Our Privacy Policy

Stockholm Innovation Bootcamp is an initiative organised by and through the non-profit organization Hailey. Haileys aim is to increase multidisciplinary teamwork and inspire innovation through the Bootcamp.

At Hailey one of our main priorities is the privacy of our website´s visitors and the applicants of Stockholm Innovation Bootcamp. Through this Privacy Policy, we would like to inform you how Hailey collects, records and processes your personal and sensible data, pursuant to the Regulation (UE) 2016/679 of April 27, 2016.

Our Privacy Policy applies to our online activities and to visitors on our website as well as attendees for Stockholm Innovation Bootcamp, with regards to the information that they share with the Hailey through the sign up sheets on the website or otherwise. This Policy is not applicable to any information collected offline or via channels other than this website.

1.1 Applicants: include both the users visiting the website for gathering information or for contacting Hailey and the people that through the website will apply to attend the Stockholm Innovation Bootcamp events (either as a student or as a mentor).

1.2 Data Controller: is the legal person which determines the purposes and means of the Processing of personal and sensible data. It is Hailey r.f, non profit organization that organizes and runs the Stockholm Innovation Bootcamp events.

1.3 Personal data: any information relating to an identified or identifiable natural person, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

1.4 Processing: any operation or set of operations which is performed on personal and sensible data or on sets of personal and sensible data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1.5 Sensible Data: personal and sensible data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. Hailey doesn't ask for sensible data. Nevertheless the sensible data that might be volunteered by the applicants will be treated with the highest standards, as required by the applicable legislation.

1.6 Regulation: Regulation (UE) 2016/679 of April 27, 2016.

1.7 Services: are offered by Hailey through the website. To gather information about the Stockholm Innovation Bootcamp, to contact Hailey for questions or queries, to apply to the events organized by Hailey (both in-person or online), to become a mentor in the latter and to become a partner of Hailey.

1.8 Website: the website
The Data Controller of the Processing of Personal and Sensible Data is Hailey r.f, with legal seat in Iskanegränd 2, Hägersten (Sweden). Any request related to the Processing carried out by Hailey concerning the personal and sensible data, also in relation to the exercise of the Rights according to the following article 7, shall be addressed to Alex Suliman via e-mail to the following address: [email protected].
The Website collects and processes personal and sensible data for the following purposes:

  1. a. Allowing a correct technical use of the Website, essentially through the use of Cookies (see Cookie Policy).

  2. b. Offering the requested Services to the Applicants.
    Processing of personal and sensible data for the purpose indicated is necessary for the fulfilment of the requested Services and it is based on the free, specific, informed and unequivocal consent of the Applicants. The potential refusal of the Applicants to provide the consent for the processing will impede the fulfilment of the requested Services.
Hailey collects the personal and sensible data through the following means of collections:
  1. a. personal and sensible data automatically collected by the Website through the Cookies (see Cookie Policy);
  2. b. personal and sensible data provided freely by the Applicants, by filling in the application forms on the Website;
  3. c. personal and sensible data expressly provided by the Applicants to Hailey through offline means, such as via e-mail, mail or phone calls.
personal and sensible data may be disclosed and communicated for the purposes indicated in above to Members of the Board of Hailey r.f., volunteers at Stockholm Innovation Bootcamp or other events, internal Collaborators, IT services providers.
personal and sensible data is stored by the Data Controller for the time strictly necessary to achieve the purposes for which the Personal and Sensible Data are collected, as indicated in the article 3. In particular, the Data Controller stores the Personal and Sensible Data for the entire time necessary to fulfil the activities connected with the requested Services for a maximum period of 24 months since the collection of consent or, if subsequent, the date of the last interaction between the Applicants and Hailey.

Applicants always reserve the right to withdraw the consent as indicated in the following article 7 lit. a. ,

In any case, the Data Controller is authorized to retain all or part of the Personal and Sensible Data in relation to the aforementioned Processing, for the maximum period of 10 years since the last activity performed in favour of the Applicants to fulfil the Services, only to the extent required to fulfil any legal or fiscal obligations and for the possible assessment, exercise and defence of its rights before judicial authorities.

Once these retention periods have expired, the Data Controller will carry out the automatic erasure of all Personal and Sensible Data collected; otherwise it will irreversibly transform them into anonymous form.
Pursuant to article 13 of the Regulation, during the retention period indicated in the previous article 6 of this Privacy Policy, the Applicants has the right to:

  1. a. Withdraw of consent - with reference to the Processing, withdraw the consent at any time, and the withdrawal of consent shall not affect the lawfulness of the previous Processing, by sending an e-mail to the controller (article 7 Regulation);

  2. b. Access to personal and sensible data - obtain access to the personal and sensible data and to the information on the Processing and any possible copy in electronic form (article 15 Regulation);

  3. c. Rectification or integration of personal and sensible data - ask for rectification and/or integration of personal and sensible data, without undue delay (article 16 Regulation);

  4. d. Erasure of personal and sensible data - where specific grounds apply (for example unlawful data process, withdrawal of consent, absence of purposes for Processing) ask the erasure of personal and sensible data, without undue delay (article 17 Regulation);

  5. e. Restriction of Processing - where specific grounds apply (for example inaccuracy of personal and sensible data, Processing is unlawful, exercise of legal claims) ask the restriction of personal and sensible data, without undue delay (article 18 Regulation);

  6. f. Personal and sensible data portability - in case of Processing through automated means, receive its personal and sensible data in a readable common format and, consequently, exercise its so called right to personal and sensible data Portability and transmit those data to a third party (article 20 Regulation);

  7. g. Oppose the Processing - in any case, oppose the Processing of personal and sensible data, by sending an e-mail to the Data Controller ( article 21 Regulation);

  8. h. Data breach - be informed by the controller without undue delay of possible personal and sensible data breach or unauthorized access by third parties to the controller’s systems where personal and sensible data where stored (c.d. data breach - article 34 Regulation);

  9. i. Filing a complaint to the supervisory authority - Filing a complaint to the supervisory authority in the EU Member State of his habitual residence, place of work or place of the alleged infringement of its rights (article 77 Regulation).

This Privacy Policy was last updated on February 2021 and may in future be modified according to changing circumstances or legislation. If you wish to contact Hailey for questions on matters related to any part of this Privacy Policy, or for exercising your rights, do not hesitate to contact our DPO - Alex Suliman - to the following address: [email protected]

Latest version: February 2021 DPO - Alex Suliman, [email protected]