Privacy Policy

Oslo, Norway

Effective Date: May 13th, 2025

The Nordic Climate Finance Summit ("the Summit," "we," "us," or "our") is committed to protecting the privacy of its attendees, speakers, sponsors, exhibitors, and other participants("you" or "data subject"). This Privacy Policy outlines how we collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation(GDPR) and applicable Norwegian data protection laws.

By registering for or participating in the Nordic Climate Finance Summit, you agree to the terms of this Privacy Policy.

1. Data Controller

The data controller responsible for the processing of your personal data under this Privacy Policy is:

TerraCapX AS

Edvard Storms gate 2

0166,Oslo

Norway

summit@terracapx.com

2. Information We Collect

We may collect and process various types of personal data from you in connection with the Nordic Climate Finance Summit, including but not limited to:

Identification and Contact Information: Name, job title, organization, email address, phone number, postal address, country of residence.
Registration Information: Information provided when you register for the Summit, including attendance type (e.g., attendee, speaker, sponsor, exhibitor), dietary requirements, accessibility needs.
Payment Information: If applicable, billing address and payment details (please note that payment processing is typically handled by secure third-party providers, and we do not store your full payment card details).
Professional Information: Your biography, photo, and presentation details if you are a speaker. Information about your organization if you are a sponsor or exhibitor.
Interaction and Engagement Data: Information about your participation in Summit sessions, networking activities, and interactions with our website or event platform.
Technical Information: IP address, browser type, operating system, and other technical details when you access our website or online event platforms.
Communication Information: Your preferences for receiving communications from us, and records of your correspondence with us.
Images and Recordings: Photographs and video recordings taken at the Summit (where notice is provided and, where necessary, consent is obtained).

3. How We Use Your Information

We process your personal data for the following purposes:

To facilitate your registration and participation in the Summit: This includes processing your application, managing your attendance, and providing you with necessary information about the event.
To manage payments: Processing registration fees and other related payments.
To organize and deliver the Summit: Planning logistics, managing sessions, coordinating speakers and participants.
To enhance your Summit experience: Tailoring content, facilitating networking opportunities, and providing relevant information.
To communicate with you: Sending you updates, announcements, and important information about the Summit.
To promote the Summit: Using speaker biographies and photos in Summit materials, and potentially using photographs and recordings from the event for promotional purposes (in accordance with Section 2).
To manage sponsor and exhibitor participation: Facilitating their involvement and providing them with relevant attendee information where consent has been provided or a legitimate interest exists (with appropriate safeguards).
To analyze Summit attendance and engagement: Understanding participant demographics and interactions to improve future events.
To comply with legal and regulatory obligations: Meeting requirements under applicable laws, including tax and accounting regulations.
To ensure the security and safety of the Summit: Implementing security measures and managing access to the event.
For internal business purposes: Including data analysis, research, and improving our services.

4. Legal Basis for Processing

We will only process your personal data when we have a lawful basis for doing so. The legal bases we rely on include:

Performance of a Contract: Processing necessary to fulfill our obligations under the contract with you for your participation in the Summit (e.g., processing registration, providing access to sessions).
Legitimate Interests: Processing necessary for our legitimate interests in organizing and promoting a successful event, improving our services, and managing our business, provided these interests are not overridden by your interests and fundamental rights.
Consent: Where required by law, we will obtain your explicit consent for specific processing activities (e.g., for sending you marketing communications unrelated to the Summit, using your image in promotional materials beyond general event coverage where you are identifiable).
Legal Obligation: Processing necessary to comply with applicable laws and regulations.
Vital Interests: In rare cases, processing may be necessary to protect your vital interests or the vital interests of another natural person.

5. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

6. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, and destruction. However, please be aware that no method of transmission over the internet or electronic storage is completely secure.

7. Sharing Your Personal Data

We may share your personal data with the following categories of recipients:

Service Providers: Third-party vendors and service providers who assist us in organizing and running the Summit, such as IT providers, payment processors, event platform providers, and venues. These service providers are contractually obligated to protect your data and only process it in accordance with our instructions.
Summit Partners: Sponsors and exhibitors may receive certain attendee information (e.g., name, organization, job title) if you have consented to this sharing during the registration process or through other explicit means. Their use of your data will be subject to their own privacy policies.
Speakers: If you are an attendee, your name, organization, and job title may be visible to speakers in attendance lists or on the event platform to facilitate networking.
Other Attendees: Limited information (e.g., name, organization, job title) may be visible to other attendees through networking features on the event platform, if applicable, based on your privacy settings.
Legal and Regulatory Authorities: We may disclose your personal data if required to do so by law or in response to a valid request from a public authority.
In the event of a merger or acquisition: Your personal data may be transferred to a new entity in connection with a merger, acquisition, or sale of assets, subject to the terms of this Privacy Policy.

We will not sell your personal data to third parties for their marketing purposes without your explicit consent.

8. International Data Transfers

Your personal data may be transferred to and stored in countries outside Norway or the European Economic Area (EEA). When transferring data to countries lacking adequate protection according to the European Commission, we implement appropriate safeguards in compliance with GDPR, such as Standard Contractual Clauses or relying on the recipient's Binding Corporate Rules.

9. Your Data Protection Rights

Under the GDPR and Norwegian data protection laws, you have the following rights regarding your personal data:

Right of Access: You have the right to request a copy of the personal data we hold about you.
Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
Right to Erasure ("Right to be Forgotten"): You have the right to request that we delete your personal data under certain circumstances.
Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances.
Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller, where technically feasible.
Right to Object: You have the right to object to the processing of your personal data where we are relying on a legitimate interest as our legal basis, or for direct marketing purposes.
Right to Withdraw Consent: Where we are relying on your consent to process your personal data, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
Right to Lodge a Complaint: You have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet) if you believe that our processing of your personal data infringes the GDPR.

To exercise any of these rights, please contact us using the contact details provided in Section 1. We will respond to your request in accordance with applicable law.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. We will notify you of any significant changes by posting the updated policy on the Summit website or by other appropriate means. We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data processing practices, please contact us at:

summit@terracapx.com

TerraCapXAS

EdvardStorms gate 2

0166,Oslo

Norway

‍