSS level 1 certified servers. Such card data is transferred in a completely secure and certified manner. The Academy at no time has access to card number information and other sensitive data, but it gets a reference token that can only be used in accordance with the terms agreed with the Date Subject. The Date Subject has the option of deregistration of the previously registered card, as well as to change the details of the previously tokenized card.
Links to Other Web Sites
Access to Information: Contacting Us
To keep your Personal Data accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct Personal Data in our possession that you have previously submitted via the website: www.phimasterclass.com.
Who Can You Contact?
If you have any questions or concerns relating to your Personal Data, contact us directly by e-mail by by telephone or by postal services at the following addresses:
Company: PhiAcademy doo Belgrade
Phone number: + 381 63 681 077
Address: Bulevar Oslobodjenja 137 Belgrade, Serbia