Privacy Policy & Data Protection Terms and Conditions

Updated on 08/06/2018

  1. Who are we?

Digitevent develops a “Service” that, on behalf of “Organizers”, allows non-exclusive event planning websites, “Participant” (or “Guest”) database management, ticketing and access control of Participants at events. The Service is edited by Digitevent, 62 Rue de Rennes 75006, Paris, France (see Legal Notice).

  1. Importance of data confidentiality

Aware of the critical importance of data confidentiality, Digit Event is strongly committed to protect personal data in compliance with the current regulations (especially Directive 95/46/CE regarding data protection (as transposed in the national legislation of Member States) and the General Data Protection Regulation (GDPR).

This privacy policy may change according to the legal and regulatory environment. The GDPR applicable since the 25th of May 2018 aims at implementing standardized rules regarding data protection in the EU. Although the basic principle is based on pre-existing rules, the GDPR broadens the scope of application and requires more binding standards as well as sanctions in case of non-compliance. The GDPR imposes on us to publish the legal grounds we base ourselves on to process your personal data. These legal grounds are typically the following:

  • You gave consent;
  • It is required by our contractual relationship;
  • The processing is necessary to allow us to fulfil our legal or regulatory obligations; and/or
  • The processing is in our legitimate interest as event planning and ticketing platform (e.g. To protect our systems’ safety and integrity and offer you client services etc.)

  1. Implementation of our Privacy Policy

This Privacy Policy includes important information regarding your “Personal Data”. It states our policy regarding information that may be associated or linked to an individual in particular and/or may be used to identify a person (“Personal Data”) and collected from “Organizers” or “Participants”.

The “Non-Personal Data” used in this Privacy Policy is thus any information not associated with a person and/or that may not be used to identify a person. The limits and requirements of this Privacy Policy regarding our collection, use, communication, transfer and storage/saving of Personal Data are not applicable to Non-Personal Data. We may associate this Non-Personal Data to your Personal Data, in which case we will process this combined Data as Personal Data until they can no longer be associated with or identify you. Similarly, when Personal Data is aggregated, it becomes Non-Personal Data.

  1. Collected Personal Data

  1. Regarding the “Organizers”

We collect the data supplied when you register with the Service or when we correspond within the scope of business / support related / questionnaire related matters. Some data may also be obtained from third parties. This personal information contains and is not limited to your name, first name, email address, invoicing information.

  1. Regarding the “Participants” (or “Guests”)

Organizers may setup registration pages aimed at collecting all the information required on Participants within the scope of the registration to the Organizer’s vent. Digitevent does not control the Organizer’s registration process or the Personal Data he collects.

  1. For all Organizers and Participants

We may also collect some technical data automatically sent by computers using the Service (for example, and not limited to: information regarding your access device, your browser or IP).

  1. Exclusions

  • We do not deliberately collect Personal Data from children under thirteen (13) years. Should you be less than thirteen (13) years old, please do not submit any Personal Data through the Service.

  • This Privacy Policy only applies to Digitevent’s Service. The Service may contain links to other not operated or controlled by us (e.g. By the Organizer) on which this Privacy Policy is not applicable.

  1. Data storage

The Personal and Confidential Data are hosted on the Amazon Web Service servers located in the European Union. Some may also be stored by third parties we transferred them to in accordance with this Privacy Policy. We take all steps we deem reasonable to protect the Personal Data collected through the Service against any loss, wrongful use, unauthorized access, accidental disclosure, modification and destruction. No network, server, database or internet or email transmission is however ever completely secure or free of errors.

  1. Technical protective measures

  • All communication regarding the service is effected through HTTPS / SSL.
  • Organizers and Digitevent team’s passwords must follow a specific format (minimum 8 characters with numbers and capital). They are also encrypted as a database therefore not searchable by the Digitevent team members.
  • An advanced server logging system has been implemented. This system records: the time of the enquiries, the sender’s IP, the user-agent, the resource and type of enquiry. This data is stored for 7 days by default.

  1. Physical and internal protective measures

  • The Digitevent offices are physically protected by an armored door and an alarm system.
  • Each employee personally commits to a confidentiality and data protection chart.
  • The various accesses supplied to the Digitevent team will be adapted to the business needs and periodically reassessed, including when some team members leave the team or when the team welcomes new members.
  • The Digitevent team members’ personal computers are protected by unique passwords. The use of a password management system to encrypt all employees’ passwords and impose the use of a unique password for each of the services used is compulsory.
  • Storage or exchange of Personal Data by employees is prohibited.

  1. Retention period

  • If you are an Organizer

We may store your Personal Data as long as you are registered to use the Service. You can close your account by contacting us. We can however not store Personal Data for a period longer than the duration authorized or required by the current legislation.

  • If you are a Participant

Your personal data will be automatically destroyed 1 year after the completion of the event you were linked to. This period is increased to 3 years should there be payment and invoicing information, in order to comply with regulations. Please note that the Organizer may bring this storage period forward by default by choosing to extend the Data storage or delete them at the moment of his choosing.

Should we delete your Personal Data, this data may, for legal reasons or for legitimate and commercial and legal reasons, remain on saving or storage devices for an additional period of 60 days.

  1. Notifications regarding data incidents.

Whether we act as data controller or processor, we will notify the affected Organizer directly, as he will be the entity in the best position to contact the individual quickly following an incident involving a non-authorized access to the said individual’s Personal Data. This notification will be sent within 72 hours of such incident being brought to our attention.

  1. Use and disclosure of Personal Data

The EU regulations on the protection of data distinguishes between organizations that process Personal Data for their own needs (called “Data Controller”) and organizations that process Personal Data for other organizations’ account (called “Data Processors”). Should you have a question or complaint regarding the manner in which your Persona Data are managed, always address them to the relevant Data Controller as he is the main party responsible for your Personal Data.

According to the circumstances, Digitevent may act either as Data Controller or as Data Processor towards your Personal Data:

  1. Use of Data by Digitevent

When you open an Organizer account, Digitevent becomes Data Controller of the Personal Data you supply under your account. We will also control the Personal Data we obtained through the use of the Service.

The Personal Data will be used to allow access and usage of the Service, for example to help Organizers to connect to the service, communicate with the Organizers, improve the Service, for in-house business purposes, take action against wrongful acts, enforce our Conditions of Use, manage your account and offer a service to Organizers etc.

When compliant with your personal preferences, we may use your Personal Data to contact you for our marketing and advertising needs, including and without limitation to inform you about the Service. You may unsubscribe from these communications by clicking on the “Unsubscribe” button at the bottom of the emails or by sending a message to [email protected].

We are not in the business of selling Personal Data. We consider this information to be a crucial part of our relationship with you. We will therefore not sell Participants’ Personal Data to third parties (advertisers…). Some Organizers’ Personal Data might sometimes be part of a very focused business operation, for example within a strategic partnership.

Nevertheless, we may buy or sell assets as part of our business development. In this case (or similar case) you accept that any of Digit Event’s successor, purchaser, parent, associated company or branch will retain the right to use your Personal Data and other information in accordance with the terms of this Privacy Policy.

We may share some Personal Data with sub processors and subcontractors that may have to, from time to time, process some Personal Data on behalf of Digitevent. These companies include database service providers, saving and recovery service providers, email and other service providers. When we contract another company to perform such duties, we are extremely cautious as to their compliance to GDPR, international data transfer regulations and generally their policy on Personal Data management. Our data subprocessing providers: Amazon Web Service (Europe), Pipedrive, Sendgrid, Gatewayapi, Google analytics, Mangopay.

  1. Use of data by Organizers

When you use the Service as a Participant or Guest to an event, we process your Personal Data to help the Organizer manage the event. As Data Processor, we supply them with the Data collected. Digitevent supplies the Organizer with “tools” and does not make any decision as to the Personal Data to request and is not responsible for the continuous accuracy of the Personal Data supplied. Any questions you may have regarding your Personal Data and your rights must thus be addressed to the Organizer as Data Controller and not to Digitevent. An Organizer may, in some cases, designate a third party – associated to the Organizer or not – to create an event or fundraising page for his account.

We are not responsible for these Organizers or their third-party Organizers’ actions regarding your Personal Data, including when they are used through the tools offered by the Service. It is important that you scrutinize the Organizers’ current policies (or, if available, of the designated third parties) regarding an event prior to supplying Personal Data through the Service.

We authorize the Organizers to use our tools to communicate with the Participants via the emails and SMS’s we send them for in their name. If you registered for an event on the Service, your email is made available to the relevant Organizer. The Organizers may also import emails from external sources. The Organizer, not Digitevent, is in charge of these mailings. The Organizers are bound to use our email tools exclusively in compliance with the current legislation. Digitevent supplies an “Unsubscribe” link in each email to enable the Participants or Guests to unsubscribe from the communications regarding a specific event.

Communications are not only marketing – they may also be relevant to the transaction (example: your ticket or registration confirmation). You will still receive these transactional emails regardless of your subscription choice. The only way to stop receiving these messages is to contact Digitevent.

  1. Legal requirements

We may disclose your Personal Data to comply with a legal requirement:

  • to obey a subpoena or upon request from the public authorities regarding a national security matter or to comply with the law;
  • or should we believe in good faith that such action is necessary to protect or defend our rights, assets or the rights or assets of third parties; to protect the Services users or the public’s personal security in an emergency.

  1. Access and modification of data

You may request to access, correct or remove any Personal Data concerning you. However, should you be a participant, even if, at your request Digitevent deletes or anonymizes your Personal Data, your Personal Data may still be available in the Organizer’s database should it have been downloaded by the Organizer prior to its deletion or anonymization.

  1. Modifications to this Privacy Policy

Changes and developments in the Service and our activities may impose certain changes to be made to this Privacy Policy. We reserve the right to, at our sole discretion, update or modify this Privacy Policy at any time. The Modifications will require a change of he “Updated On” date at the top of this Privacy Policy. Under certain circumstances, Digitevent may, without being bound to, supply an additional notice of these Modifications via email. A Modification will become effective thirty (30) days following the “Updated On” date or at any other date stated.

Please consult this Privacy Policy periodically before you give any Personal Data. Your continuous use of the Services following the implementation of any Modification to this Privacy Policy is deemed and acceptance of these Modifications. Should any Modification to this Privacy Policy not be acceptable to you, you must stop browsing and using the Services.

  1. Disputes & Questions

We acknowledge and answer all requests in accordance with the current legislation. You may contact us through the postal address stated in our legal notice or via email at [email protected]