DATA Privacy Policy

DATA Privacy Notice for the “OnWave Summit 2019” (“Data Privacy Notice”)

according with the EU REGULATION 2016/679
of the European Parliament and of the Council of 27 April 2016
on the protection of personal data (“EU Data Protection Regulation”)


  1. This is the Data Privacy Notice in relation to your registration – via this website (“Website”) to the event OnWave Summit 2019 scheduled to be held in Lisbon from 11th to 13th of September 2019 (the “Event”).
  2. You are hereby asked to confirm your consent on processing your Personal Data, according with EU Data Protection Regulation.
  3. NTT DATA EMEA Ltd. (“EMEA” or simply “We”), whose address is at 3rd Floor, 2 Royal Exchange, London EC3V 3DG, United Kingdom, is one of the Regional Sub-holdings of NTT DATA Corp., stock listed in Japan.
  4. EMEA is the Data Controller for the Purposes as set forth in the clause 3 below and with this Data Privacy Notice informs you, as Data Subject, on the following.


  1. We need to collect and process the following information about you:
    1. Your name, surname, job title, company, email, telephone number, country, date of arrival and departure and other personal information you may agree to provide including food preferences and allergies, provided that food preferences and allergies will be provided to Third Party Recipients, as defined in clause 4.1 below with no indication of your name and last name (collectively referred to as the “Personal Data“).
  2. Please note that We will be unable to register you and to welcome you at the Event, until and unless you fill in the form in this Website and provide your acceptance to the processing of your Personal Data according to this Data Privacy Notice.


  1. We use Your Personal Data in the following ways and for the following reasons (the “Purposes”):
    1. to enable You to register to the Event;
    2. to confirm You that You have been registered to attend the Event;
    3. to organize suitable arrangements for Your on-site travel and accommodation at the Event;
    4. to provide additional information on the scheduled elements.


  1. Your Personal Data collected via this Website will be automatically forwarded to NTT Disruption Europe SL (“NTT”) (as Data Processor), which may share your Personal Data to third parties recipients (“Third Parties Recipients”) exclusively to organize suitable arrangements for Your on-site travel and accommodation at the Event (e.g. selected hotel and restaurant(s), transfer company, printing company to print Your name as attendee at the Event, insurance company to provide adequate insurance coverage to You in relation to the participation at the Event), provided that your Personal Data will be stored on servers exclusively located in the European Economic Area (EEA), in compliance with the EU Data Protection Regulation.
  2. It is not possible to list every single Third Party Recipient of your Personal Data. The updated list of Third Party Recipients who your Personal Data may have been submitted to, can be requested at any time to the EMEA Lead Data Protection Manager, as identified and at the email address set out in the clause 9 of this Data Privacy Notice.


    1. Please note that NTT DATA Group is a leading global IT services provider and that the guests invited to the Event might be coming from various regions and countries, so that your Personal Data will be shared on a need-to-know basis and consistently with the Purposes with other companies of owned or controlled by EMEA (“EMEA Group”), which means our subsidiaries, as defined in section 1159 of the UK Companies Act 2006, within or outside the EEA, provided that in any case, such transfers will comply with the appropriate guarantees as set forth in the applicable law, and in particular with the articles 45 and 46 of the EU Data Protection Regulation.
    2. You have the right to obtain copy of your Personal Data stored and/or transferred outside the EEA and to obtain information on the place where such Personal Data are stored, as provided and at the email address set out in the below clause 8 of this Data Privacy Notice.


  1. Please note that during the Event some pictures may be taken and/or some video recording during Your participation at the Event. These pictures and/or videos may be shared on intranet and/or websites of the EMEA Group or on social media, subject to Your explicit consent. If You intend to provide Your consent, you are kindly requested to confirm Your consent on the specific section of the Website as available. Your pictures and/or videos will be taken for the duration of the Event and in any case for a period not longer than 24 months following the end of the Event, unless you renew Your Consent for any subsequent period.


  1. All the Personal Data you provide will be stored and retained for the period which is strictly necessary to organize and to attend the Event (“Retention Period”).
  2. EMEA will take the necessary steps to ensure that your Personal Data be treated securely, with an adequate level of protection and only in accordance with the Purposes set forth in this Data Privacy Notice.
  3. After the Retention Period, and in any case not later than 30 business days following the conclusion of the Event, your Personal Data will be deleted if still stored in EMEA servers and/or Third Parties Recipients servers.


  1. EMEA informs you that, according to the EU Data Protection Regulation, at any time you have the following rights related to your Personal Data:
    1. to obtain confirmation as to whether or not your Personal Data exist and to be informed of its content and source, the purposes and modalities of the processing, as well as the logic involved in case of automated processing;
    2. to request update, correction or rectification of your Personal Data;
    3. to withdraw your consent, without prejudice to the lawfulness of the processing based on consent previously expressed before its withdrawal;
    4. to request deletion without unjustified delay, anonymization or the block of data processed unlawfully, to object for legitimate reasons to data processing, as well as right to data portability;
    5. to request to limit the processing of your Personal Data where (a) you object the accuracy of your Personal Data until EMEA have taken sufficient steps to verify its accuracy, (b) processing is unlawful and you opposes the erasure of the Personal Data and requests the restriction of their use instead, (c) EMEA no longer needs the Personal Data for the purposes of processing, but you require them for the establishment, exercise or defence of legal claims;
    6. to object the processing according with Article 21, paragraph 1 of the EU Data Protection Regulation, pending the verification whether the legitimate grounds of EMEA override your legitimate grounds as data subject;
    7. to object processing of your Personal Data and the processing activities performed on the basis of automated decisions, including profiling.
  2. You can exercise the above rights by contacting the EMEA Lead Data Protection Manager, as provided and at the email address set out in the below clause 9 of this Data Privacy Notice.
  3. EMEA informs you that you have also the right to lodge a complaint with a supervisory authority, if the legal conditions are met.


  1. You are encouraged to contact the EMEA Lead Data Protection Manager, duly appointed by EMEA, at the following email address, in case:
    1. You wish to exercise any rights as specified in the above clauses and/or set forth in any applicable laws, or
    2. You have questions, comments and requests regarding this Data Privacy Notice, or
    3. You would simply like to get guidance or assistance on compliance-related matters.


  1. Unless otherwise provided herein, and where applicable, any term used under this Data Privacy Notice shall have the same meaning given to them in the EU Data Protection Regulation.

London, June 12th 2019