Privacy Policy - AI Summit Barcelona

1. Data Controller

The data controller for the personal data collected through the website aisummitbarcelona.com and in connection with the AI Summit Barcelona event is:

French Tech Barcelona (CIF: G67389114), acting on behalf of AI Events Barcelona (in constitution)

(hereinafter referred to as the "Organization", "we", "us", or "our")

Legal form: Asociacion

Registered address: Av Diagonal 456, 6, 08006 Barcelona, Spain

Contact email: guillaume@aisummitbarcelona.com

General inquiries: info@aisummitbarcelona.com

The Organization operates in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, "GDPR") and Spain's Ley Organica 3/2018, de Proteccion de Datos Personales y garantia de los derechos digitales ("LOPDGDD").

2. Scope of This Policy

This Privacy Policy applies to all personal data collected through:

The website aisummitbarcelona.com and any associated subdomains
The ticket purchase, registration, and order confirmation process for AI Summit Barcelona 2026
The official event application ("Event App"), including attendee profiles and in-app interactions
Speaker, sponsor, and exhibitor application or onboarding processes
Communications sent via email, contact forms, or social media channels operated by the Organization
On-site data collection during the event (badge scanning, photo/video recording, Wi-Fi access)
Satellite and side events organized under the AI Week Barcelona programme (16-23 September 2026)

3. Personal Data We Collect

3.1 Data you provide directly

Identity data: first name, last name, job title, company name
Contact data: email address, phone number, postal address
Professional data: industry, role, areas of interest, LinkedIn profile URL
Transaction data: ticket type and tier, purchase amount, payment method, invoicing details (CIF/NIF, company name). Full credit card numbers are processed by third-party payment providers and are not stored by us.
Content data: speaker bios, presentation abstracts, session preferences, dietary requirements
Communication data: messages sent via contact forms, email correspondence, support requests

3.2 Data collected automatically

Technical data: IP address, browser type and version, device type, operating system, screen resolution
Usage data: pages visited, time spent on pages, referral source, click patterns
Location data: approximate geographic location derived from IP address

3.3 Data collected via the Event App

If you create an account on the official Event App, you will be discoverable and visible to other event attendees within the app. By default, your contact details (email, phone number) will not be shared with other attendees. If you wish to share your contact details, you must actively enable this option in the app settings. We collect information about your app usage, including profile views, connections made, and session check-ins.

3.4 Data collected at the event

Badge scan data: session attendance, exhibitor booth visits, networking interactions (where applicable)
Photo and video recordings: the event will be photographed and recorded for promotional and archival purposes
Wi-Fi usage data: if you connect to event-provided Wi-Fi, basic connection logs may be collected

4. Purposes and Legal Basis for Processing

We process your personal data for the following purposes and on the following legal bases under Article 6 GDPR:

a) Performance of a contract (Art. 6(1)(b) GDPR):

Processing your ticket purchase and issuing order confirmation
Delivering your official event ticket (approximately one month before the event)
Communicating event logistics, schedule changes, and essential information
Managing speaker agreements and sponsor deliverables
Providing access to the Event App and enabling in-app features

b) Legitimate interest (Art. 6(1)(f) GDPR):

Improving our website, event experience, and services based on usage analytics
Ensuring the safety and security of attendees, staff, and premises
Fraud prevention, promo code abuse detection, and enforcement of our terms
Producing anonymized and aggregated statistics about attendee demographics and interests

c) Consent (Art. 6(1)(a) GDPR):

Sending marketing communications about future editions, partner events, or related offerings
Placing non-essential cookies and tracking technologies on your device
Sharing your contact information with event sponsors or exhibitors (only where you have explicitly opted in, for example by having your badge scanned at a sponsor booth or by ticking a consent box during registration)

d) Legal obligation (Art. 6(1)(c) GDPR):

Retaining transaction records for tax and accounting purposes as required by Spanish law

5. Data Sharing and Recipients

We take your privacy seriously. We will never sell your personal data to third parties for their own marketing purposes without your prior, explicit consent.

We may share your personal data with the following categories of recipients:

Service providers: payment processors, email service providers, CRM platforms, analytics providers, event management and ticketing platforms, Event App provider, AV production companies, and venue operators acting as data processors on our behalf
Event sponsors and exhibitors: only where you have given explicit, affirmative consent (e.g., by having your badge scanned at a sponsor booth, or by actively opting in during registration). You may withdraw this consent at any time by contacting us.
Co-organizers: where satellite events are co-organized with third parties, your registration data for that specific event may be shared with the co-organizer
Legal and regulatory authorities: where required by applicable law, regulation, or legal process
Professional advisors: lawyers, accountants, and auditors where necessary for the operation of our business

6. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). Where personal data is transferred outside the EEA, we ensure that appropriate safeguards are in place, including:

European Commission adequacy decisions
Standard Contractual Clauses (SCCs) approved by the European Commission
Other lawful transfer mechanisms as permitted under GDPR

You may request a copy of the relevant safeguards by contacting us at guillaume@aisummitbarcelona.com.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:

Account and registration data (including attendee profiles): retained for up to 2 years after your last interaction with us, unless required by law to be kept longer or you request earlier deletion
Transaction and billing records (including invoices): retained for 5 years from the date of the transaction, in accordance with Spanish tax and commercial obligations
Marketing contacts: retained until you withdraw consent or unsubscribe, plus up to 3 months to process the opt-out
Website analytics and technical usage data: retained in anonymized form for up to 12 months from collection
Speaker and sponsor records: retained for the duration of the business relationship plus 3 years

When we no longer need your personal data, we will delete it or anonymize it. Where data is stored in backup archives, we will securely isolate it from further processing until deletion is possible.

8. Your Rights

Under the GDPR and LOPDGDD, you have the following rights:

Right of access: to obtain confirmation of whether we process your data and to receive a copy
Right to rectification: to have inaccurate or incomplete data corrected
Right to erasure: to request deletion of your data where there is no compelling reason for continued processing
Right to restriction of processing: to request that we limit how we use your data in certain circumstances
Right to data portability: to receive your data in a structured, commonly used, machine-readable format
Right to object: to object to processing based on legitimate interest or for direct marketing purposes. For direct marketing, we will stop processing immediately upon your objection.
Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal
Right not to be subject to automated decision-making: you have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects concerning you

To exercise any of these rights, please contact us at guillaume@aisummitbarcelona.com. We will respond within one month. If your request is complex, we may extend this by an additional two months, and we will inform you.

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Agencia Espanola de Proteccion de Datos (AEPD) at www.aepd.es. We would, however, appreciate the chance to address your concerns before you approach the AEPD, so please contact us in the first instance.

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies (including log files, web beacons, pixels, and tags) to enhance your browsing experience, analyse traffic, and personalise content. We classify cookies as follows:

Strictly necessary cookies: required for the website to function (e.g., session management, security). These do not require consent.
Analytics cookies: help us understand how visitors interact with the website (e.g., Google Analytics). Placed only with your consent.
Marketing cookies: used to deliver relevant advertisements and track campaign performance. Placed only with your consent.

You can manage your cookie preferences at any time via the cookie banner displayed on the website or through your browser settings. For more information about cookies and how to disable them, visit www.allaboutcookies.org.

10. Event App and Attendee Discoverability

By attending the event, you may create an account on the official Event App. By doing so, you will be discoverable and visible to other event attendees within the app. By default, none of your contact details (email, phone) will be accessible to other attendees. If you wish to share this information, you must actively enable the relevant option in the app. The Organization is not responsible for any information you voluntarily choose to share with other attendees through the app.

11. Children's Privacy

Our website and event are not directed at individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you believe that a child has provided us with personal data, please contact us immediately at guillaume@aisummitbarcelona.com.

12. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit (SSL/TLS), access controls, regular security assessments, and contractual obligations on our data processors. However, no method of transmission over the Internet is completely secure, and we cannot guarantee absolute security.

13. Third-Party Links

Our website may contain links to third-party websites, including those of sponsors, partners, and social media platforms. This Privacy Policy does not apply to those websites. We encourage you to review the privacy policies of any third-party website you visit.

14. Photography and Video at the Event

By attending AI Summit Barcelona, you acknowledge and agree that the event may be photographed, filmed, and recorded by the Organization or authorized third parties. These recordings may be used for promotional, marketing, and educational purposes, including on our website, social media channels, press materials, and future event communications, for a period of thirty-six (36) months after the closing date of the Event.

This includes the right to edit, use (alone or with other material), and license such media. If you do not wish to be photographed or filmed, please notify our staff on-site. Speakers and panelists will be recorded as part of the event programme; specific terms are set out in the speaker agreement.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. The updated version will be posted on this page with a revised "Last updated" date. The version in force at the date of your registration or purchase applies to your data, unless a new version is required by law. Where changes are material, we will notify registered users by email.

16. Contact

For any questions, requests, or concerns regarding this Privacy Policy or the processing of your personal data:

French Tech Barcelona, acting on behalf of AI Events Barcelona (in constitution)

CIF: G67389114

Address: Av Diagonal 456, 6, 08006 Barcelona, Spain

Email: guillaume@aisummitbarcelona.com

General inquiries: info@aisummitbarcelona.com

Website: aisummitbarcelona.com

For data protection complaints, you may also contact the Agencia Espanola de Proteccion de Datos (AEPD):

Website: www.aepd.es

Address: C/ Jorge Juan 6, 28001 Madrid, Spain

1. Data Controller

The data controller for the personal data collected through the website aisummitbarcelona.com and in connection with the AI Summit Barcelona event is:

French Tech Barcelona (CIF: G67389114), acting on behalf of AI Events Barcelona (in constitution)

(hereinafter referred to as the "Organization", "we", "us", or "our")

Legal form: Asociacion

Registered address: Av Diagonal 456, 6, 08006 Barcelona, Spain

Contact email: guillaume@aisummitbarcelona.com

General inquiries: info@aisummitbarcelona.com

2. Scope of This Policy

This Privacy Policy applies to all personal data collected through:

The website aisummitbarcelona.com and any associated subdomains
The ticket purchase, registration, and order confirmation process for AI Summit Barcelona 2026
The official event application ("Event App"), including attendee profiles and in-app interactions
Speaker, sponsor, and exhibitor application or onboarding processes
Communications sent via email, contact forms, or social media channels operated by the Organization
On-site data collection during the event (badge scanning, photo/video recording, Wi-Fi access)
Satellite and side events organized under the AI Week Barcelona programme (16-23 September 2026)

3. Personal Data We Collect

3.1 Data you provide directly

Identity data: first name, last name, job title, company name
Contact data: email address, phone number, postal address
Professional data: industry, role, areas of interest, LinkedIn profile URL
Transaction data: ticket type and tier, purchase amount, payment method, invoicing details (CIF/NIF, company name). Full credit card numbers are processed by third-party payment providers and are not stored by us.
Content data: speaker bios, presentation abstracts, session preferences, dietary requirements
Communication data: messages sent via contact forms, email correspondence, support requests

3.2 Data collected automatically

Technical data: IP address, browser type and version, device type, operating system, screen resolution
Usage data: pages visited, time spent on pages, referral source, click patterns
Location data: approximate geographic location derived from IP address

3.3 Data collected via the Event App

3.4 Data collected at the event

Badge scan data: session attendance, exhibitor booth visits, networking interactions (where applicable)
Photo and video recordings: the event will be photographed and recorded for promotional and archival purposes
Wi-Fi usage data: if you connect to event-provided Wi-Fi, basic connection logs may be collected

4. Purposes and Legal Basis for Processing

We process your personal data for the following purposes and on the following legal bases under Article 6 GDPR:

a) Performance of a contract (Art. 6(1)(b) GDPR):

Processing your ticket purchase and issuing order confirmation
Delivering your official event ticket (approximately one month before the event)
Communicating event logistics, schedule changes, and essential information
Managing speaker agreements and sponsor deliverables
Providing access to the Event App and enabling in-app features

b) Legitimate interest (Art. 6(1)(f) GDPR):

Improving our website, event experience, and services based on usage analytics
Ensuring the safety and security of attendees, staff, and premises
Fraud prevention, promo code abuse detection, and enforcement of our terms
Producing anonymized and aggregated statistics about attendee demographics and interests

c) Consent (Art. 6(1)(a) GDPR):

Sending marketing communications about future editions, partner events, or related offerings
Placing non-essential cookies and tracking technologies on your device
Sharing your contact information with event sponsors or exhibitors (only where you have explicitly opted in, for example by having your badge scanned at a sponsor booth or by ticking a consent box during registration)

d) Legal obligation (Art. 6(1)(c) GDPR):

Retaining transaction records for tax and accounting purposes as required by Spanish law

5. Data Sharing and Recipients

We take your privacy seriously. We will never sell your personal data to third parties for their own marketing purposes without your prior, explicit consent.

We may share your personal data with the following categories of recipients:

Service providers: payment processors, email service providers, CRM platforms, analytics providers, event management and ticketing platforms, Event App provider, AV production companies, and venue operators acting as data processors on our behalf
Event sponsors and exhibitors: only where you have given explicit, affirmative consent (e.g., by having your badge scanned at a sponsor booth, or by actively opting in during registration). You may withdraw this consent at any time by contacting us.
Co-organizers: where satellite events are co-organized with third parties, your registration data for that specific event may be shared with the co-organizer
Legal and regulatory authorities: where required by applicable law, regulation, or legal process
Professional advisors: lawyers, accountants, and auditors where necessary for the operation of our business

6. International Data Transfers

European Commission adequacy decisions
Standard Contractual Clauses (SCCs) approved by the European Commission
Other lawful transfer mechanisms as permitted under GDPR

You may request a copy of the relevant safeguards by contacting us at guillaume@aisummitbarcelona.com.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:

Account and registration data (including attendee profiles): retained for up to 2 years after your last interaction with us, unless required by law to be kept longer or you request earlier deletion
Transaction and billing records (including invoices): retained for 5 years from the date of the transaction, in accordance with Spanish tax and commercial obligations
Marketing contacts: retained until you withdraw consent or unsubscribe, plus up to 3 months to process the opt-out
Website analytics and technical usage data: retained in anonymized form for up to 12 months from collection
Speaker and sponsor records: retained for the duration of the business relationship plus 3 years

When we no longer need your personal data, we will delete it or anonymize it. Where data is stored in backup archives, we will securely isolate it from further processing until deletion is possible.

8. Your Rights

Under the GDPR and LOPDGDD, you have the following rights:

Right of access: to obtain confirmation of whether we process your data and to receive a copy
Right to rectification: to have inaccurate or incomplete data corrected
Right to erasure: to request deletion of your data where there is no compelling reason for continued processing
Right to restriction of processing: to request that we limit how we use your data in certain circumstances
Right to data portability: to receive your data in a structured, commonly used, machine-readable format
Right to object: to object to processing based on legitimate interest or for direct marketing purposes. For direct marketing, we will stop processing immediately upon your objection.
Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal
Right not to be subject to automated decision-making: you have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects concerning you

9. Cookies and Tracking Technologies

Strictly necessary cookies: required for the website to function (e.g., session management, security). These do not require consent.
Analytics cookies: help us understand how visitors interact with the website (e.g., Google Analytics). Placed only with your consent.
Marketing cookies: used to deliver relevant advertisements and track campaign performance. Placed only with your consent.

10. Event App and Attendee Discoverability

11. Children's Privacy

12. Data Security

13. Third-Party Links

14. Photography and Video at the Event

15. Changes to This Privacy Policy

16. Contact

For any questions, requests, or concerns regarding this Privacy Policy or the processing of your personal data:

French Tech Barcelona, acting on behalf of AI Events Barcelona (in constitution)

CIF: G67389114

Address: Av Diagonal 456, 6, 08006 Barcelona, Spain

Email: guillaume@aisummitbarcelona.com

General inquiries: info@aisummitbarcelona.com

Website: aisummitbarcelona.com

For data protection complaints, you may also contact the Agencia Espanola de Proteccion de Datos (AEPD):

Website: www.aepd.es

Address: C/ Jorge Juan 6, 28001 Madrid, Spain