Privacy Policy & Data Protection Terms and Conditions

Last publication on 09.11.23

I. Who are we?

Digitevent develops a “Service” that, on behalf of “Organizers”, allows non-exclusive event planning websites, “Participant” (or “Guest”) database management, ticketing, and access control of Participants at events. The Service is edited by Digitevent, 36, rue Vivienne, 75002 Paris, France (see Legal Notice).

II. Importance of data confidentiality

Aware of the critical importance of data confidentiality, Digit Event is strongly committed to protecting personal data in compliance with the current regulations (especially Directive 95/46/CE regarding data protection (as transposed in the national legislation of Member States) and the General Data Protection Regulation (GDPR).

This privacy policy may change according to the legal and regulatory environment. The GDPR applicable since the 25th of May 2018 aims at implementing standardized rules regarding data protection in the EU. Although the basic principle is based on pre-existing rules, the GDPR broadens the scope of application and requires more binding standards as well as sanctions in case of non-compliance. The GDPR imposes on us to publish the legal grounds we base ourselves on to process your personal data. These legal grounds are typically the following:

  • You gave consent;
  • It is required by our contractual relationship;
  • The processing is necessary to allow us to fulfill our legal or regulatory obligations; and/or
  • The processing is in our legitimate interest as an event planning and ticketing platform (e.g. To protect our systems’ safety and integrity and offer you client services etc.).

III. Implementation of our Privacy Policy

This Privacy Policy includes important information regarding your “Personal Data”. It states our policy regarding information that may be associated or linked to an individual in particular and/or may be used to identify a person (“Personal Data”) and collected from “Organizers” or “Participants”.

The “Non-Personal Data” used in this Privacy Policy is thus any information not associated with a person and/or that may not be used to identify a person. The limits and requirements of this Privacy Policy regarding our collection, use, communication, transfer, and storage/saving of Personal Data are not applicable to Non-Personal Data. We may associate this Non-Personal Data to your Personal Data, in which case we will process this combined Data as Personal Data until they can no longer be associated with or identify you. Similarly, when Personal Data is aggregated, it becomes Non-Personal Data.

IV. Collected Personal Data

1. Regarding the “Organizers”

We collect the data supplied when you register with the Service or when we correspond within the scope of business/support related/questionnaire related matters. Some data may also be obtained from third parties. This personal information contains and is not limited to your name, first name, email address, invoicing information.

2. Regarding the “Attendees” (or “Guests”)

Organizers may set up registration pages aimed at collecting all the information required on Attendees within the scope of the registration to the Organizer’s vent. Digitevent does not control the Organizer’s registration process or the Personal Data he collects.

3. For all Organizers and Participants

We may also collect some technical data automatically sent by computers using the Service (for example, and not limited to information regarding your access device, your browser, or IP).

4. Exclusions

  • We do not deliberately collect Personal Data from minors/under fifteen (15) years old. Should they be less than fifteen (15) years old, please do not submit any Personal Data through the Service.
  • This Privacy Policy only applies to Digitevent’s Service. The Service may contain links to others not operated or controlled by us (e.g. By the Organizer) on which this Privacy Policy is not applicable.

5. Data storage

The Personal and Confidential Data is hosted on the Amazon Web Service servers located in the European Union. Some may also be stored by third parties the transfer is in compliance with this Privacy Policy. We take all the steps we deem reasonable to protect the Personal Data collected through the Service against any loss, wrongful use, unauthorized access, accidental disclosure, modification, and destruction. No network, server, database, or internet or email transmission is however ever completely secure or free of errors.

a. Technical protective measures

  • All communication regarding the service is effected through HTTPS / SSL.
  • Organizers and Digitevent team’s passwords must follow a specific format (minimum 8 characters with numbers and capital). They are also encrypted as a database therefore not searchable by the Digitevent team members.
  • An advanced server logging system has been implemented. This system records: the time of the inquiries, the sender’s IP, the user-agent, the resource, and the type of inquiry. This data is stored for 7 days by default.

b. Physical and internal protective measures

  • The Digitevent offices are physically protected by an armored door and an alarm system.
  • Each employee personally commits to a confidentiality and data protection chart.
  • The various accesses supplied to the Digitevent team will be adapted to the business needs and periodically reassessed, including when some team members leave the team or when the team welcomes new members.
  • The Digitevent team members’ personal computers are protected by unique passwords. The use of a password management system to encrypt all employees’ passwords and impose the use of a unique password for each of the services used is compulsory.
  • Storage or exchange of Personal Data by employees is prohibited.

c. Retention period

  • If you are an Organizer

We may store your Personal Data as long as you are registered to use the Service. You can close your account by contacting us. We can however not store Personal Data for a period longer than the duration authorized or required by the current legislation.

  • If you are an Attendee

Your personal data will be automatically destroyed 15 monts after the completion of the event you were linked to. This period is increased to 10 years should there be payment and invoicing information, in order to comply with regulations. Please note that the Organizer may bring this storage period forward by default by choosing to extend the Data storage or delete them at the moment of his choosing.

Should we delete your Personal Data, this data may, for legal reasons or for legitimate and commercial and legal reasons, remain on saving or storage devices for an additional period of 60 days.

d. Data partitioning

Digitevent ensures the separation of data through logical (application) partitioning.

V. Notification regarding data incidents

Whether we act as a data controller or processor, we will notify the affected Organizer directly, as he will be the entity in the best position to contact the individual quickly following an incident involving non-authorized access to the said individual’s Personal Data. This notification will be sent within 72 hours of such incident being brought to our attention.

VI. Use and disclosure of Personal Data

The EU regulations on the protection of data distinguish between organizations that process Personal Data for their own needs (called “Data Controller”) and organizations that process Personal Data for other organizations’ account (called “Data Processors”). Should you have a question or complaint regarding the manner in which your Personal Data is managed, always address them to the relevant Data Controller as he is the main party responsible for your Personal Data.

According to the circumstances, Digitevent may act either as Data Controller or as Data Processor towards your Personal Data:

1. Use of Data by Digitevent

When you open an Organizer account, Digitevent becomes a Data Controller of the Personal Data you supply under your account. We will also control the Personal Data we obtained through the use of the Service.

The Personal Data will be used to allow access and usage of the Service, for example, to help Organizers to connect to the service, communicate with the Organizers, improve the Service, for in-house business purposes, take action against wrongful acts, enforce our Conditions of Use, manage your account and offer a service to Organizers, etc.

When compliant with your personal preferences, we may use your Personal Data to contact you for our marketing and advertising needs, including and without limitation to inform you about the Service. You may unsubscribe from these communications by clicking on the “Unsubscribe” button at the bottom of the emails or by sending a message to support@digitevent.com.

We are not in the business of selling Personal Data. We consider information to be the main pillar of our trust relationship with our customers. We will therefore not sell Participants’ Personal Data to third parties (advertisers…). Some Organizers’ Personal Data might sometimes be part of a very focused business operation, for example within a strategic partnership.

Nevertheless, we may buy or sell assets as part of our business development. In this case (or similar case) you accept that any of Digit Event’s successor, purchaser, parent, associated company, or branch will retain the right to use your Personal Data and other information in compliance with the terms of this Privacy Policy.

We may share some Personal Data with sub-processors and subcontractors that may have to, from time to time, process some Personal Data on behalf of Digitevent. These companies include database service providers, saving and recovery service providers, email, and other service providers. When we contract/outsource another company to perform such duties, we are extremely cautious as to their compliance with GDPR, international data transfer regulations, and generally their policy on Personal Data management. List of our data sub processors

2. Use of data by Organizers

When you use the Service as a Participant or Guest at an event, we process your Personal Data to help the Organizer manage the event. As Data Processor, we provide them the Data collected. Digitevent supplies the Organizer with “tools” and does not make any decision as to the Personal Data to request and is not responsible for the continued accuracy of the Personal Data supplied. Any questions you may have regarding your Personal Data and your rights must thus be addressed to the Organizer as Data Controller and not to Digitevent. An Organizer may, in some cases, designate a third party – associated with the Organizer or not – to create an event or fundraising page for his account.

We are not responsible for this Organizer or their third-party Organizer's actions regarding your Personal Data, including when they are used through the tools offered by the Service. It is important that you scrutinize the Organizer's current policies (or, if available, to the designated third parties) regarding an event prior to supplying Personal Data through the Service.

We authorize the Organizers to use our tools to communicate with the Participants via email and SMS’s we send them for in their name. If you registered for an event on the Service, your email is made available to the relevant Organizer. The Organizers may also import emails from external sources. The Organizer, not Digitevent, is in charge of these mailings. The Organizers are bound to use our email tools exclusively in compliance with the current legislation. Digitevent supplies an “Unsubscribe” link in each email to enable the Participants or Guests to unsubscribe from the communications regarding a specific event.

Communications are not only marketing – they may also be relevant to the transaction (example: your ticket or registration confirmation). You will still receive these transactional emails regardless of your subscription choice. The only way to stop receiving these messages is to contact Digitevent.

3. Legal requirements

We may disclose your Personal Data to comply with a legal requirement:

  • to obey a subpoena or upon request from the public authorities regarding a national security matter or to comply with the law;
  • or should we believe in good faith that such action is necessary to protect or defend our rights, assets, or the rights or assets of third parties; to protect the Services users or the public’s personal security in an emergency.

VII. Access and data modification

You may request to access, correct, or remove any Personal Data concerning you. However, should you be an attendee even if, at your request, Digitevent deletes or anonymizes your Personal Data, your Personal Data may still be available in the Organizer’s database should it have been downloaded by the Organizer prior to its suppression or anonymatization.

VIII. Modifications to this Privacy Policy

Changes and developments in the Service and our activities may impose certain changes to be made to this Privacy Policy. We reserve the right to, at our sole discretion, to update or modify this Privacy Policy at any given time. The Modifications will require a change of the "Updated On" date at the top of this Privacy Policy. Under certain circumstances, Digitevent may, without being bound to, supply an additional notice of these Modifications via email. A Modification will become effective thirty (30) days following the "Updated On" date or at any other date stated.

Please consult this Privacy Policy periodically before you give any Personal Data. Your continuous use of the Services following the implementation of any Modification to this Privacy Policy is deemed as compliance to these Modifications. Should any Modification to this Privacy Policy not be acceptable to you, you must stop browsing and using the Services.

IX. Disputes & Questions

We acknowledge and answer all requests in agreement with the current legislation. You may contact us through the address stated in our legal notice or via email at info@digitevent.com.