FAQs and Logistics

The views and opinions expressed by speakers or other participants and in presentations made at the UN RBHR Forum are those of the speaker and not, necessarily, of the co-organizers and partners of the event. Viewpoints shared and presentations at the forum, or the presence of different organizations at the event, do not constitute an endorsement of a speaker or organization's views, comments, recommendations, services, or products.

Purpose and Scope This framework outlines the approach to data privacy and security for the United Nations Responsible Business and Human Rights Forum, Asia Pacific. It outlines the principles, processes and safeguards that co-organizers will use to govern the collection, use, sharing and protection of participant data throughout the organization and delivery of the Forum. The primary objectives are to: • Ensure participant data is handled in a manner consistent with the UN Personal Data Protection and Privacy Principles, relevant agency data privacy policies, the specific needs of this event, and general good practice in data protection. • Promote transparency, informed consent, and respect for participants’ privacy rights • Establish practical and proportionate processes to safeguard sensitive information, particularly for participants requiring additional privacy or security measures • Define clear roles and responsibilities among the co-organizers regarding data handling This framework is event-specific and does not create new legal obligations beyond existing organizational policies. It applies exclusively to the data collected, processed, and used in connection with the Forum. Each co-organizer remains responsible for ensuring data use aligns with their internal data protection standards and the consents obtained at registration. Any updates or adjustments to this framework will be communicated transparently through the Forum website. Principles for Data Collection Data collection will adhere to the following principles: • Data Minimization: Only information strictly necessary for Forum participation and event logistics will be collected. • Purpose Limitation: Data will only be used for the purposes stated during registration and consent. • Transparency: Clear explanations regarding data use will be provided at the point of collection and on the Forum website. • Special Protection: Enhanced measures will be taken for participants identified as at-risk, ensuring their information is handled discreetly and securely. Roles and Responsibilities Data Stewards • Data stewards are designated individuals responsible for managing access to the registration system (Indico) and overseeing day-to-day data processing activities. Data stewards are responsible for ensuring the data is processed according to this framework, participant consents are respected, and that pre-processed participant lists are securely stored, appropriately processed, and shared with co-organizers as agreed • Two data stewards will be designated – one from the Safeguarding Taskforce and one from the Forum Secretariat • All processing must comply with UN Data Protection and Privacy Principles, including secure storage, limited access, and proper deletion protocols, as well as agencies’ own Data Privacy policy (policies in Annex) Data Users • Data users are the forum UN co-organizers. • Each co-organizer will identify a data focal point(s), who will be provided with access to the processed lists Safeguarding Taskforce A dedicated team, led by OHCHR with participation from relevant co-organizers, will be responsible for overseeing the protection of participants requiring heightened security or confidentiality (e.g., human rights defenders, vulnerable groups). The Safeguarding Taskforce ensures that: • Sensitive participant data is kept secure and confidential; • Protected individuals are not included in public materials and general communications • Protected individuals are made aware of the risks of participating in a public event, including photography/videography; • The registration and participation experience are managed in a way that minimizes risks to these individuals and special registration procedures are implemented discreetly Data Collected Data collection Only the minimum and necessary data will be collected to facilitate participation in the Forum. This may include: • Name • Organization and Role • Age • Country • Contact information – email address • Consent for data use • Passport/National ID (for UNCC security and access protocols) • Dietary restrictions • Accessibility needs • Acknowledgement of public event/photography Consent-Based Data Collection All data collection will be based on informed consent and collected through the event registration form. Participants will be presented with clear, tiered consent options at registration, allowing them to choose how their information may be used: Mandatory to register (listed as disclaimers prior to submitting the registration form): • I understand that I will receive basic information on the forum logistics • I understand that this is a public forum, and that photos, videos and quotations may be used in external communication and public reports. Opt-in • I agree to receive information about the Forum from its co-organizers, such as invitations to specific sessions and networking opportunities. • I agree to receive communications from the Forum co-organizers about broader business and human rights issues, including publications, events, and opportunities for engagement. An additional question will be included on the registration form, apprising registrants that the Forum is not private, and that photography and quotations may be used in public communication and event summaries. This question will require participants to explicitly acknowledge this at registration. Data Use and Access The full registration data list will be accessible only to Data Stewards. Data Stewards will, on a weekly basis, update the registration list (in line with consent provided) and share with each agency Data Focal Point (to be determined and shared by each agency) from the start of registration through one week post-event. Co-organizers may: • Contact participants within the limits of their chosen consent tier • Access only consented contact data • Not send marketing/outreach or other communications unrelated to the Forum or to business and human rights, depending on consent provided. Reasonable use rules: • Limited outreach to entire list of registrants – preferably via a co-branded/common email format through the Forum secretariat email account (The Forum secretariat shall share with co-organizers the communication agenda so to allow these to suggest content for these general emails) • Mandatory to include email footers with data use notice and unsubscribe option. Transparency Measures • A dedicated page on the Forum website will host general data use rules and co-organizers’ data privacy statements as provided • Information on how to opt out will be included in email footers, and the Forum Secretariat email will be listed as a contact point for data queries. The Forum Secretariat will be responsible for forwarding all related communication to Data Stewards. • Participants rights will be clearly communicated during registration. • Consent information is visible and editable in the participant’s Indico profile (TBC?) (including for participants already in the system when registering to the UNRHRBF as a new event). Participants Rights • Participants can access or rectify their data on the Indico system, or request their data be deleted or their consent option be changed through the Forum Secretariat • Participants can withdraw their consent/opt out of communications agency-by-agency through the co-organizer’s regular channels (unsubscribe or opt-out). • Participants may contact the Forum Secretariat at any time to request deletion of their data. The Forum Secretariat will share this request with all co-organizers for further action. Security Measures The Forum co-organizers are committed to ensuring that participant data is stored and processed securely. For this the following measures will be implemented: • Restricted access: only authorized Data Stewards and designated Focal Points will have access to participant data, based on the consent provided • Secure storage: Participant data will be stored on password-protected systems, with encryption applied where technically feasible. • Handling of breaches: In the unlikely event of a data breach involving participant information, the Data Stewards will promptly investigate the incident. If the breach poses a risk to participants rights or privacy, affected participants will be notified without delay. Preventative measures will be strengthened based on the lessons learned. Annex: Data Policies of UN co-organizers • ST/SGB/2024/3 - Data protection and privacy policy for the Secretariat of the United Nations (https://docs.un.org/en/st/SGB/2024/3)(https://docs.un.org/en/st/SGB/2024/3)) • ST/SGB/2007/5 - Record-keeping and the management of United Nations archives (https://docs.un.org/en/ST/SGB/2007/5)(https://docs.un.org/en/ST/SGB/2007/5) • ST/SGB/2007/6 - Information sensitivity, classification and handling (https://docs.un.org/en/st/SGB/2007/6)(https://docs.un.org/en/st/SGB/2007/6)) • Legal information | UNICEF (https://www.unicef.org/legal)

The Forum organizers are committed to enabling a forum in which everyone can participate in an inclusive, respectful, healthy and safe environment and can be treated with fairness and dignity. This event follows the UN Code of Conduct (https://www.un.org/management/sites/www.un.org.management/files/un-system-model-code-conduct.pdf)for events. The United Nations has a zero-tolerance policy for any form of harassment, including sexual harassment, and will deal with such complaints promptly. Intimidation and Reprisals Acts of intimidation or reprisals against individuals and groups who participate in this regional forum or who cooperate or have cooperated with the United Nations, its representatives and mechanisms in the field of human rights are unacceptable. Please refer to the UN Code of Conduct (https://www.un.org/management/sites/www.un.org.management/files/un-system-model-code-conduct.pdf)and report any incident to the Security and Safety Section either in person or by phone at +66 2288 1102. For UN guidance on acts of intimidation and reprisal and human rights, please find more information here.(https://www.ohchr.org/en/reprisals) To report cases of intimidation and reprisal to the UN human rights system, please see here or reach out to ohchr-reprisals@un.org.(mailto:ohchr-reprisals@un.org) In addition, any act of intimidation or reprisals for participation at the UN Responsible Business and Human Rights Forum, should be promptly reported to the Secretariat of the Forum at: unrbhrforum@undp.org. (unrbhrforum@undp.org.) Sexual Harassment If you have experienced or witnessed harassment, including sexual harassment, at the UNRBHR Forum: A participant who feels that they have been harassed at a UN system event may report the matter to the organizer of the UN system event or relevant security authority, and a participant who witnesses such harassment should make such a report. You can report the matter to the organizer of the event at the premises where the event is taking place or through the Forum email unrbhrforum@undp.org (unrbhrforum@undp.org) Any victim of alleged harassment may also seek help from other relevant authorities, such as the local police. THAI emergency telephone numbers Police/general emergency call: Tel: 191 Fire brigade: Tel: 199 Emergency doctor/ ambulance: Tel: 1669/1554 Tourism police: Tel: 1155

The Forum organisers take the safeguarding of children and vulnerable people seriously. As part of their registration, all participants agreed to abide by the requirements of the Forum-specific child safeguarding policy. UN Responsible Business and Human Rights Forum Child Safeguarding Policy(https://drive.google.com/file/d/1gROXvDbcaP2mLLRbbJjQ8fUQOOklbCOJ/view?usp=sharing) During and following the event, the Safeguarding Focal Point may be contacted directly in person by notifying staff on the registration table. She may also be contacted by the below details: Ticiana Garcia-Tapia Adolescent Development Specialist UNICEF East Asia and Pacific Office Mobile/WhatsApp : +34 654 06 86 91(tel:+34654068691) Email: tgarciatapia@unicef.org(mailto:tgarciatapia@unicef.org)

The UN Responsible Business and Human Rights Forum is a public event. Please note that photographs, video recordings, and quotes from participants may be captured during sessions and used in communications materials, reports, and other public outputs by the organizers and partners. By participating in the Forum, you acknowledge and consent to this use. If you have any concerns, please contact the organizers.