Elmia respects your privacy and protects your personal data in accordance with applicable legislation, industry regulations and ethical standards. Our work conforms to the General Data Protection Regulation (GDPR), EU Regulation No. 2016/679, which applies in all EU member states as of 25 May 2018.
The controller is Elmia AB, registration number 556354-2413, Box 6066, SE-550 06 Jönköping, Sweden.
Elmia collects personal data in a variety of ways, either directly from you or from our partners.
Through Elmia's digital channels, we invite you to order information, ask questions, buy tickets and register for our fairs and other events. When you register, you provide data that include, among other things, your name, email address, postal address, phone number and possibly also the company you work for. In order for us to prepare for your visit and customise our communications and offers to you, we may also save certain data about your interests if you submitted it when you registered. For example, the data may be about seminars and lectures you want to attend or products that interest you.
Personal data can also be collected via Elmia’s partners, such as external organisers of fairs and events at Elmia or contractors doing work for Elmia.
Elmia may also retrieve data from publicly accessible sources, such as public records, in order to provide you with adequate information and offers linked to our fairs and events.
Any processing of personal data is justified by one or more of the following legal grounds:
Performance of a contract, compliance with a legal obligation, consent, legitimate interest, documenting/developing our business, or forestalling and preventing criminal activity.
Performance of a contract may, for example, involve Elmia requiring certain personal data in conjunction with ticket purchases.
Compliance with a legal obligation may involve personal data that we require in order to fulfil the requirements imposed on us in accordance with the Book-keeping Act.
We ask for your consent in certain instances, for example if we need your personal data for a contest or if you sign up for a newsletter etc. If the processing of your data is justified by consent you have given, you can contact us at any time and revoke it.
Legitimate interest is the interest that we consider we as a company have to market our arrangements to you as someone who is professionally active in the industry in question. It then becomes a matter of weighing of interests, whereby we believe that our interest weighs more heavily than your interest in not participating in our marketing.
In the case of email marketing mailings, you can unsubscribe either by notifying us via the address below or by using the unsubscribe link contained in the email.
Elmia is constantly working to maintain and improve personal data protection measures. Such protection may, for example, consist of physical protection (access to IT systems, buildings, etc.), protection against hacking and virus attacks, and accessibility protection, e.g. that only authorised persons are permitted to work with the personal data we store.
As part of our security work, we regularly update and cull the database, for example by deleting email addresses that bounce or postal mailings that are returned.
We store your personal data in order to fulfil the purposes described above. The storage times for personal data vary depending on your relationship with Elmia, for example if you are an exhibitor or visitor, and what kind of communication is involved. Such communication may, for example, be a newsletter with information to exhibitors or marketing and information to visitors.
The storage times also depend on the fair or event for which the data are intended to be used. A number of our fairs recur at shorter or longer intervals. Culling is done continuously as one fair ends and marketing for the next edition of the fair begins. Personal data can continue to be used for a maximum period of eight years.
If you wish to terminate the storage of your personal data early, you may request this in writing to us; see the address below under “Your Rights”.
Elmia processes and uses your personal data so that we can fulfil our commitments to you, prepare for your visit, and customise offers and information to you so you will receive our best service. The data are also used so that we can develop our products and services and create an even better meeting place.
Your personal data are stored and used for such purposes as information, email newsletters, marketing, or market research about our fairs and events.
Elmia may also provide information to companies closely associated with us that help us to work with our fairs and events in a variety of ways. This means that both Elmia and our close business associates and contractors may use your personal data to contact you by means of e.g. phone calls, text messages or emails with newsletters, direct marketing to you, digital invitations or market research.
If you visit an event at Elmia that is arranged by another organiser, Elmia may also disclose your personal data to that organiser for the same purpose.
Elmia does not transfer personal data to countries outside the EU/EEA. Exhibitors from non-EU/EEA countries participate in some of our fairs and they may request personal data for their own purposes; see below under the heading “At the fair”.
Elmia does not use information from children or minors and does not conduct any marketing directed at children or minors.
At a number of our events, you will wear a badge that contains personal data and a barcode. This code is scanned at the entrance when you enter a fair or event at Elmia.
At trade fairs, where you visit the fair in your professional capacity, exhibitors can purchase a service that involves visitor scanning, which involves scanning your data on your badge for their professional use. Such a scan may, for example, happen when an exhibitor uses Elmia's Elmia Plus app to collect electronic business cards for the purpose of acquiring new business contacts at the fair.
If the badge’s barcode is scanned by a party other than Elmia during the event, that party will have access to the data you provided to Elmia. Scanning the badge means that your data, including information about your presence at the event in question, are communicated to that party. You are always the one to decide who scans your badge and who can thereby access your data. You have the right to refrain from being scanned by exhibitors, sponsors, industry associations and others at the event, but not from being scanned by the organiser at the entrance.
If an exhibitor from a country outside the EU/EEA has purchased the visitor scanning service and scans your badge, the personal data on it may be transferred to his country of origin. If you do not want this to occur, you should refrain from being scanned.
If you receive a personal invitation from an exhibitor and use it to register as a visitor to the event, that registration gives the exhibitor access to your personal data, including information about your presence at the event in question.
Photographs and video films stored digitally can also be personal data. Elmia works widely with photos and videos at our fairs and events. This is an important part of presenting our meeting place for marketing purposes. We use photos and videos on our web pages, on social media and for other promotional purposes for Elmia and our events.
A fair or event is generally considered to be a public place where public photography is permitted. Elmia has a legitimate interest in documenting the activities with general photos and videos, and such images may therefore be used without asking every individual in the image.
The GDPR states that specific consent is required for personal data that is personally identifiable of the data subject and where the focus is on individuals. This means we require your specific consent when photos and videos are taken to be used or stored digitally and where it is clearly evident that you are in the photo or video. Elmia works with written permission when doing such photographic or video recording, as do the contractors who do so on Elmia’s behalf.
All photos and videos are handled responsibly and with respect for personal integrity.
Elmia protects your personal data both with technical security measures and with provisions within our organisation. Access to personal data can only occur via the password-protected log-in of authorised employees or contractors of Elmia who have the authority to do so.
You have the right to access the personal data that Elmia has stored about you and to obtain a copy of it.
You have the right to withdraw your prior consent, if the storage is based on consent. You can do so by sending us a written request.
We strive to ensure that all the data and information we collect is accurate. You have the right to have it rectified and we encourage you to contact us so that any incorrect information can be corrected or complemented.
If you do not want your personal data to be used for marketing purposes, you can contact us at any time and inform us of this, preferably in writing. You can also choose to unsubscribe from certain information or choose to be deleted. You can unsubscribe from some information by clicking on the unsubscribe link in the email you received, such as a newsletter.
If you want Elmia to use your personal data only for certain limited purposes, you can request restriction of processing. If you want us to stop all processing of your personal data, you can in some cases request this. We will then delete all the information that can be linked to you.
If you want to find out your data or correct any information, or if you have questions about our processing of personal data, contact us:
Postal address: Att: Data, Elmia AB, Box 6066, SE-550 06 Jönköping, Sweden
The data protection officer for Elmia AB is Niclas Nordström, the City of Jönköping, postal address:
Statskontoret, Rådhusparken 1, SE-551 89 Jönköping, Sweden, tel: +46 (0)36-10 28 02, email: STKfirstname.lastname@example.org
If you think that Elmia has processed your personal data incorrectly or in violation of applicable legislation, you can report this to the Swedish Data Protection Authority.
You can read more about the General Data Protection Regulation (GDPR) here:
https://www.datainspektionen.se/dataskyddsreformen/ (in Swedish)