1. Introduction

Dubai World Trade Centre LLC ("We") owns and operates SATExpo Middle East, an exhibition within Dubai World Trade Centre that showcases advancements in satellite and space technologies, fostering strategic connections across the satellite and space ecosystem in the Middle East. We respect your privacy and are committed to protecting it. We provide this Privacy Statement to inform you of our Privacy Policy and practices, and of the choices you can make about what information is collected, the manner in which that information is collected and how that information is used.

The SATExpo Middle East website and its sub-domains are owned by Dubai World Trade Centre L.L.C., trading as Dubai World Trade Centre, a limited liability company incorporated in Dubai, United Arab Emirates, and having its principal office at Dubai International Convention and Exhibition Centre, Sheikh Zayed Road, Convention Gate, P.O. Box 9292, Dubai, UAE. Telephone: +971-4-3321000, Fax: +971-4-3312173. For the purposes of this Privacy Statement, "we", "our" and "us" refer to Dubai World Trade Centre L.L.C (including its subsidiaries, associates and affiliated group entities), "this website" collectively refers to the www.satexpome.com website, its sub-domains and all other websites owned by Dubai World Trade Centre and "you" and "your" refer to a specific individual or program accessing these websites.

2. Acknowledgement And Agreement

When you visit our website or engage with, purchase, or use any of our Services in any way, you are acknowledging your acceptance of the terms, procedures, and guidelines set forth in this Privacy Policy, which may be updated periodically. Additionally, by doing so, you provide your consent for us to collect, use, and share your information as detailed herein.

3. Applicability

This Privacy Policy exclusively pertains to the Services and governs the collection, utilisation, disclosure, and protection of your Personal Data within our domain. It is important to note that this notice does not extend to Personal Data collected by third-party websites, applications, or Services. Please refer to the respective third-party Privacy Policy accordingly.

4. Definitions

• Personal Data: Any information relating to an identified natural person or to a natural person who can be identified, directly or indirectly, in particular by Data linking and reference to an identifier such as a name, voice, photo, an identification number, an online identifier, location data or to one or more factors specific to the physical, physiological, economic, cultural or social identity of that natural person, which expression includes the "Sensitive Personal Data" and "Biometric Data".
• Data Subject: The natural person who is the subject of Personal Data.
• Processing: Any operation or set of operations which is performed on Personal Data, whether by automated means, including the method of Processing, or otherwise, and such operation(s) include(s) the collection, storage, recording, organisation, adaptation, modification, circulation, alternation, retrieval, exchanging, sharing, use, characterisation, disclosure by transmission, dissemination, distribution, or otherwise making available, alignment or combination, restriction, withholding, erasure, destruction or creating models of Personal Data.
• Controller: The Entity or the natural person who obtains Personal Data and who, by virtue of their activity, determines, whether alone or jointly with other persons or Entities, the method, means, criteria and purposes of the Processing of such Personal Data.
• Processor: The Entity or the natural person who processes Personal Data on behalf of the Controller, where such Processing is being carried out under the supervision of, and as directed by, the Controller.
• Data Protection Officer (DPO): The Data Protection Officer is the designated individual responsible for overseeing and ensuring compliance with data protection laws and regulations. The DPO acts as a point of contact for inquiries regarding personal data processing, privacy practices, and data protection matters within the Dubai World Trade Centre.

5. What Personal Data do we collect

We may collect several categories of your Personal data as outlined below:

• Identifiers: First name, last name, e-mail address, postal address, phone number, passport number, emirates ID Number, visa number.
• Demographics: Year of birth, country of residence.
• Sensitive Personal Data: Personal data including racial, political, religious, trade union membership, sexual orientation, disability, (only to the extent you care to disclose information for the purposes of accessibility at events), and the processing of genetic data or biometric data for the purpose of uniquely identifying a natural person.
• Commercial Information: Services purchasing history as well as donation history.
• Internet or other electronic network activity; device information: Type and manufacturer of device and its ID/UDID or similar device-specific code, Internet Protocol (IP) address, protocol, and/or sequence information, operating system and platform, Internet service provider or mobile carrier's name, connection speed, and connection type, browsing, session, interaction, and search history related to our website, cookies, pixel tags, browser type, language, and version, screen resolution, domain name system requests, Media Access Control (MAC) address of pages you have visited, pages viewed, time and date of access to our website, number of clicks per visit, date stamp and URL of the last webpage visited before visiting our website, and URL of the first page visited after leaving our website, pages viewed, time spent on a page, click-through and clickstream data, queries made, search results selected, comments made, type of service requested, hypertext transfer protocol headers, application client and server banners, operating system fingerprinting data.
• Geolocation: Physical location or movements.
• Sensory Information: Voice and video recording.
• Professional or Employment information: E-mail address that identifies you, your employer, employment history, information from professional references, work experience.
• Education information that is not publicly available personally identifiable information: Education records related to a student maintained by an educational institution or party acting on its behalf, e.g., school name, class lists.

6. How and from where do we collect your Personal Data

We may collect your Personal Data from various sources, including but not limited to the following:

Personal Data directly shared by you - We gather various forms of Personal Data from our website, Services providers, exhibitors, and sponsors, including, but not limited to:

• Details you enter in online forms available on our website.
• Information you provide when creating an online account with us, which may include your personal data, username, password, profile, pictures, location, and contact details. Some of this information may be visible to others.
• Payment transaction information from service providers for online payments and purchases on our websites or mobile apps.
• Records of your emails or messages when you contact us.
• By subscribing to our newsletters, publications, blogs, or other communications, making information requests, attend any events, conferences, or exhibitions at DWTC, by submitting materials on our forums (where permitted), participating in our surveys, by applying for a job on our website, engaging with customer support or service, reporting issues with our website or Services, or any other form of communication with us, you provide opportunities for us to maintain your message, email address, and contact details.
• Data received from websites and mobile applications of DWTC or third party.

Personal Data automatically collected by us

• Cookies, Web Beacons, Links, and other Tracking Technologies: DWTC may monitor how you use and engage with the Services using cookies, web beacons, links, and similar tracking technologies. We employ these methods to analyse and enhance the Services. Through these technologies, we can automatically gather information about your interactions with the Services and other online activities, including our email communications, third-party Services, and applications, as well as specific online activities even after you have left the Services. The data from links is usually assessed in an aggregated manner. Disabling cookies may result in some Services not functioning correctly. This collected data can include analytics, websites visited before accessing the Services, browser type, operating system, and tracking of your engagement with our content and emails. For more information on the cookies we use, please visit our Cookie Policy website page.
• Unique Identifiers: When you use our Services, we may obtain, gather, track, store on your device, or remotely save one or more "Unique Identifiers," like a universally unique identifier (UUID). A Unique Identifier might stay on your device for a longer period, which can assist in quicker login and improved navigation within the Services. If the use or availability of Unique Identifiers is limited or turned off, some aspects of the Services may not work as intended.
• Log File Information: When you use our Services, we may gather information from log files, such as your IP address, the type of browser you're using, when you accessed the Service, domain names, your operating system, the web pages you came from and went to, the pages you viewed, your location, mobile service provider, details about your device (like IDs), what you searched for, and cookie data. We get this log file data when you do things like visit our website, sign in, or interact with our email notifications. At DWTC, we use this log file data to offer, understand, and enhance our Services. We may also connect this log file data to other information we gather about you through our Services.
• Location Tracking: When you access the Service by or through a mobile device, we may access, collect, monitor, and/or remotely store "location data," which may include GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of your mobile device. Location data may convey to us information about how you browse and use the Service. Some features of the Service, particularly location-based services, may not function properly if use or availability of location data is impaired or disabled.
• Data Acquired from Third Parties: If you link, establish a connection, or log in to your account through a third-party social media service (for example, Facebook, Google, Instagram, and others), the said third-party service may transmit information to us, which could encompass your registration details and profile data from that specific service. The nature of this information varies and is governed by the policies and permissions set by that service, or as you have authorized via your privacy settings on that service.
• Other Sources: We combine information we already have about you with additional data that may be available from service providers for background check and identity verification. We can also learn more about your online and offline activities from our partners. Other examples of such providers include, but are not limited to, backend processing, fulfilment, and automation, certification, video hosting platform, email management, authentication, form processing, website usage tracking, managing calendar invites and scheduling, and database hosting and management.
• Publicly Available Information: DWTC may also gather Personal Data about you from publicly accessible sources. Any Personal Data you share in a public space, such as on social media platforms, blogs, forums etc.

7. How we use your Personal Data

The Personal Data we collect about you depends, in large part, on the purpose for which it is provided to us. The specific purpose(s) for which we process such Personal Data include:

• Presenting our website and its content to you.
• Offering information and answering your queries about the services you request from us, along with updates on new offerings, promotions, and events.
• Providing the information on services, you have asked for.
• Managing payment transactions, including product and service fees, subscriptions, professional fees, and more (while we do not store your credit card information).
• Handling discounts, rewards, and rebate requests, and working with manufacturers, retailers, and wholesalers.
• Sending you important account notices, like renewals.
• Informing you about website changes, policies, or service updates, and account-related information.
• Processing account applications and updates.
• Enabling your participation in interactive website features.
• Enhancing and improving our services through research, user trend analysis, and demographic insights.
• Sharing usage statistics and related data with our service providers.
• Providing legally required information.
• Contacting you regarding promotions, contests, or sweepstakes you have entered.
• Requesting your input through ratings, reviews, surveys, focus groups, and other activities to help us develop and improve our offerings.
• Assessing eligibility credentials, designations, or volunteer opportunities.
• Managing event registrations, scheduling, attendance, and administration.
• Fulfilling any other purposes for which you provide personal information.
• Carrying out any other activities for which we have your consent when you share your information with us.

8. Legal Basis for processing your Personal Data

As mandated by relevant data protection regulations, DWTC will handle your Personal Data based on lawful grounds, including:

• When processing is essential for executing a contract with you or to initiate contractual procedures upon your request.
• When processing is necessary to fulfil a relevant legal obligation.
• When processing aligns with our legitimate interests, provided that our interests do not override your interests, fundamental rights, or freedoms.
• In cases where you have given your explicit consent for the processing of your Personal Data. However, you have the right to withdraw this consent at any point of time.

9. With whom do we share your Personal Data

We will only disclose or share your Personal Data for the purpose(s) set out in this Privacy Policy, inside and outside the United Arab Emirates to:

• Third party service providers and sub-contractors who provide a service to us (including but not limited to marketing and advertising, IT, and office Services).
• Any event partners for the purposes of registration and attendance.
• Any competent regulatory authorities and law enforcement agencies if we are legally required to comply with a request for data.

10. How do we manage cross-border data transfers

The Personal Data you submit will not be transferred to jurisdictions with less stringent requirements. However, it may be transferred, stored, and hosted outside of the United Arab Emirates including a country from where you are accessing the website if such country holds an adequacy status provided that:

• You consent to the transfer of personal data to third parties inside or outside the UAE.
• The transfer is done to carry out obligations, establish rights before judicial authorities, defend claims, or perform a contract.

When transferring data from UAE to other countries, we will ensure that the personal data transferred across borders is adequately protected. We will implement appropriate measures to ensure that your personal data remains protected and secured when it is transferred outside your home country, and you can exercise your rights effectively.

11. How and for what purpose do we store your Personal Data

• We will store your Personal Data for as long as it is necessary to serve the purpose(s) for which it was collected.
• In certain cases, we may store your Personal Data for a longer period to comply with any legal obligations to which we may be subject.
• We may store your Personal Data for longer period in order to maintain a precise record of your interactions with us, particularly in situations involving complaints, disputes, or if we have a reasonable expectation of potential legal action related to your Personal Data or interactions.
• To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk or harm from unauthorized use or disclosure of your personal data, the purposes for which we process the personal data.

We ensure your data's confidentiality by either deleting or transforming it into a format that no longer allows your identification once the original Personal Data is no longer required for the specified purpose.

12. How do we Secure your Personal Data

• We have implemented security policies, regulations, and technical safeguards to protect the personal data we manage, adhering to applicable data protection laws.
• Our security measures are designed to thwart unauthorized access, improper use or disclosure, unauthorized alterations, and unlawful destruction or accidental loss of data.
• For sensitive data such as credit card information, we employ Secure Sockets Layer (SSL) encryption. SSL encryption renders this information unreadable to anyone except us. You can identify this security measure when you see either an unbroken key symbol or a closed lock symbol (depending on your browser) at the bottom of your browser window.
• We take appropriate measures to address the Information Security Risks associated while sharing your Personal Data with third parties.

13. Your Rights

• Right to Obtain Information: You may request to have a copy of the Personal Data we hold about you.
• Right to Rectification: If you believe that any of the Personal Data that we hold about you is inaccurate, you have a right to request that we rectify the inaccurate Personal Data.
• Right to Erasure:
  • You may request that we delete your Personal Data if you believe that:
    • We no longer need to process your Personal Data for the purpose(s) for which it was given.
    • We have requested your permission to process your Personal Data by taking your consent and now you wish to withdraw your consent; or
    • We are using your information in an unlawful manner.
  Please note that if you request to delete your Personal Data, we may have to suspend the operation of your account and/or the goods and Services we provide you.
• Right to Restrict Processing:
  • You may request that we restrict processing of your Personal Data if you believe that:
    • Any of the Personal Data that we hold is inaccurate; or
    • We are using your information in an unlawful manner.
  Please note that if you request to delete your Personal Data, we may have to suspend the operation of your account and/or the goods and Services we provide you.
• Right to Personal Data Portability: You have a right to ask for your Personal Data to be transferred to a third party or to you in a machine-readable electronic format if that is technically feasible to us.
• Right to Object: You have a right to object to us processing your Personal Data unless we can demonstrate compelling and legitimate grounds for the processing, which may override your own interests. Please note that if you request to object processing of your Personal Data, we may have to suspend the operation of your account and/or the goods and Services we provide you.
• Right to Processing and Automated Processing: You have a right to object to decisions being made solely on automated decision making or profiling.

Subject to any overriding legal obligations, requirements, and/or exemptions, we will endeavour to respond to your request promptly, unless we require further information from you. We may ask you to provide proof of your identity.

If you are not satisfied with how we handle your personal data, we recommend contacting our Data Protection Officer (DPO) by email at privacy@dwtc.com. Moreover, you have the option to file a complaint with the Data Office of the United Arab Emirates on their website.

14. Collection of Personal data of Children

We are committed to protecting the privacy needs of children and encourage parents and guardians to take an active role in their children's online activities and interests. It is important to note that we do not knowingly collect personal data from children, and our website are not intended to target or attract children as a primary audience.

If you are under 16 years of age, a minor in the jurisdiction in which you reside, we are not permitted to contract with you directly. The data of children shall be processed only if and to the extent that consent is given or authorised by the holder of parental responsibility over the child by filling out our Parental Consent Form.

15. External Links

Our website may provide links to third-party website for your convenience. If you access those links, you will leave our website. We do not control those websites or their privacy practices, which may differ from ours. We do not endorse or make any representations about any third-party website. This Privacy Policy does not cover the personal data you choose to give to unrelated third parties. We encourage you to review the Privacy Policy of any company before submitting your personal data. Some third-party companies may choose to share their personal data with us; that sharing is governed by that third-party company's Privacy Policy.

16. Amendments To Our Privacy Policy

We may revise this Privacy Policy from time to time at our sole discretion. Any revisions to our Privacy Policy will be made available on our website and these revisions will become effective immediately upon publication.

In specific cases, we may also choose to inform you about any revisions to this Privacy Policy by posting a notification on our website or sending you an email.

By continuing to use the website or our Services following the publication of any amendments to the Privacy Policy, you are indicating your agreement to the updated Privacy Policy. Please be aware that the utilization of Personal Data we gather is governed by the Privacy Policy in effect at the time when the said Personal Data was obtained.

17. Whistle Blowing

Aligned with Dubai World Trade Centre's mission, values, and commitment to the highest standards of integrity and ethical behaviour, we endeavour to present clear guidelines related to protected disclosure or 'whistle blowing'. Business misconduct including incidents of unacceptable or undesirable conduct by our officers and employees is not tolerated and is harmful to business and society. If you have information concerning malpractice, impropriety or alleged wrongful conduct, please utilise the following email address inconfidence@dwtc.com to report your concerns. Depending on the nature of the concerns, the exact timescales for the investigations will be flexible. However, every effort will be made to address the issue at the earliest.

18. How to contact us

If you have any questions about our Privacy Policy, you can contact our Data Privacy Officer by email at privacy@dwtc.com.