Annual Conference & Exhibit App
During the Annual Conference & Exhibit, the Iowa League of Cities offers a conference app available on iOS and Android devices. The League restricts access to the event to registered participants.
Android users will need Android version 12 or higher.
If you need assistance with the app, please visit the conference registration desk, email firstname.lastname@example.org or call (515) 244-7282.
Some common troubleshooting tips:
- It’s common for conference registrations to be made with a work or city email address while you’re trying to access the app from your personal device with a personal email. If you can, try logging in with your work/city address. Otherwise, stop by the registration desk to request your email address be updated.
- Shared email addresses can be problematic as well. Two people using the same account to log into the app on different devices is a recipe for frustration. Again, the team at the registration desk can help.
The League offers attendees the option to use the event app for a better event experience. To provide this service, the League uses event registration records to create initial profiles for all Annual Conference & Exhibit attendees within the app. The uploaded profile consists of the following information:
- First Name
- Last Name
If you were registered by someone else, you might need to update your contact information at the registration desk before accessing the event app.
This process sends an email to the registrant, inviting them to use the event app. If the registrant creates an account within the app, they have access to use features, which include social networking and commentary, photo uploads, surveys, and vendor interaction opportunities. The registrant is in control of how much information about themselves is shared while using the app. If the registrant never logs into the app, none of their information is available to app users. The app is accessible to registrants for the year following the event.
Any collection, use, storage, deletion or other use (hereinafter “processing”) of data is solely for the purpose of providing our services. Our services have been designed with the aim of using as little personal data as possible. In this context, “personal data” (hereinafter also referred to as “data”) is understood to mean all individual information about personal or factual circumstances of an identified or identifiable natural person (so-called “data subject”).
The following statements on data protection describe what types of personal data are processed when you access our website, what happens to this personal data and how you can object to data processing if necessary.
1 General information about data processing in the Event Space
1.1 Responsible party
The responsible party is:
Iowa League of Cities
Address: 500 SW 7th Street, Suite 101, Des Moines, IA 50309
1.2 Protection of your data
If we work with other companies, such as email and server providers, to provide our services, this is only done after an extensive selection process. In this selection process, each individual service provider is carefully selected for its suitability in connection with technical and organizational capabilities in data protection. This selection procedure is documented in writing and a contract pursuant to Art. 28 (3) DSGVO on the processing of personal data on behalf (AV contract) is only concluded if it meets the requirements of Art. 28 DSGVO.
Your app data will be stored on hosted servers. Access to it is only possible for a few specially authorized persons.
Our service is SSL/TLS encrypted, which you can recognize by the “”https://”” at the beginning of the URL. Insofar as personal data is involved in email communication, the email dispatch from our app is encrypted. We also use the integrated SSL certificate for this.
1.3 Deletion of personal data
We only process personal data for as long as is necessary. As soon as the purpose of the data processing is fulfilled, blocking and deletion takes place according to the standards of the deletion concept here, unless legal regulations prevent deletion.
The technical functions of the app are provided by EventMobi GmbH. The data processing for the provision of the app’s functionality is carried out by: EventMobi GmbH, Warschauer Platz 11-13, Germany; phone: 030 / 5557 343 0, email address: email@example.com
Depending on the type of cookie, the storage time ranges from 70 to 730 days.
The collection of some data via cookies is mandatory for the use and operation of the App. This data processing is carried out on the basis of legitimate interest pursuant to Art. 6 para. 1 p. 1 lit. f) DSGVO to ensure the functioning of the app.
If you have any questions about data protection in the app, please contact firstname.lastname@example.org
For more information on data processing visit: https://iowaleague.org/workshops-events/annual-conference/app-support/
2 Data processing on this app and creation of log files
2.1 Description and scope of data processing
When you visit our service, our web servers temporarily store each access in a log file. The following personal data is collected and stored until automated deletion:
- IP address of the requesting computer
- Date and time of access
- Name and URL of the accessed file
- Amount of data transferred
- Message whether the retrieval was successful
- Recognition data of the browser and operating system used
- App from which the access was made
- Name of your Internet access provider
- E-mail address
- Biographical data
- Event Poll and Survey Responses
The League will conduct user surveys during the scope of the event. This information will be used by the League and the event speakers to assess the success of our event.
Our app offering uses the services of the hosting provider AWS. The data processing is carried out by: Amazon.com Inc, 410 Terry Avenue North, Seattle WA 98109, USA.
The hosting services of AWS are used to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the purpose of operating this online offer.
Further information on the data protection of the service provider can be found here: https://aws.amazon.com/privacy/?nc1=h_ls
2.2 Legal basis for data processing
The processing of this data is based on Art. 6 para. 1 p.1 lit. f) DSGVO. Our legitimate interest is based on making our service accessible to you.
2.3 Purpose of the data processing
Data processing is carried out for the purpose of enabling the use of the service (connection establishment). It is used for system security, technical administration of the network infrastructure and optimization of the Internet offer. The IP address is only evaluated in the event of attacks on our network infrastructure or the network infrastructure of our Internet provider.
2.4 Duration of data storage
The personal data will be deleted as soon as they are no longer required for the above purposes. This is the case when you close the service. Our hosting provider may use the data for statistical surveys. However, the data is anonymized for this purpose. A deletion of the data takes place at our hosting provider after 12 months.
2.5 Possibility of elimination by the data subject
The collection of data for the provision of the app and the storage of the data in log files is mandatory for the operation of the service. Consequently, there is no possibility of objection on the part of the user.
3.1 Description and scope of data processing
- Frequency of app visits
- Which functions of the service you use
- Search terms used
- Your cookie setting
- Your language setting
3.2 Legal basis for data processing
The legal basis for the processing of data through cookies that do not solely serve the functionality of our service is Art. 6 para. 1 p. 1 lit. a) DSGVO.
The legal basis for the processing of data for cookies that serve solely the functionality of this service is Art. 6 para. 1 S.1 lit. f) DSGVO.
3.3 Purpose of the data processing
Our legitimate interest results from the guarantee of a smooth connection setup and a comfortable use of our service as well as for reasons of evaluation of system security and stability. The data processing also takes place in order to enable a statistical evaluation of the app usage.
3.4 Duration of data storage
There are two types of cookies. Both are used on this service:
- Transient cookies (for this a)
- Persistent cookies (for this b)
- a) Transient cookies, they are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our service. The session cookies are deleted when you log out or close the browser.
- b) Persistent cookies, these are deleted automatically after a specified duration, which may differ depending on the cookie.
3.5 Possibility of elimination by the data subject
You have the option at any time to revoke your consent to data processing by cookies that do not serve solely the functionality of the service. In addition, we set cookies only after you have consented to the setting of cookies when accessing the app. In this way, you can prevent data processing via cookies in our service.
You can also delete cookies in the security settings of your browser at any time. Please note that you may not be able to use all the features of this service. You can also prevent cookies from being set at any time by making the appropriate settings in your Internet browser.
4 Registration in the app
4.1 Description and scope of data processing
You can register in our app. To do this, you must enter personal data in the registration mask. The following minimum data is collected for this purpose:
- First name
- Last name
- E-mail address
The data you provide in the registration mask will be used exclusively for processing and will not be passed on to third parties as a matter of principle.
4.2 Legal basis for data processing
If you enter personal data that belongs to the mandatory field input masks, the data processing is based on Art. 6 para. 1 p.1 lit b) DSGVO. If you also enter personal data in the other (optional) input field masks, the data processing is based on Art. 6 para. 1 p.1 lit. a) DSGVO.
4.3 Purpose of the data processing
We process your data solely for the purpose of completing your registration and maintaining your app account with us.
4.4 Duration of data storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is the case when you close your account with us and no legal or official retention periods prevent deletion.
4.5 Possibility of elimination by the data subject
Both during and after registration, you are free to change, correct or delete your personal data.
5.1 Description and scope of data processing
Through our service, it is possible to contact us via a contact form or by e-mail. For this purpose, various data are required to respond to the request, which are automatically stored for processing. The following data is collected as a minimum (marked as mandatory field) within the framework of the contact form:
- First name: Aric
- Last name: Cudnosky
- E-mail address: email@example.com
The data will not be passed on to third parties.
5.2 Legal basis for data processing
The legal basis used here is Art. 6 para. 1 p.1 lit. b) DSGVO.
5.3 Purpose of the data processing
We process your data exclusively to handle your contact request.
5.4 Duration of data storage
Your data will be deleted by us as soon as the purpose of the data processing has been fulfilled, predominantly immediately after the request has been answered. In rare cases, however, we may retain your data for a longer period of time. This may result from legal, regulatory or contractual obligations.
5.5 Possibility of elimination by the data subject
You can contact us at any time and object to further processing of your data. In this case, we can unfortunately not continue the communication with you. All personal data processed by us in the course of contacting you will be deleted in this case, unless the deletion conflicts with legal obligations to store your data.
5.5.1 Description and scope of data processing
We use the support chat of “HubSpot”, an online marketing platform. The data processing is carried out by: HubSpot, Inc, 25 First Street Cambridge, MA 02141, USA.
HubSpot collects the data provided in the chatbot as well as the message, day and time and stores it in our software. In the process, your data is stored on servers in the USA.
HubSpot does not use the data and does not share it with third parties. We trust in the reliability and IT and data security of HubSpot. You can find more information about data protection at HubSpot at https://legal.hubspot.com/terms-of-service
5.5.2 Legal basis for data processing
The data processing of your data provided in the context of the support chat by HubSpot is carried out in accordance with Art. 6 para. 1 p. 1 lit. b) DSGVO.
5.5.3 Purpose of the data processing
We use HubSpot as our service provider to offer you an easy way to submit your support requests to us.
5.5.4 Duration of data storage
According to HubSpot, HubSpot stores your personal data only as long as we use your personal data. HubSpot deletes your data when we delete you from our address file or delete our account with HubSpot after a period of 30 days.
5.5.5 Possibility of elimination by the data subject
You have the possibility to object to the data processing at any time. To do so, please contact us using the contact details above.
6 Participation in events
6.1.1 Description and scope of data processing
We use the service of Eventbrite for our app. Eventbrite is an online platform for event management and ticketing. The data processing takes place through: Eventbrite Inc, 535 Mission Street, 8th Floor, San Francisco, CA 94103, USA.
When you book a ticket for one of our events, the following personal data is transferred to the Eventbrite platform:
- Date of birth
- E-mail address
- Account number/ Credit card number
- Invoice amount
6.1.2 Legal basis for data processing
The legal basis for the use of Eventbrite is Art. 6 para. 1 lit. f) DSGVO. The processing of personal data required for the execution of the contract is based on Art. 6 para. 1 lit. b) DSGVO.
6.1.3 Purpose of the data processing
The purpose of the data processing is to provide an online platform for the sale of tickets for our events. therein also lies our legitimate interest in using the service of Eventbrite.
6.1.4 Duration of data storage
Eventbrite will retain your personal information for as long as necessary to provide the Service or for other important purposes such as complying with legal obligations, resolving disputes, and fulfilling our agreements.
6.1.5 Possibility of elimination by the data subject
You have the option to object to the collection of data by Eventbrite at any time. To do so, you can contact Eventbrite directly at firstname.lastname@example.org. However, this does not apply to such personal data that is absolutely necessary for the sale of the tickets and thus for the conclusion of the contract.
7 Video conferencing and livestream
7.1.1 Description and scope of data processing
We use Whereby, a provider of web-based video communications and related services, to conduct online meetings and video conferences. The data processing is carried out by: Whereby AS, Gate 1 no. 107, 6700 Måløy, Norway.
The following data are processed in the process:
- Display name
- E-mail address
- Admin user (yes/no)
- Date and time (to create, modify and activate the user account)
- Organization affiliation for personal user accounts associated with a business account
- Created “Video rooms”
- Room name
- Profile picture
- Background image
- When users choose the option to log in through their Google account, the following additional data is processed:
- Google Account User ID
- Display name
- URL of the profile picture
In addition, you may have the option to use the chat function. This may involve the processing of further data, such as text entries or uploaded files.
However, the data processed in a room is not stored.
If we want to record an online meeting, we will inform you transparently about this in advance and ask for your consent pursuant to Art. 6 (1) p. 1 lit. a) DSGVO. Consent can be revoked at any time.
Further information on data protection can be found here: https://whereby.helpscoutdocs.com/article/526-data-storage-and-security
7.1.2 Legal basis for data processing
The data processing is based on Art. 6 para. 1 p. 1 lit. b) DSGVO.
7.1.3 Purpose of the data processing
We use the service provider to be able to conduct video conferences and online meetings, for example, to provide you with the best possible advice.
7.1.4 Duration of data storage
The data will be deleted as soon as the purpose of the data processing has been achieved and no legal, contractual or official regulations prevent deletion. Longer storage may be necessary in particular if the data is required for the further fulfillment of the contract.
7.1.5 Possibility of elimination by the data subject
You have the possibility to exercise your rights against us at any time. For this purpose, please contact us using the contact details provided.
7.2.1 Description and scope of data processing
We use the Zoom tool to play back recorded and visually edited videos. Zoom also serves as a communication platform for video and telephone conferences and to communicate or edit and share files. In order to participate in one of our webinars, we send a link to your email address pointing to the corresponding online seminar at Zoom. You will then need to register with Zoom. The following personal data will be processed in the process:
- First name
- Last name
- E-mail address
- E-mail address confirmation
- Indication of whether you have entered your personal or company e-mail address
- Company name
- Indication of how you became aware of the online seminar
You may also voluntarily provide the following information:
- Phone number
Zoom is end-to-end encrypted.
- Information that you or others upload, provide or create while using Zoom, provided that you store chat logs. In doing so, Zoom assures this data processing is done for no other reason than in the course of providing your services. Zoom does not sell customer content to third parties or use it for promotional purposes.
- Technical information (e.g. IP address, system type and version, camera and microphone type)
- User preferences
- Information about how you use the service (e.g.: use a video conference or phone call)
- Approximate location
Zoom offers options for designing individual account settings as well as user rights with password protection. Likewise, Zoom submits to the standard contractual clauses of the EU in the event of data processing.
7.2.2 Legal basis for data processing
If you provide personal data that is part of the mandatory field input masks during registration, the data processing is based on Art. 6 para. 1 p.1 lit b) DSGVO. If you also enter personal data in the other (optional) input field masks, the data processing is based on Art. 6 para. 1 p.1 lit. a) DSGVO.
7.2.3 Purpose of the data processing
We use Zoom to be able to host online seminars and thus offer the possibility to present interesting content in a vivid way. Zoom processes the data to provide and optimize the services to you.
7.2.4 Duration of data storage
Zoom deletes personal data as long as the purpose of processing has been fulfilled and no legal regulations prevent deletion. You also have the option to delete your own content.
7.2.5 Possibility of elimination by the data subject
You have the possibility to object to the data processing or to revoke a given consent at any time. To do so, please contact our data protection officer or Zoom via the following e-mail address: email@example.com or firstname.lastname@example.org.
7.3.1 Description and scope of data processing
In our app, we use the services of the provider restream.io for the livestream and its analysis. The data processing is carried out by: Restream, Inc, 8121 Bee Caves Rd #150, Austin, TX 78746, USA.
When you access the Restream service from our app, Restream collects the following personal data, among other things, by setting cookies:
- IP address
- User ID
- Device type/ device identification
- Browser type
- Number of clicks
- Time spent on the stream
For more information about Restream’s privacy practices, please visit the following link: https://restream.io/privacy-policy.
7.3.2 Legal basis for data processing
The legal basis for data processing in the context of the provision of a livestream is Art. 6 para. 1 p. 1 lit. f) DSGVO. The legal basis for the analysis is your consent according to Art. 6 para. 1 lit. a) DSGVO.
7.3.3 Purpose of data processing
The purpose of data processing is the production and provision of Livestream to our the users of our service.
7.3.4 Duration of data storage
The data will be deleted as soon as the purpose of the data processing has been achieved and no legal or contractual retention periods prevent deletion.
7.3.5 Possibility of elimination by the data subject
You have the possibility to object to the data processing or to revoke a granted consent at any time. To do so, please contact our data protection officer or Restream directly via the following e-mail address: email@example.com.
8 Trackers and analysis tools
We use the following analysis tools to continuously improve our service offering. Which data is processed in each case and how you can reach the respective service providers is explained below:
8.1.1 Description and scope of data processing
We have integrated the services of the provider Keen.io in our app. Keen.io is an event streaming platform that allows us to analyze our event streams. The data processing is performed by: Keen.io, LLC, 122 E. Houston St., San Antonio, TX 78205.
- IP address
- Time, place and frequency of visiting our streams
Keen.io uses this data for the evaluation of our events.
You can find more information about data protection at Keen.io at the following link: https://keen.io/privacy-policy/.
8.1.2 Legal basis for data processing
The data processing is based on your consent pursuant to Art. 6 para. 1 lit. a) DSGVO.
8.1.3 Purpose of data processing
The purpose of data processing is the analysis and evaluation of our events. This enables us to constantly improve our services.
8.1.4 Duration of data storage
Data is deleted as soon as the purpose of the data processing has been achieved and no legal, contractual or official regulations prevent deletion.
8.1.5 Possibility of removal by the data subject
You have the possibility to revoke a given consent at any time. To do so, please contact us at the above contact details. You can also contact Keen.io directly at the following e-mail address: firstname.lastname@example.org.
8.2 New Relic
8.2.1 Description and scope of data processing
On this app, New Relic, a web analytics service is used. The data processing is carried out by: New Relic Inc, 101 Second Street, 15th Floor, San Francisco, CA 94105, USA.
This service enables statistical evaluations of the speed of retrieval of our app. Through the plugin, New Relic receives the information that you have called up the corresponding page of our website. If you are logged in as a user of New Relic, New Relic can assign the visit to your account there. If you are not a member of New Relic, it is still possible for New Relic to obtain and store your IP address. You can find more information here: https://newrelic.com/privacy
8.2.2 Legal basis for data processing
The legal basis for data processing is your consent pursuant to Art. 6 para. 1 p.1 lit. a) DSGVO.
8.2.3 Purpose of data processing
Our interest lies in monitoring and ensuring the speedy retrievability of our app.
8.2.4 Duration of data storage
The data will be deleted as soon as the purpose of the data processing has been achieved and no legal, contractual or official retention periods prevent deletion.
8.2.5 Possibility of removal by the data subject
You have the option to revoke any consent you have given at any time. If you are a member of New Relic and do not want New Relic to collect data about you on our app in order to link it to your membership data stored at New Relic, you must log out of New Relic before giving your consent to data processing.
8.3 Mode Analytics
8.3.1 Description and Scope of Data Processing.
Mode Analytics is a developer of a collaborative analytics platform used to make data-based decisions. The data processing is performed by: Mode Analytics, Inc, 208 Utah Street, Suite 400, San Francisco, CA 94103, USA.
8.3.2 Legal basis for data processing
The data processing is based on your given consent according to Art. 6 para. 1 p. 1 lit. a) DSGVO.
8.3.3 Purpose of data processing
The purpose of this service is to evaluate user behavior and thus to draw conclusions as to how our services can be improved.
8.3.4 Duration of data storage
Data is deleted as soon as the purpose of the data processing has been achieved and no legal, contractual or official retention periods prevent deletion.
8.3.5 Possibility of removal by the data subject
You have the option to revoke your consent to data processing at any time. For this purpose, please contact us.
9 Recommendations (tell-a-friend)
9.1 Description and scope of data processing
The data processing is carried out by: X Corp, 1355 Market Street, Suite 900, San Francisco, CA 94103
Additional information on data protection at Twitter can be found at the following link: https://twitter.com/privacy?lang=en
9.2 Legal basis for data processing
The data processing is based on your consent pursuant to Art. 6 para. 1 p.1 lit. a) DSGVO.
9.3 Purpose of data processing
It is in our interest that you can also easily inform your contacts about our offer.
9.4 Duration of data storage
According to Twitter, data is deleted, obfuscated or aggregated after a maximum of 30 days. Twitter endeavors not to collect data from browsers that Twitter believes are located in the European Union or European Free Trade Association (EFTA) states.
9.5 Possibility of elimination by the data subject
You can contact us at any time and object to further processing of your data. Further settings and objections to the use of data for advertising purposes are possible within the Twitter profile settings or via the US side or the EU side of Twitter. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.
10 Other third-party tools
Furthermore, we use third-party tools that help us with the app display and functionality of the service. These are listed below:
10.1 Google Maps
10.1.1 Description and scope of data processing
This service uses the Google Maps product from Google LLC. Data processing for the European Economic Area and for Switzerland is carried out by: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
10.1.2 Legal basis for data processing
The legal basis is your consent pursuant to Art. 6 para. 1 p. 1 lit. a) DSGVO.
10.1.3 Purpose of data processing
The use of Google Maps makes it easier for you to find our location, and to interact with it in various ways, e.g. by planning a route.
10.1.4 Duration of data storage
The data will be deleted as soon as it is no longer required for the purpose of data processing, unless legal, official or contractual regulations prevent deletion.
10.1.5 Possibility of removal by the data subject
You have the possibility to revoke a given consent to data processing at any time. If you choose not to use Google Maps, you will not be able to use parts of our service.
10.2.1 Description and scope of data processing
For sending emails (e.g. confirmation emails when booking an event) we use the dispatch service provider Sendgrid. The data processing is carried out by: Twilio Inc, 101 Spear Street, 1st Floor, San Francisco, CA 94105, USA.
By sending emails to you through Sendgrid, the following personal data is processed:
- E-mail address
- E-mail content
For more information about Twilio, Inc. privacy practices, please visit the following link: https://www.twilio.com/legal/privacy.
10.2.2 Legal basis for data processing
Data processing by Sendgrid is based on a legitimate interest on our part in the effective and secure transmission of important e-mails to you, in accordance with Art. 6 (1) p. 1 lit. f) DSGVO.
10.2.3 Purpose of data processing
The purpose of data processing is the reliable delivery of e-mails.
10.2.4 Duration of data storage
Personal Data will be stored by Twilio for as long as it is necessary to provide the Service to us and to conduct our business. No later than 60 days after closing the user account with Twilio, all data will be deleted or otherwise destroyed.
10.2.5 Possibility of elimination by the data subject
You have the possibility to exercise your rights towards us at any time. To do so, please contact us using the contact details provided. You can also contact Twilio directly at the following e-mail address: email@example.com.
10.3.1 Description and scope of data processing
Eventmobi uses the services of the error management tool Sentry for our app. This provides us with the possibility of real-time error tracking for our app, thus enabling us to reproduce or fix crashes. This helps us improve the technical stability of our software. Data processing is performed by: Functional Software, Inc. dba Sentry, 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA.
With the help of Sentry’s services, we have the ability to respond to errors in our app without the need to report them by the user. We log the IP address, the operating system used and the time of the error when errors occur. Sentry evaluates this data for the purpose of troubleshooting. Processing for other purposes does not take place.
For more information on data protection at Sentry, please visit: https://sentry.io/privacy/.
10.3.2 Legal basis for data processing
The legal basis for processing is our legitimate interest pursuant to Art. 6 (1) lit. f) DSGVO. Our legitimate interest lies in the error-free operation and user-friendly provision of our app.
10.3.3 Purpose of data processing
The purpose of data processing is error tracking and performance monitoring of the app. This serves us to be able to constantly optimize our app and our offer for you.
10.3.4 Duration of Data Retention
Sentry may retain your personal data for as long as necessary to fulfill the purposes described.
10.3.5 Possibility of elimination by the data subject.
You have the possibility to exercise your rights against us at any time. To do so, please contact us using the contact details provided.
11 Data transfer to a third country
In order to be able to provide the conference app services, we may use the support of service providers from the European area as well as from third countries. In order to ensure the protection of your personal data even in the event of data transfer to a third country, EventMobi concludes special order processing agreements with each of the carefully selected service providers. All of the service providers used have sufficient evidence that they ensure data security through appropriate technical and organizational measures. Service providers from third countries are either located in countries that have an adequate level of data protection recognized by the EU Commission (Art. 45 GDPR) or have provided appropriate safeguards (Art. 46 GDPR).
Adequate level of protection: The provider originates from a country whose adequate level of data protection has been recognized by the EU Commission. You can find more information at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en
EU standard contractual clauses: Our provider has submitted to the EU standard contractual clauses to ensure secure data transfer. You can find more information on this at: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX%3A32021D0914&locale=en
Binding Corporate Rules: Article 47 of the GDPR provides for the possibility of ensuring data protection when transferring data to a third country via binding internal data protection rules. These are reviewed and accepted by the competent supervisory authorities as part of the consistency procedure under Art. 63 GDPR.
Consent: In addition, a data transfer to a third country without an adequate level of protection will only take place if you have given us your consent for this pursuant to Art. 49 (1) a) DSGVO or if another exception pursuant to Art. 49 DSGVO is relevant for the data transfer.
12 Your rights
You have the following rights vis-à-vis us regarding the personal data concerning you:
12.1 Right to withdraw consent (cf. Art. 7 DSGVO).
If you have given your consent to the processing of your data, you may revoke it at any time. Such revocation affects the permissibility of the processing of your personal data for the future after you have expressed it to us. It can be made (remotely) verbally or in writing by mail or e-mail to us.
12.2 Right to information (cf. Art. 15 DSGVO).
In the event of a request for information, you must provide sufficient information about your identity and proof that the information is yours. The information concerns the following information:
- The purposes for which the personal data are processed;
- The categories of personal data which are processed;
- The recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
- The planned duration of the storage of the personal data concerning you or, if concrete information on this is not possible, criteria for determining the storage period;
- The existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
- The existence of a right of appeal to a supervisory authority;
- Any available information about the origin of the data, if the personal data are not collected from the data subject;
- The existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
12.3 Right to rectification or deletion (cf. Art. 16, 17 DSGVO)
You have a right to rectification and/or completion vis-à-vis us as the controller, insofar as the processed personal data concerning you are inaccurate or incomplete. The controller shall make the correction without undue delay.
In addition, you may request the deletion of the personal data concerning you, provided that one of the following reasons applies to you:
- The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
- You withdraw your consent on which the processing was based pursuant to Art. 6 (1) sentence 1 a) or Art. 9 (2) a) DSGVO and there is no other legal basis for the processing.
- You object to the processing pursuant to Art. 21 (1) DSGVO and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) DSGVO.
- The personal data concerning you have been processed unlawfully.
- The erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.
- The personal data concerning you has been collected in relation to information society services offered pursuant to Article 8(1) of the GDPR.
If we have made the personal data concerning you public and we are obliged to erase it pursuant to Article 17 (1) of the GDPR, we shall also take all reasonable measures to inform other data controllers that you have requested the erasure of all links to this personal data or of copies or replications of this personal data.
The right to erasure does not exist to the extent that the processing is necessary:
- For the exercise of the right to freedom of expression and information;
- For compliance with a legal obligation which requires processing under Union or Member State law to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- For reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) DSGVO;
- For archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Art. 89(1) DSGVO, insofar as the aforementioned right is likely to render impossible or seriously prejudice the achievement of the purposes of such processing; or
- For the assertion, exercise or defense of legal claims.
12.4 Right to restriction of processing (cf. Art. 18 DSGVO)
Under the following conditions, you may request that we restrict the processing of personal data relating to you:
- If you dispute the accuracy of the personal data concerning you for a period of time that allows us to verify the accuracy of your personal data;
- The processing is unlawful and you object to the erasure of the personal data and request instead the restriction of the use of the personal data;
- We no longer need the personal data for the purposes of processing, but you need them for the assertion, exercise or defense of legal claims; or
- If you have objected to the processing pursuant to Article 21 (1) DSGVO and it has not yet been determined whether our legitimate grounds override your grounds.
If the processing of personal data concerning you has been restricted, this data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State.
If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.
12.5 Right to information (cf. Art. 19 DSGVO)
If you have asserted your right to rectification, erasure or restriction of data processing against us, we are obliged to notify all recipients of your personal data of the rectification, erasure or restriction of data processing. This applies only to the extent that such notification does not prove impossible or would involve a disproportionate effort.
You have the right to know which recipients have received your data.
12.6 Right to data portability (cf. Art. 20 DSGVO)
You have the right to receive your personal data from us in a common, machine-readable format in order to have it transferred to another controller, if necessary, provided that:
- The processing is based on consent pursuant to Art. 6 (1) sentence 1 a) DSGVO or Art. 9 (2) a) DSGVO or on a contract pursuant to Art. 6 (1) sentence 1 b) DSGVO and
- The processing is carried out with the help of automated procedures.
When exercising your right to data portability, you have the right to obtain that the personal data be transferred directly from us to another controller, where technically feasible.
The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
12.7 Right to object to processing (cf. Art. 21 DSGVO)
If we base the processing of your personal data on a legitimate interest (pursuant to Art. 6 (1) p. 1 lit. f) DSGVO) on our part, you may object to the processing. The same applies should we base the data processing on Art. 6 (1) p. 1 lit. e) DSGVO.
When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the merits of the case and either discontinue or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.
12.8 Right to complain to the competent supervisory authority (cf. Art. 77 GDPR)
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.
The supervisory authority to which the complaint has been lodged will inform you of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
13 How to exercise these rights and subject to change.
To exercise these rights, please contact:
Iowa League of Cities
Address: 500 SW 7th Street, Suite 101, Des Moines, IA, 50309
Phone: (515) 244-7282
Last Updated: August 7, 2023
The App is provided to you as-is without any guarantee and you use it at your own risk. The App contains material which is owned by or licensed to us, so you should not copy them without obtaining permission from the authorized owner. Any data you submit to the App may be publicly viewable. You are responsible for the security of Personal Data of other participants provided to you when you use the App. You can find out what data we collect and how it is used in our Privacy Notice.
YOU ACKNOWLEDGE AND AGREE THAT THE APP AND ITS CONTENTS ARE PROVIDED ON AN “AS IS”, “AS AVAILABLE” BASIS AND WE DO NOT MAKE ANY, AND HEREBY SPECIFICALLY DISCLAIM ANY, REPRESENTATIONS, ENDORSEMENTS, GUARANTEES, OR WARRANTIES, EXPRESS OR IMPLIED, REGARDING THE APP OR ITS CONTENTS, INCLUDING, WITHOUT LIMITATION, ANY REGARDING OR ARISING FROM: (I) MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, OR NONINFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS; (II) COURSE OF DEALING, COURSE OF USAGE, OR COURSE OF PERFORMANCE; OR (III) TIMELINESS, ACCURACY, RELIABILITY OR CONTENT OF THE APP AND ANY INFORMATION PROVIDED THROUGH THE APP UNDER THIS AGREEMENT.
3. LIMITATION OF LIABILITY.
WE ARE NOT LIABLE FOR DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, PUNITIVE, EXEMPLARY, OR ANY OTHER DAMAGES (COLLECTIVELY, THE “DAMAGES”), ARISING OUT OF YOUR USE OR INABILITY TO USE THE APP. THIS PROVISION ENTITLED “LIMITATION OF LIABILITY” APPLIES REGARDLESS OF: (A) OUR NEGLIGENCE; (B) OUR GROSS NEGLIGENCE; (C) ANY FAILURE OF AN ESSENTIAL PURPOSE; AND (D) WHETHER SUCH LIABILITY ARISES IN NEGLIGENCE, CONTRACT, TORT, OR ANY OTHER THEORY OF LEGAL LIABILITY. THIS PROVISION ENTITLED “LIMITATION OF LIABILITY” APPLIES EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF OR COULD HAVE FORESEEN THE DAMAGES. IN THOSE STATES THAT DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR THE DAMAGES, OUR LIABILITY IS LIMITED TO THE FULLEST POSSIBLE EXTENT PERMITTED BY LAW. WE ARE NOT RESPONSIBLE AND NOT LIABLE FOR ANY INFORMATION, PRODUCTS, OR SERVICES PROVIDED BY OTHER WEB SITES THAT LINK TO OR FROM THE APP.
4. YOUR USE OF THE APP.
4.1 Your Right to Use the App.
We grant you a non-exclusive, personal, and revocable right to access the App.
You are responsible for protecting the confidentiality of your password(s), and for the acts and omissions of any third party that accesses the App through use of your password, as if such acts and omissions were your own.
4.3 Protection of Personal Data.
You may be provided with Personal Data of other users when using the App. You are responsible for protecting any Personal Data provided to you when you use the App. You agree not to make copies of any Personal Data provided to you within the App or to make use of such Personal Data other than those uses provided by the App.
4.4 Changes to the App and Premium Features.
We shall have the right at any time to change or discontinue any aspect or feature of the App, including, but not limited to, content, hours of availability, and equipment needed for access or use.
5. CHANGED TERMS.
We reserve the right, in our sole discretion, to update or modify these Terms at any time (“modifications”).
Modifications to these Terms will be posted with a change to the “Updated” date at the top of this page. In certain circumstances we may, but need not, provide you with additional notice of such modifications, including by email. Modifications will be effective thirty (30) days following the “Updated” date or such other date as communicated in any other notice to you.
Please review these Terms periodically. These Terms were updated on the date indicated above. Your continued participation in the event and use of the app following the effectiveness of any modifications to these Terms constitutes acceptance of those modifications. If any modification to these Terms is not acceptable to you, you should cease accessing, browsing and otherwise using the app.
Please note that access to premium App features may be subject to a fee and additional agreement(s), which we will provide to you for your approval before charging you.
You must obtain, pay for and maintain all software, hardware and anything else needed to use the App.
7. YOUR CONDUCT.
7.1 Lawful Purposes.
You shall use the App for lawful purposes only.
7.2 Intellectual Property.
The App contains copyrighted material, trademarks and other proprietary information, which may include, but is not limited to, text, software, photos, video, graphics, music and sound. We own a copyright in the selection, coordination, arrangement and enhancement of such content, as well as in the content original, granted or assigned to us. You may not modify, publish, transmit, participate in the transfer or sale of, create derivative works, publicly distribute, publicly display, reproduce, publicly perform, or in any way exploit in any format whatsoever (including, without limitation, print and electronic formats) any of the App content, without our prior written authorization. This material includes, but is not limited to, the design, layout, look, appearance and graphics. You acknowledge that you do not acquire any ownership rights by downloading copyrighted material.
7.3 Works and Material You Submit to the App.
You shall not upload, post or otherwise make available on the App any works or material protected by copyright, trademark or other proprietary right without the express written permission of the owner of the copyright, trademark or other proprietary right and the burden of determining that any works or material are not so protected rests entirely with you. You are liable for any damage resulting from any infringement of copyrights, trademarks, or other proprietary rights, or any other harm resulting from such a submission. For all works or material submitted by you to the App, you automatically grant, or warrant that the owner of such material has expressly granted, us a royalty-free, perpetual, irrevocable, worldwide, fully-paid up license to use, reproduce, create derivative works, publicly distribute, publicly perform, publicly display, assume any sound recording rights or moral rights of attribution or integrity, transmit, modify, adapt, publish, translate and distribute such material (in whole or in part) worldwide and/or to incorporate it in other works in any form, media or technology now known or hereafter developed (including, without limitation, print and electronic form, media and technology) for the full term of any copyright that may exist in such works or materials. Except as limited under applicable law, and subject to any functionality on the App allowing you to restrict access, you also permit any other App user to access, view, store or reproduce the works or materials consistent with the provision entitled “Your Right to Use the App”.
7.4 No Unauthorized Access and Unauthorized Activities on the App.
9. TERMINATION AND SURVIVAL.
All trademarks appearing on the App are the property of their respective owners. You gain no rights of any nature whatsoever in trademarks, service marks or trade names found in the App through your use of the App.
11. NO ENDORSEMENT OF APP CONTENT.
We neither endorse nor are responsible for the accuracy or reliability of any opinion, advice or statement made on or off the App by anyone other than one of our authorized employee spokespersons while acting in their official capacities. It is the responsibility of you to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content available through the App or through a App user. Advice of a professional may be necessary for you regarding the evaluation of any specific information, opinion, advice or other content.
Entire Agreement and Amendments. This Agreement is the entire agreement between us and supersedes all earlier and simultaneous agreements regarding the subject matter.
No Waivers, Cumulative Remedies. Our failure to insist upon strict performance of any provision of this Agreement is not a waiver of any of our rights under this Agreement. All of our remedies under this Agreement, at Law or in equity, are cumulative and nonexclusive.
Severability: If any portion of this Agreement is held to be unenforceable, the unenforceable portion must be construed as nearly as possible to reflect our original intent, the remaining portions remain in full force and effect, and the unenforceable portion remains enforceable in all other contexts and jurisdictions.
Captions and Plural Terms: All captions are for purposes of convenience only and are not to be used in interpretation or enforcement of this Agreement. Terms defined in the singular have the same meaning in the plural and vice versa.