European Casino Association

Dear ECA Cybersecurity Experts,

We are delighted to announce our specialised ECA Cybersecurity Workshop, exclusively designed for cybersecurity professionals within the European Casino Association (ECA). Please mark your calendars for 6 and 7 October 2026, as we convene at the Casino Stuttgart in Germany for this critical industry event.

Event Highlights:

• Venue: Casino Stuttgart, Germany

• Dates: 6–7 October 2026

• Accommodation: Please consult booking.com to find a suitable hotel for your stay

Workshop Objectives:

Our primary goal is to strengthen the cybersecurity community amongst our ECA member casinos. This workshop offers an essential platform to:

• Share critical threat intelligence and defence strategies

• Exchange cybersecurity best practices and lessons learnt

• Discuss the latest industry threats and regulatory developments

• Foster collaboration on cyber resilience initiatives

Collaborative Programme Development:

We’re committed to tailoring this workshop to address your most pressing cybersecurity concerns. Please share any specific topics you’d like to explore during our sessions, ensuring a truly collaborative and practical experience. You can find the latest programme here – please check back regularly as we continue to update the schedule.

Your Experiences Matter:

Given the escalating cyber threats facing our sector, we invite you to share your real-world experiences. We encourage 10 to 15-minute presentations on cybersecurity incidents, implementations, or innovations from your operations. Please bring your materials on your devices, focusing on:

• Challenges faced and overcome

• Security implementations and upgrades

• Technology investments and their outcomes

• Ongoing cybersecurity projects and initiatives

Would you like me to make the tone slightly more formal or keep it in this approachable professional style?

Important Additional Information:
The host casino will charge a € 120 food & beverage allowance, payable upon arrival at the casino. An invoice will be handed over. This covers the welcome lunch, farewell lunch, and networking reception for the two days.

We eagerly anticipate your participation in this vital event. Together, we'll strengthen our collective cyber defences, share invaluable expertise, and enhance the cybersecurity posture across our industry.

Please Note: This workshop is exclusively for representatives of ECA member casinos. Space is limited to ensure interactive sessions and meaningful networking opportunities.

Important notifications

Please carefully read the following as you will be asked to confirm that you read, understood and agreed to its content.

DECLARATION OF CONSENT: PHOTOGRAPHS, RECORDINGS, AND OTHER PERSONAL DATA

By clicking on the respective confirmation in the electronic registration sheet, I consent to pictures and recordings being taken of me by ECA or on behalf of the European Casino Association (“ECA”), in the course of the ECA Cybersecurity Workshop from 6–7 October 2026.

I understand that I will not be entitled to receive any payment in consideration for the use of images or information related to me.

The ECA shall have the right to use such personal data as described above, without limitation, by way of fixation, reproduction, editing, licensing, distribution and incorporation in other works, in whatever form (e.g. hard copy or electronic), such as in publications, on websites, in films or videos, in order to promote the ECA’s interests, without any obligation on the part of the ECA to seek any further authorisation by me.

The participant may revoke his/her/their consent at any time by sending a letter to the ECA at Rue du Commerce 31, 1000 Brussels, Belgium, or by sending an email to secretary.general@europeancasinoassociation.org.

The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

PRIVACY STATEMENT

ECA Cybersecurity Workshop 2026

Germany, Casino Stuttgart, 6–7 October 2026

Data Protection Information on Event Registrations (in accordance with Art. 13 GDPR)

1. Responsibility

This event is organised by the European Casino Association (ECA), which is the data controller in charge of the processing of your personal data. For the collection and processing of your personal data in connection with the organisation of the Cybersecurity Workshop 2026 event registrations, the responsibility lies with:

European Casino Association, Rue du Commerce 31, 1000 Brussels, Belgium, +32 496 30 99 88, info@europeancasinoassociation.org (hereinafter “ECA”).

2. Description of data processing, purposes and types of data

In order to register participants for the in-person ECA events (hereinafter: “the event”) held at Casino Stuttgart, Germany, we use Corsizio “Forms” operated by the US-based provider Matrix Fusions Inc.

Different types of data are collected and processed. These include, in particular:

• Personal details (i.e., first and last name, e-mail address, professional details)

• Event metadata (i.e., date of arrival and departure, attendee information status and hotel booking)

• Connection data (i.e., phone numbers, country names, start and end times, IP addresses)

Your consent is required for:

• Photos and video recordings related to the event

• Participants’ list containing your name and affiliation, which may be shared with the organisers of the event

• Invitations to future events the ECA may organise

You can provide your consent via the event registration form online.

2.1. Required data and functions

If you participate in the event as an internal or external participant, you will receive a confirmation from the host via e-mail. When registering for the event, you must provide your name, contact details and, if necessary, other event-specific information.

The ECA will only store and process the data you entered during the registration process. In addition, Corsizio may collect user data required for the provision of the services as well as technical and operational support and improvements thereof.

2.2. Voluntary information and functions

You can provide further information about yourself, such as dietary requirements. This is done on a voluntary basis.

Please note that any voluntary information you provide for the event registration will be processed at least for the duration of the event.

2.3. Automated decision-making

The ECA will not use your personal data to make automated decisions about you. “Automated decisions” are defined as decisions made without human intervention. You have the right to opt out of automated processing at any time and to require that decisions be assessed by a person.

3. Legal basis for data processing

If you participate in the event as an external participant, your data will be processed based on Art. 6.1. (b) GDPR, provided that your participation in the event is necessary for the performance of a contract concluded with you. The same applies if the implementation of the event is necessary to carry out pre-contractual measures that are carried out at your request.

If the data processing in connection with the event is neither necessary for the purposes of the employment relationship nor for the fulfilment of a contract concluded with you or for the implementation of pre-contractual measures, it is carried out on the basis of Art. 6.1. (f) GDPR.

Our legitimate interest is to be able to communicate worldwide, to maintain business contacts and to provide services such as organising business events. If you provide additional information about yourself on a voluntary basis when using the tools or voluntarily use functions that are not strictly necessary, the data processing will take place on the basis of consent in accordance with Art. 6.1. (a) and Art. 7 GDPR, and potentially Art. 88.1 GDPR. You can withdraw your consent at any time with effect for the future. Kindly note that processing carried out before the withdrawal is not affected.

Your personal data will not be further processed for a different purpose than the ones mentioned above.

4. Disclosure of your data

In principle, we do not transfer your data to third parties. A transfer will only take place if the data is currently intended for disclosure, if you have previously expressly consented to the transfer, or if we are obliged or entitled to do so by law.

Corsizio supports our work as an external service provider and data processor within the meaning of Art. 28 GDPR. As a data processor, Corsizio processes your data strictly under our instructions and based on a separately concluded data processing contract. You can find more information at: https://www.corsizio.com/dpa.

In principle, your data will not be processed outside the European Union (EU) or the European Economic Area (EEA). However, it cannot be ruled out entirely that your data may also be processed outside the EU or the EEA. The transfer of data to the USA is subject to suitable guarantees within the meaning of Art. 46 GDPR, relying on standard contractual clauses and additional data protection measures.

5. Who are the recipients or categories of recipients of your personal data?

The recipients of your data will be the ECA staff in charge of the organisation, management and follow-up of this event.

6. Deletion of your data

In principle, we process and store your data only as long as it is necessary for the purposes for which it was collected. Thereafter, your data will be deleted, unless the processing or storage of your data is necessary for the assertion, exercise, or defence of legal claims.

In all other respects, the following storage or deletion periods apply: ECA will delete your personal data (excluding photos, audio, and video recordings that have been published) provided for the event latest two months after the event, unless you explicitly agree to your contact details being kept in order to receive invitations to future similar events organised by the ECA.

If you wish to delete these data at any time after you have given your consent, please contact us and we will do so within 15 working days upon receipt of your request or after the latest correspondence with you about your request.

Your photos, audio and video recordings that have been published (for example on the website or in publications) will remain in that format indefinitely.

7. Your rights as a data subject

In accordance with Article 15 GDPR, you have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed. Where this is the case, you have the right to access your personal data. You also have a right to correct incorrect data about you or to erase your personal data if one of the reasons stated in Art. 17 GDPR applies, i.e. if the data is no longer needed for the pursued purposes. You also have the right to restrict the processing of your data if one of the conditions mentioned in Art. 18 GDPR applies. Where applicable, you may have a right to data portability as stated in Art. 20 GDPR.

In cases where we process your personal data on the legal basis of Art. 6.1. (f) GDPR (consent), you also have the right to object at any time to the data processing for reasons arising from your particular situation. We will then no longer process your personal data unless there are compelling legitimate grounds for the processing that outweigh your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

You can assert your data protection rights here: secretary.general@europeancasinoassociation.org. The query will be dealt with within 15 working days.

You also have the right to file a complaint with a supervisory authority if you believe that the processing of your personal data violates your rights under the GDPR. The right to file a complaint may be exercised before a supervisory authority in the Member State of the data subject’s place of residence or the place of the alleged infringement.