Privacy & Cookies

Last updated: 15 September 2025

This Privacy Policy explains how Preferred by Nature (“we”, “our”, or “us”) collects, uses, shares, and protects personal information in connection with International Sustainable Rice Forum 2025 event website (the “Site”). It also describes your rights and choices. If anything here is unclear, please contact us (details below).

1) Who we are (Data Controller)

  • Controller: Preferred by Nature F.M.B.A.; Danish Central Business Register (CVR) 18044633; VAT DK18044633; with an address of Skindergade 23, 3, 1159 Copenhagen, Denmark
  • Email: isrf@pbn.org
  • Data Protection Officer (DPO): dpo@pbn.org

This notice applies when we determine the purposes and means of processing your personal data (e.g., event registration, communications, and on‑site operations).

2) Scope

This policy applies to information we collect via our EventCreate registration pages, ticketing flows, emails, surveys, and on‑site at the event. It does not cover third‑party websites you may access via links from our Site.

Disclaimer – Registration via EventCreate

Our website provides event information. When you click Tickets & Registration, you will be redirected to a page hosted by EventCreate (a third‑party platform). While on EventCreate, your use of that page and any data you submit there are governed by EventCreate’s own Terms, Privacy Policy, and Cookie Policy.

3) Information we collect

We collect the following information through our EventCreate registration form when you sign up for the event (some fields may be optional):

  • First name, last name
  • Email address
  • Phone number
  • Organisation/Institution
  • Job title
  • Industry Sector
  • Country
  • How you heard about the event
  • Dietary requirements
  • Coupon code (if applicable)

Ticketing & billing (EventCreate/Stripe). Registration and ticketing are provided by EventCreate, with payment processing by Stripe. We do not collect, access, or store any billing information (e.g., card numbers, billing address, VAT/Tax IDs) or invoices. Any ticketing, billing contact details, invoices, and payment data you submit are collected and processed directly by EventCreate/Stripe under their own privacy policies (see EventCreate Privacy Policy and Stripe Privacy Policy). We may receive non-financial confirmations from EventCreate (e.g., ticket ID or paid status) to administer your registration.

Special category information. Dietary requirements may reveal health or religious information. We collect and use this only with your explicit consent and only to meet catering needs. You can refuse to provide this information, but catering options may be limited.

Sources. We collect information primarily from you. We may also generate internal identifiers (e.g., ticket ID) and derived analytics (e.g., counts by sector/country).

4) How we use your information

We use personal information to:

  1. Issue tickets and manage registrations (including confirmations and customer support).
  2. Provide event updates and logistics (agenda, venue, travel guidance, schedule changes).
  3. Manage dietary needs for catering, where consented; and coordinate with venue/caterers.
  4. Analyse attendee demographics (e.g., sector, country) to improve the event; we prefer aggregated or de‑identified reporting where possible.
  5. Conduct post‑event surveys or feedback collection, if applicable.
  6. Send optional follow‑up communications about ISRF or related sustainable rice initiatives, where you opt in.
  7. Protect the event and our services (security, fraud prevention, troubleshooting, and record‑keeping).

We do not use your information for automated decision‑making that produces legal or similarly significant effects.

5) Legal bases

  • Contract: To register you, issue tickets, manage attendance, and provide customer service.
  • Consent: For marketing communications; and for processing dietary data (special category information). You may withdraw consent at any time.
  • Legitimate interests: To analyse engagement and improve our event; ensure security; produce high‑level reporting. We balance these interests against your rights and freedoms.
  • Legal obligations: To meet accounting, tax, and other regulatory duties.

6) Sharing and disclosures

We share personal information only as needed for the purposes above:

  • EventCreate (ticketing/registration) – hosts the registration pages and ticketing workflow.
  • Stripe (payments) – processes payments; we do not access or store full card details.
  • Email tool (i.e., Mailchimp) – for event updates and, if you opt in, marketing communications.
  • Survey tool – to collect post‑event feedback, if applicable.
  • Venue and caterers – to accommodate dietary requirements; we provide aggregated information where possible and limit access to only what’s necessary.
  • Photography/videography provider – to document the event. See Photography & recording below.
  • Professional advisers and authorities – where required to comply with law, enforce our terms, or protect rights, property, or safety.

All vendors act as our processors where they handle data on our instructions. We require appropriate contractual safeguards (including confidentiality and security commitments).

7) International transfers

Our service providers (including EventCreate, Stripe, email/survey/hosting providers) may process data in countries outside your own. Where required, we rely on appropriate transfer mechanisms, such as adequacy decisions or Standard Contractual Clauses (SCCs) provided by the European Commission/UK ICO, together with supplementary measures where necessary. For details, please consult EventCreate’s and Stripe’s published privacy and transfer statements or contact us.

8) Retention

We keep personal information only as long as needed for the purposes described above or as required by law.

Data categoryTypical retention
Financial and invoicing dataRetained per statutory accounting requirements
Contact & registration dataUp to twelve (12) months after the event for follow‑up and reporting, unless you consent to ongoing communications (in which case we keep contact details until you unsubscribe or withdraw consent).
Dietary informationDeleted within one (1) month after the event concludes.
Operational logs/security recordsAs necessary for security and auditing, typically up to twelve (12) months unless required longer.

We may retain de‑identified or aggregated information that no longer identifies you.

9) Your rights and choices

Depending on your location, you may have the right to access, rectify, erase, or restrict processing of your personal data, to object to processing (including for direct marketing), and to data portability. Where we rely on consent, you may withdraw consent at any time (this will not affect processing already performed). You also have the right to lodge a complaint with your local supervisory authority.

Marketing choices. You can opt out of marketing emails at any time by using the unsubscribe link in our emails or contacting us. Transactional or service communications (e.g., ticket confirmations, critical event updates) are not marketing and you will continue to receive them as needed to perform the contract.

Dietary information. You may choose not to provide dietary details. If you previously consented and wish to withdraw, contact us and we will delete this information (subject to legal allowances) and inform our caterers accordingly.

To exercise your rights, contact us using the details in Section 1. We may need to verify your identity before responding.

10) Cookies and similar technologies

Our Site may use necessary cookies to operate and optional cookies (e.g., analytics) to understand usage. Where required, we provide a cookie banner or preferences tool to capture your choices. You can manage cookies through your browser settings; disabling certain cookies may affect site functionality.

11) Photography & recording on‑site

We may photograph and/or record the event for documentation and promotional purposes. Signage will be displayed on‑site. If you prefer not to be individually identifiable in such materials, please inform a member of staff at registration so we can provide a no‑photo indicator and seat you accordingly where feasible, or otherwise accommodate your request (e.g., blurring, exclusion from close‑ups).

12) Security

We implement appropriate technical and organisational measures to protect personal information, including access controls, encryption in transit, and staff training. No system can be 100% secure; if we become aware of a data incident affecting you, we will notify you and relevant authorities where required by law.

13) Children

Our event is intended for professionals. We do not knowingly collect personal information from children under the age of sixteen (16). If you believe a child has provided personal information, please contact us so we can delete it and take appropriate steps.