ICLR 2023

ICLR 2023 Event Terms & Conditions

ICLR 2023 is organised by a Committee that gathers a number of international legal regulators, including the Legal Services Regulatory Authority located in Dublin, Ireland. The 2023 event is being hosted by the LSRA which was established pursuant to the Legal Services Regulation Act 2015.

Cancellation Policy If you are unable to attend the ICLR 2023 conference for any reason, including Covid-19, a written cancellation notice must be sent to ICLR2023@lsra.ie in advance of the event and cancellations will be valid for the relevant credit, so long as you have written acknowledgment.

The following cancellation charges apply, and the amount repaid to you will be in the form of a credit note:

More than 42 days before the event: Full refund 35 – 41 days before the event: 50% refund 28 – 34 days before the event: 25% refund 0 – 27 days before the event: No refund Failure to attend: No refund

Substitution Policy Substitutions are welcome before the event begins. Email ICLR2023@lsra.ie to request the substitution.

Speaker or Topic Change Please note that while speakers and topics were confirmed at the time of publishing, circumstances beyond the control of the organisers may necessitate substitutions, alterations or cancellations of the speakers and/or topics. As such, the ICLR 2023 organisers reserve the right to alter or modify the advertised speakers and/or topics if necessary without liability. Any substitutions or alterations will be updated on our web page as soon as possible.

Event Date or Location Change If for any reason the ICLR 2023 organisers need to change the date or the location, and you can no longer attend due to the change, or if ICLR 2023 organisers cancel the event, you can request a full refund or credit to another event.

Limitation of Liability Except as set out above, the ICLR 2023 organisers are not responsible for any loss or damage as a result of a substitution, alteration or cancellation/postponement of an event. The ICLR 2023 organisers shall assume no liability whatsoever in the event this conference is cancelled, rescheduled or postponed due to a fortuitous event, unforeseen occurrence or any other event that renders performance of this conference impracticable, illegal or impossible. For purposes of this clause, a fortuitous event shall include, but not be limited to: war, fire, labor strike, extreme weather, pandemic or another emergency.

The ICLR 2023 organisers shall assume no liability whatsoever for any cancellation or disruption to an event, due to any unforeseen technical issues that may occur.

Covid-19 Guidance Participant safety is our ongoing concern. We will continue to monitor situation in respect of Covid-19 to ensure that we are protecting the health and wellbeing of delegates. We will keep you informed with guidance closer to the date of the event if there are any issues.

Travel Please note that all delegates will be responsible for booking their travel and accommodation. Should you have to cancel your booking, we recommend for you to contact the travel and accommodation companies that you have booked through to make the appropriate arrangements. The ICLR 2023 organisers shall assume no liability whatsoever for any costs associated with travel or accommodation for the Conference.

Photos & Recording Policy Photos will be taken throughout the event, and some photographs will be posted on the ICLR website or used on social media. Out of respect for the privacy of our participants and speakers, please do not record or broadcast any part of the event.

Personal belongings Attendees are responsible for their own belongings at the venue. ICLR accepts no responsibility for damage or loss to these items.

List of participants A list of those participating (delegates and speakers) may be made available to attendees. The attendee details shared include name, title, company, and country only. Should you wish for your details to be removed from this list, please email ICLR2023@lsra.ie in advance of the event.

Privacy Policy Credit card information will not be disclosed to other parties.

International Conference of Legal Regulators ICLR 2023 Dublin - Privacy Policy

ICLR 2023 Dublin aims and ambition The International Conference of Legal Regulators (ICLR) 2023 to be held in Dublin (hereafter referred to as the “Conference”) aims to bring legal regulators from around the globe together, to share knowledge and best practice, and to find solutions to common challenges. The Conference is co-organised by several partners and intends to support dialogue and cooperation among experts and stakeholders engaged in legal regulation through regular conferences and meetings. The 2023 Conference is being hosted by the Legal Services Regulatory Authority (LSRA) of Ireland which was established pursuant to the Legal Services Regulation Act 2015.

Data Controller and Users The Conference is organised by an Organising Committee that gathers a number of international legal regulators, including the LSRA located in Dublin, Ireland (hereafter referred to as the “Controller”) that serves as data controllers of the ICLR 2023 website and registration process on behalf of the Organising Committee. The term “Users” refers to any user of the website and/or participant to the Conference.

The term “Services” refers to the Conference and related activities, including the registration process and communication with the Users.

Purpose and Legal Basis The Data Controller processes personal data for the sole purposes of its aims, activities and Services, including: • Registration, invoicing and billing of participants to the Conference. • Enabling Users and Controller to interact and communicate with each other. • Informing Conference participants on related events and activities. • Improving users experience on our website. • Authenticating, securing and collecting statistics in relation to the Conference.

Personal Data is collected on the legal basis of prior informed consent, and where applicable on legitimate interest basis, such as security of the online services.

Data Minimization The Controller avoids collecting unnecessary personal data and follows “data protection by design” and “data minimization” policies for data processing and retention.

How Data Can Be Collected The Controller can receive information and personal data through its websites, email notifications, and other interactions means, and may include: • Information Users provide about themselves. • Information collected automatically and shared by Users devices for connectivity, such as IP addresses. Such data may be logged for security reasons. • The Controller does its best effort to limit and avoid the use of “cookie” technology, except when required for technical or security reasons. More information on the cookies can be found below under the ‘Cookie Policy’.

Data Storage and Retention Period The Controller stores its data in Europe (mainly Ireland). The data retention period is minimized and data that are not useful anymore are deleted. The data retention period is determined by taking into account the legal, security, management and other legitimate Service requirements.

Recipients, Sharing and Transfer of Information Personal data are processed with care and strict rules are applied to avoid any unnecessary data transfers to third parties or to geographic locations that may expose the data at risk. We may share personal data in the following cases: • With data processors and partners for our Services and activities, such as online payment solutions, onsite registration process, or data storage infrastructure, access control to events and activities. The list of data processors is available by simple request to the Controller. • When required by law or for legitimate purpose, such as: protecting the legal rights and safety of the Controller, its partners, and the users of its Services. • For reporting: We usually use aggregated and anonymized data when reporting on the participants to our events. However, names and affiliations of participants attending Controller as keynote speakers, chairs, moderators, speakers or officials may appear in public reports, press releases and through other information means.

Security We use physical, technical, and administrative measures to safeguard information in our possession against loss, theft and unauthorized use, disclosure, or modification. Please note, however, that no data transmission or storage can be guaranteed to be 100% secure. As a result, while we strive to protect the information we maintain, we cannot ensure or warrant the security of any information that you transmit to us. If you identify any weakness in our security, please inform us.

Data Subject Rights Users have rights on their personal data. You may contact the data protection officer of the Controller in order to assert your rights as a Data Subject, including the right to access, rectify, erase your personal data; the right to withdraw consent and to restrict or object to the processing of your personal data; and the right to portability of your personal data. Data Subjects also have the right to lodge a complaint with a supervisory authority in case their rights would be violated.

Information on Data Processing The Controller does not use the personal data collected on this website to perform automated decision making (as defined in Art. 22 of the GDPR) or to profile the data subjects. Some online services and tasks can be automated, such as registrations to our events or newsletter, but they are not based on analysing the personal data or profile of the data subject.

Registration and Payment Registration and payment services are performed by external services acting data processors, including:

Eventee (https://eventee.co) based in Kubesova 2 Brno, 612 00 Europe, Czech Republic, a jurisdiction which is a Member of the European Union and is subject to the General Data Protection Regulation (GDPR). More on Eventee Privacy Policy at: https://eventee.co/legal/

Stripe (www.stripe.com) is processing the credit card payment transactions. You will find more details on Stripe Privacy policy at: https://stripe.com/privacy .

Tito (https://ti.to/home) is processing the registration of attendees. You can find more details on the Tito privacy policy at: https://ti.to/privacy Names and affiliations of registered participants may be shared on a need basis with partners involved in the organising and access control to the conference, including the ICLR (see https://iclr.net/ for more information).

External Links The website of the conference may include hyperlinks to external pages and resources, such as video files, that are provided and controlled by third parties and are subject to distinct privacy and cookies policies.

Continuous Data Protection Policy Enhancement and Collective Monitoring We are interested to hear your suggestions for enhancing our data protection and privacy policy. If you identify any area of improvement, any inconsistency, or any data protection breach by the processors, please inform us without any delay through the mailbox: ICLR2023@lsra.ie

Changes to this Policy We reserve a right to revise this Privacy Policy and make amendments at our sole discretion. The most current version of the policy will govern our use of your information and will be available on the Conference website. By continuing to access or use the Services after those changes become effective, you agree to be bound by the revised Privacy Policy.

Data Controller Contact Details The Legal Services Regulatory Authority (Ireland) (hereafter “Controller”) is located in Ireland at Units 103 Manor Street Business Park, Shea’s Lane, Stoneybatter Dublin 7 (Eircode D07 K290).

The Controller and its data protection officer can be reached by regular post mail or through the LSRA’s mailbox dpo@lsra.ie.

Cookies Policy Cookies we use on the Privacy Symposium website We aim at avoiding and minimizing the use of any cookies. Therefore this website does not use first party cookies and does its best effort to avoid third party cookies except where required for specific services such as registrations and online payments. While the registration form is visually integrated in the conference website, the forms for the registration are provided and hosted on external servers handled by third parties acting as data processors. You can find additional information on the cookies and privacy policy of the processor in the following pages:

Eventee / Stripe / Tito (registration form and service):

• Privacy Policy: (Eventee) https://eventee.co/legal/ • Privacy Policy: (Stripe) https://stripe.com/privacy (credit card payment processing service): • Privacy Policy: (Tito) https://ti.to/privacy • Cookies Policy: (Eventee) https://eventee.co/legal/ • Cookies Policy: (Stripe) https://stripe.com/legal/cookies-policy • Cookies Policy: (Tito) https://ti.to/privacy

General Information about Cookies The following is a general overview of what Cookies are and is for informational purposes only.

A cookie is a small text file that a website, app or other platform stores on your device with information on your browsing and use. Cookies were initially developed to improve user experience online, for instance to remember the Users login, preferences and other customization functions. They also help in understanding Users’ interaction with the website and learning what can be improved.

There are two types of cookies depending on its lifespan: • Session cookies are temporary cookie files and are erased after the Users close their browser. Once they restart their browser and come back to the same site, they will not be recognised by the website and a new session cookie will be generated for them. • Persistent cookies are lasting cookie files and stay in the browser of the Users for the time period contained within the cookie’s file or until they delete them manually.

Cookies can also be classified depending on the cookie owner: • First party cookies are placed by the Controller of the website in order for the website to function properly and to ensure the best possible experience for its users. • Third party cookies, which are owned by sites and web servers different from the main website.

Depending on its purpose, cookies can be divided into the following groups: • Essential cookies (technical) that are necessary for the proper functioning of the site. An example of such cookie can be login cookies or shopping cart cookies. • Functional cookies, which are needed to recognise returning users’ and remember their preferences like a language choice. • Analysis cookies used to collect aggregate information on the number of visitors and the pattern of visits to the Services. The data controller may use such aggregate information to identify security threats, analyse trends and information on visitors, and administer the Services. • Behavioural advertising cookies, which gather information on users’ behaviour to, for example, allow for the most effective advertisement management.

User’s Consent According to the European General Data Protection Regulation (GDPR), users must be informed about the cookies used by the websites they visit. Users must provide their prior informed consent, except for some technical cookies, such as: • Cookie analytics insofar as they are used directly by the website manager to collect aggregate information on the number of visitors and the pattern of visits to the website. • Browsing or Session cookies used to log-in to the website. • Functional cookies, which allow users to navigate as a function of certain pre-determined criteria such as language.

For Profiling cookies, namely those aimed at creating user profiles and used to send advertising messages in line with the preferences shown by the user during navigation, the user’s prior consent is necessary.

Changes to this Policy We reserve a right to revise this Cookie Policy and make amendments at our sole discretion. The most current version of the policy will govern our use of your information and will be available on the links for Stripe and Eventee above . By continuing to access or use the Services after those changes become effective, you agree to be bound by the revised Cookie Policy.