Privacy & Security

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal information when you use our services and participate in the Odisha Medical Devices Expo

Introduction

The Odisha Medical Devices Expo ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, register for our events, or participate in our expo activities.

This policy complies with applicable data protection laws, including the General Data Protection Regulation (GDPR) and other relevant privacy regulations. By using our services, you consent to the data practices described in this policy.

Information We Collect

We collect various types of information to provide and improve our services:

Personal Information

  • Name, email address, phone number, and postal address
  • Professional information (company, job title, industry)
  • Payment and billing information
  • Identification documents for event access
  • Emergency contact information

Event Participation Data

  • Registration details and session preferences
  • Exhibitor information and booth details
  • Conference attendance records
  • Survey responses and feedback
  • Networking interaction data

Technical Information

  • IP address, browser type, and device information
  • Website usage analytics and navigation patterns
  • Cookies and similar tracking technologies
  • Log files and error reports

How We Use Your Information

We use the information we collect for various purposes, including:

Purpose Description
Event Management Processing registrations, managing attendance, and facilitating expo activities
Communication Sending event updates, confirmations, and important notifications
Marketing Providing information about future events and services (with consent)
Legal Compliance Meeting regulatory requirements and contractual obligations
Service Improvement Analyzing usage patterns to enhance our website and services
Security Protecting against fraud, abuse, and security threats

Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Consent: When you explicitly agree to data processing for specific purposes
  • Contractual Necessity: To fulfill our contractual obligations for event services
  • Legal Obligation: To comply with applicable laws and regulations
  • Legitimate Interest: For security, fraud prevention, and service improvement purposes
  • Vital Interest: To protect your life or physical safety in emergency situations

Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except in the following circumstances:

Authorized Sharing

  • Event Partners: Limited information shared with exhibitors, sponsors, and venue partners
  • Service Providers: Third-party vendors who assist in event management and operations
  • Professional Advisors: Legal, accounting, and other professional service providers
  • Government Authorities: When required by law or legal process

Important Notice

We implement strict controls on information sharing and require all third-party partners to maintain the same level of data protection as outlined in this policy.

Data Security

We implement comprehensive security measures to protect your personal information:

  • SSL/TLS encryption for data transmission
  • Secure servers and databases with access controls
  • Regular security audits and vulnerability assessments
  • Employee training on data protection practices
  • Incident response procedures for security breaches
  • Regular data backups and disaster recovery plans

Security Commitment

While we implement robust security measures, no method of transmission over the internet is 100% secure. We continuously monitor and improve our security practices.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law:

  • Registration Data: 3 years after your last event participation
  • Financial Records: 7 years for tax and accounting purposes
  • Communication Records: 2 years from the date of communication
  • Marketing Data: Until you withdraw consent or 2 years of inactivity
  • Website Analytics: 26 months for Google Analytics data

Your Privacy Rights

You have the following rights regarding your personal data:

  • Right to Access: Request copies of your personal data we hold
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of data processing
  • Right to Data Portability: Request transfer of your data to another organization
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for processing at any time

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience:

Types of Cookies We Use

  • Essential Cookies: Required for basic website functionality
  • Analytics Cookies: Help us understand how visitors use our website
  • Marketing Cookies: Used to deliver relevant advertisements
  • Preference Cookies: Remember your settings and preferences

You can control cookie settings through your browser preferences. However, disabling certain cookies may affect website functionality.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws by implementing appropriate safeguards:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions for countries with adequate protection levels
  • Binding Corporate Rules for intra-group transfers
  • Certification schemes and codes of conduct

Children's Privacy

Our services are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected such information, we will take steps to delete it promptly.

For participants between 16-18 years of age, we require parental consent for certain activities and data processing.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered participants
  • Displaying prominent notices on our website

The "Last Updated" date at the top of this policy indicates when the latest changes were made.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Officer Contact Information

Email: privacy@odishamedicalexpo.com
Phone: +91 9776511666 / 7205959333
Address: 309/1801, Mangala Mandira Chowk, Sailashree Bihar, Bhubaneswar, Odisha, India
Data Protection Officer: Available upon request

Response Time

We will respond to your privacy-related inquiries within 30 days of receipt. For complex requests, we may extend this period by an additional 30 days and will notify you accordingly.

Last updated: November 7, 2025

Effective date: November 7, 2025