Privacy

This policy describes how Electromagnetic Field (EMF) stores and processes your data when you use our websites and attend our events. This policy was last updated on 27 January 2024.

We will never sell your data to anyone, and we will never share it with any other organisation except as detailed below. Unless specifically mentioned in this policy, all attendee data held by us will be deleted no later than 12 months after the end of the event it relates to.

Email

If you have purchased a ticket, we will send you emails in order to provide you necesssary information about the event.

If you are a speaker or a volunteer, we will save your email address until the next event in order to email you about guaranteed tickets.

If you opt in, we will add your email address to our mailing list to let you know about future events. If you do so, we will only send a maximum of four emails to you per event. You can unsubscribe at any time.

If you email us at an emfcamp.org address, your messages may be stored by Helpmonks, our legacy email ticketing software, although this is being phased out. This data may be stored indefinitely so we can refer to it when running future events.

Online ticket sales

If you pay us through our payment provider Stripe, they will process and store your payment details in accordance with their privacy policy. EMF does not handle your online payment data in any form.

If you pay us by bank transfer, your name or bank details may appear on our bank statements, and in our online accounting service (Xero). We are required by UK law to retain these for six years, and our banks (Barclays, Tide and Wise) may retain them for longer.

If you request an invoice for your payment, we are required by law to retain a copy, which includes your personal details, for six years.

In-person payments

When we accept card payments at our events, we store receipts and any other data generated in accordance with PCI DSS standards. Merchant payment receipts will be securely disposed of no later than 6 months after the event ends.

Video

If you choose to allow recording of your session, the video will be available indefinitely to stream and download under a Creative Commons license on our YouTube channel and media.ccc.de.

You may contact us to have the streaming video removed from our channels, however we cannot control its distribution elsewhere under the open license.

Call for Participation and Schedule

If your Call for Participation (CfP) submission is successful, your name and talk description will be displayed indefinitely on the schedule section of this website. You may contact us to get this changed or removed.

For successful CfP submissions, your name, email address, and any communications with you will be held for up to 5 years. This is to allow us to fairly allocate talks between events, and so we have access to any special requirements you may have requested for the previous event.

Volunteering

If you register to volunteer at the event, your name or alias, chosen shifts and eligibility, and contact details will be made available to volunteer managers during the event.

Notifications

We may use third party providers to send notifications about volunteer shifts and other events around site when requested by you. Notifications will be processed in accordance with the provider's privacy policies.

Wiki content

If you contribute to our event wiki, you consent that the content you produce will be displayed publicly and archived indefinitely in a read-only manner after the event ends. Your login details and session data in order to allow you to use the wiki, and purged no later than 12 months after the end of the event.

Internet privacy

We take the privacy and anonymity of our event internet connection very seriously. We never engage in any deep packet inspection or logging of individual packet data, and we actively avoid logging all unnecessary data. We may log traffic flows to manage our network.

Any data which may be used to assist in identifying a user (such as DHCP server databases) is securely erased before our servers leave the site after the event.

Web logging and analytics

We log your web request data, including IP addresses, for the legitimate interest of troubleshooting issues with our web sites and dealing with abuse. These logs will be kept for the shortest time possible, but never later than 12 months after the end of the event.

Conduct reports

If we receive a report about your behaviour under our Code of Conduct, we may keep the report, as well as any other observations, indefinitely. This allows us to carry out our legitimate interests of keeping the event safe for our attendees.

Personal information on conduct reports is only made available to members of the conduct team as well as the Directors of EMF.

First aid

If you require first aid at one of our events, your details will be recorded on our electronic patient record system.

These records are encrypted and only accessible to members of the first aid team. They may be shared with the emergency services if you require further care. Records are retained for statistical purposes and will be deleted within two years of the event.

Jurisdiction

Data held by EMF is stored and processed in the UK in accordance with UK and EU rules.

Data sent to Stripe and Helpmonks is processed in the USA under the UK Extension to the EU-US Data Privacy Framework.

Recourse

If you have any requests or questions regarding this policy, please email us at contact@emfcamp.org.

If you are unsatisfied with our response, you may contact the Information Commissioner's Office.