Select Page

Privacy Policy: MedTech Innovation 2025 Helsinki Summit

This Privacy Policy outlines how the MedTech Innovation 2025 Helsinki Summit, presented by inXso.pro, collects, uses, and protects your personal data in compliance with the General Data Protection Regulation (GDPR). We are committed to ensuring the privacy and security of your personal information. This policy provides important information about our practices, your rights, and how your data is handled in relation to the event.

1. Who We Are The MedTech Innovation 2025 Helsinki Summit is a premier one-day event organised by inXso.pro, an innovation agency based in Tampere, Finland. Our website address is  

www.mti25.com.

2. Information We Collect We collect personal information directly from you when you register for the event, interact with our services, or visit our website. This information is necessary for the proper management and organisation of the summit. The data we may collect includes:  

  • Contact Information: This includes your name, email address, phone number, and mailing address.  
  • Professional Information: This may include your job title, company, and industry.  
  • Transactional Information: Details related to your ticket purchases, past event attendance, and financial transactions.  
  • Device and Location Information: This includes your IP address and other unique device identifiers when you use our website.  

3. How We Use Your Information We collect and process your personal information for the following purposes:

  • Event Management: To communicate with you about your registration, provide event updates, and manage the overall organisation of the summit. This includes sharing your information with our co-organisers and third-party service providers, such as catering staff, where necessary to deliver the services you have requested.  
  • Marketing and Communication: To send you information about future events and services that may be of interest to you. You will always have the right to opt out of these communications at any time.  
  • Internal Reporting: For our internal reporting and data analysis to improve our services and monitor compliance with regulations.  

4. How We Protect and Retain Your Data We have implemented physical, electronic, and managerial procedures to protect the information we collect. However, please note that no security system is completely impenetrable, and we cannot guarantee the absolute security of your personal data transmitted over the internet.  

We will retain your information for as long as needed to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements. The standard retention period for our company is two years, after which all collected information will be deleted.  

5. Pitching Competition and Strategic Data Sharing

Participation in the MedTech Innovation 2025 Pitching Competition involves the collection and limited processing of both Personal Data (PD) and commercially sensitive information (CSI). All processing and sharing protocols related to applicants’ Personal Data are governed by a separate Data Processing Addendum (DPA) executed between the relevant parties, which ensures specific compliance with the General Data Protection Regulation (GDPR) and the supplementing Finnish Data Protection Act (Tietosuojalaki 1050/2018).

This section outlines explicitly how we process and utilise competition data under the terms of the limited license granted by the applicant.

5.1 Categories of Data Collected

The application process is structured into two phases, defining the scope and sensitivity of the data collected:

  • Phase 1 (Qualification Data): This includes Personal Data (e.g., founder names, contact information), non-confidential company executive summaries, and high-level project overviews.
  • Phase 2 (Finalist Commercial Data): This includes the full pitch deck (which may contain commercially sensitive intellectual property and strategic details), detailed financial projections, and specific technology information.

5.2 Purpose and Legal Basis for Processing

We process and utilise this competition data under the legal basis of explicit consent (Article 6(1)(a) GDPR) from the applicant, as secured via the application form. The limited license granted by the Participant allows the Competition Hosts to process the data solely for the following internal purposes:

  1. Evaluation and Judging: To allow the official judging panel to rigorously evaluate the quality and viability of the application and select finalists and winners.
  2. Necessary Pre-Investment Due Diligence: To facilitate initial, internal review of the commercial proposition by the Competition Hosts prior to any potential external investment negotiation.

5.3 Data Disclosure and Limited Access

The submitted application data (including pitch summaries and pitch decks) is strictly limited to the Pitching Competition.

Data disclosure is limited exclusively to the following categories of recipients:

  • Competition Hosts: All data is accessed and processed by the official Competition Hosts (and their internal team) for the purposes stated in Section 5.2, under the terms of the Limited Due Diligence License.
  • Official Judging Panel: Data is shared with the independent, verified members of the judging panel solely for the purpose of evaluation.

5.4 Confidentiality and Applicant Responsibility (Startup IP)

All Startup IP (including business plans and models) submitted shall remain the sole and exclusive property of the respective Participants. The Competition Hosts do not acquire any ownership right, license, or option over the Startup IP merely by hosting or judging the Competition.

Applicants are strongly advised that while the Competition Hosts and Judges adhere to professional duties of confidence, the MedTech Innovation Summit does not guarantee the absolute confidentiality of any commercial data submitted.

Applicants are solely responsible for ensuring that their pitch decks do not contain strictly proprietary or patentable information. The Summit is not liable for any intellectual property loss resulting from data sharing in line with the explicit consent and limited license provided during the application process.

5.5 Data Retention and Alignment with DPA

Competition data will be retained for a maximum of three years following the event to track competition alum success and conduct internal performance analysis. This period extends the standard two-year retention period only for data related to Pitching Competition applicants. Data handling, security measures, and compliance protocols for this specific processing activity are entirely governed by the executed DPA.

6. Your Data Protection Rights Under GDPR, you have the right to access, rectify, or request the deletion of your personal data. You also have the right to object to or restrict the processing of your data, or to request a copy of the personal information we hold about you. If you would like to exercise any of these rights, please contact us at   

hello@mti25.com

7. Cookies Our website uses cookies to enhance your user experience, analyse site traffic, and support marketing efforts. You can manage your cookie preferences through your browser settings.