Legal
Privacy policy
Last updated: 22 December 2021
Introduction
This Policy details our commitment to protecting the privacy of individuals who:
- visit our Websites (defined below) (‘Website Visitors’) or individuals who request us to contact them via our online web forms;
- who register to use the products and services which we market for subscription available at www.attendzen.io (the ‘Service(s)’); or
- attend or register to attend webinars, sponsored events or other events at which the AttendZen participates (‘Attendees’).
For the purposes of this Policy, the term ‘Websites’ shall refer collectively to www.attendzen.io as well as the other websites that AttendZen operates and that link to this Policy. This Policy describes how AttendZen collects, uses, shares and secures the personal data that you provide. It also describes your choices regarding use, access and correction of your personal data.
Scope of This Policy
When this Policy applies
This Policy applies to our corporate marketing Website www.attendzen.io as well as the other websites that AttendZen operates and that link to this Policy.
When this Policy does not apply – Third party websites
Our Websites may contain links to other websites. The information practices and the content of such other websites are governed by the privacy statements of such other websites. We encourage you to review the privacy statements of any such other websites to understand their information practices.
When this Policy does not apply – Service Data
With the exception of Account Information (as defined below) and other information we collect in connection with your registration or authentication into our Services, this Policy does not apply to our security and privacy practices in connection with electronic data, text, messages, communications or other materials submitted to and stored within the Services by you (‘Service Data’). Service Data security and privacy practices are detailed in and governed by our Master Subscription Agreement, or such other applicable agreement between you and AttendZen relating to your access to and your use of such Services (collectively referred to as the ‘Service Agreement’).
Subscribers to our Services are solely responsible for establishing policies for, and ensuring compliance with, all applicable laws and regulations, as well as any and all privacy policies, agreements or other obligations, relating to the collection of personal data in connection with the use of our Services by individuals (also referred to as ‘data subjects’) with whom our Subscribers interact.
We collect information under the direction of our Subscribers, and have no direct relationship with individuals whose personal data we process in connection with our Subscriber’s use of our Services. The use of information collected through our Services shall be limited to the purpose of providing the service for which Subscribers have engaged AttendZen. If you are an individual who interacts with a Subscriber using our Services (such as an attendee at one of our Subscriber’s events or a customer of one of our Subscribers) and require assistance or would either like to amend your contact information or no longer wish to be contacted by one of our Subscribers that use our Services, please contact the Subscriber that you interact with directly.
Information That You Provide to Us
Account and Registration Information
We ask for and may collect personal data about you such as your name, address, phone number, email address, instant messaging ID, and credit card information, as well as certain related information like your company name and website name, when you register for an account to access or utilise one or more of our Services (an ‘Account’). We also ask for and collect personal data such as an email address and a name or alias from any individual that you authorise to log into and utilise our Services in connection with Your Account (a ‘User’ as defined in the Service Agreement). We base the processing of your personal data on our legitimate interest, to provide you with the necessary functionality during your use of our Service(s).
If you sign-up for a free trial Account, you are not required to enter your credit card information unless and until you decide to continue with a paid subscription to our Services. A third-party intermediary is used to manage credit card processing. This intermediary is not permitted to store, retain, or use your billing information for any purpose except for credit card processing on our behalf.
We refer to any information described above as ‘Account Information’ for the purposes of this Policy. By voluntarily providing us with Account Information, you represent that you are the owner of such personal data or otherwise have the requisite consent to provide it to us.
Other Submissions
We ask for and may collect personal data from you when you submit web forms on our Websites or as you use interactive features of the Websites, including: participation in webinars, surveys, contests, promotions, sweepstakes, requesting customer support, or otherwise communicating with us. We process your personal data to perform our contract with you for the use of our websites and the Service(s) and to fulfil our obligations under the Service Agreement to you; where we have not entered into the Service Agreement with you, we base the processing of your personal data on our legitimate interest to operate and administer our websites and to provide you with the content you access and request.
Attendee Information
We ask for and may collect personal data such as your name, address, phone number and email address when you register for or attend a sponsored event or other events at which AttendZen participates, in order to facilitate your registration or attendance at an event, including sending related communications to you.
Mobile Application
When you download and use our Services, we automatically collect information such as the type of device you use, the operating system version of the device, the cellular carrier facilitating connection to the mobile application, and the country the connection is arising from, to perform our obligations under our Master Subscription Agreement with our Subscribers.
Information That We Collect from You on our Websites
Cookies and Other Tracking Technologies
We and our authorised partners may use cookies and other information gathering technologies for a variety of purposes. These technologies may provide us with personal data, information about devices and networks you utilise to access our Websites, and other information regarding your interactions with our Websites. For detailed information about the use of cookies on our Websites and how to manage your cookie settings, please read and review our Cookie Policy found here.
We may use web beacons, tags and scripts on our Websites or in email or other electronic communications we send to you. These assist us in delivering cookies, counting visits to our Websites, understanding usage and campaign effectiveness and determining whether an email has been opened and acted upon. We may receive reports based on the use of these technologies by our third-party service providers on an individual and aggregated basis.
We may use cookies and browser local storage for content information and preferences. Browsers offer their own management tools for removing this. Third parties with whom we partner to provide certain features on our Websites or to display advertising based upon your Web browsing activity may use cookies and browser local storage to store information.
Logs
As with most websites and services delivered over the Internet, we gather certain information and store it in log files when you interact with our Websites and Services. This information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your devices, your mobile carrier, and system configuration information. Occasionally, we connect personal data to information gathered in our log files as necessary to improve our Websites and Services. In such a case, we would treat the combined information in accordance with this Policy.
Analytics
We collect analytics information when you use the Websites to help us improve them, including through the use of cookies. We may also share aggregated and/or anonymised data about your actions on our Websites with third-party service providers of analytics services. We also use mobile analytics software to allow us to better understand the functionality of our mobile versions of our Services on your mobile device. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.
Information Collected from Other Sources
Social Media Widgets
The Websites include social media features, such as the ‘Facebook Like’ button, and widgets, such as the ‘Share This’ button or interactive mini-programs that run on our Websites. These features may collect your Internet protocol address, which page you are visiting on the Websites, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on the Websites. Your interactions with these features are governed by the privacy statement of the companies that provide them.
Information from Services Provided by Third Parties
We may also obtain other information, including personal data, from third parties and combine that with information we collect through our Websites. For example, we may have access to certain information from a third-party social media or authentication service if you log into our Services through such a service or otherwise provide us with access to information from the service. Any access that we may have to such information from a third-party social media or authentication service is in accordance with the authorisation procedures determined by that service. If you authorise us to connect with a third party service, we will access and store your name, email address(es), current city, profile picture URL, and any other personal data that the third-party service makes available to us, and use and disclose it in accordance with this Policy. You should check your privacy settings on these third-party services to understand and change the information sent to us through these services. For example, you may choose to log in to the Services using single sign-in services such as Facebook Connect or an Open ID provider.
These single sign-on services will authenticate your identity, provide you with the option to share certain personal data (such as your name and email address) with us, and pre-populate our sign-up form. Services like Facebook Connect give you the option to post information about your activities in the Services to your profile page to share with others within your network.
How We Use Information that We Collect
General Uses
We may use the information we collect about you (including personal data, to the extent applicable) in order to perform our obligations under our Service Agreement with you and on the basis of our legitimate interest including to (a) provide, operate, maintain, improve, and promote the Websites and the Services; (b) enable you to access and use the Websites and the Services; (c) process and complete transactions, and send you related information, including purchase confirmations and invoices; (d) send transactional messages, including responses to your comments, questions, and requests; provide customer service and support; and send you technical notices, updates, security alerts, and support and administrative messages; (e) send promotional communications, such as providing you with information about products and services, features, surveys, newsletters, offers, promotions, contests, and events; and provide other news or information about us and our partners (you can opt-out of receiving marketing communications from us by following the unsubscribe instructions included in our marketing communications); (f) process and deliver contest or sweepstakes entries and rewards; (g) monitor and analyse trends, usage, and activities in connection with the Websites and Services and for marketing or advertising purposes; (h) investigate and prevent fraudulent transactions, unauthorised access to the Websites and the Services, and other illegal activities; (i) personalise the Websites and Services, including by providing features or advertisements that match your interests and preferences; and (j) for other purposes for which we obtain your consent.
Legal basis for processing (EEA visitors only)
If you are a visitor from the European Economic Area (‘EEA’), our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it.
However, we will normally collect personal data from you only where we need the personal data to perform a contract with you (e.g. to provide you with our Services), where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms, or where we have your consent. In some cases, we may also have a legal obligation to collect personal data from you.
If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory or not (as well as of the possible consequences if you do not provide your personal data).
Similarly, if we collect and use your personal data in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time why we need to use your personal data. If we process personal data in reliance on your consent, you may withdraw your consent at any time.
If you have questions about, or need further information concerning, the legal basis on which we collect and use your personal data, please contact us using the contact details provided under the ‘Contact Us’ section below.
Sharing of Information Collected
Third-Party Service Providers
We share information, including personal data, with our third-party service providers that we use to provide hosting for and maintenance of our Websites, application development, backup, storage, payment processing, analytics and other services for us. These third-party service providers may have access to or process your personal data for the purpose of providing these services for us. We do not permit our third-party service providers to use the personal data that we share with them for their marketing purposes or for any other purpose than in connection with the services they provide to us.
We may also share aggregated and/or anonymized information regarding your use of the Services with third parties for marketing purposes based on our legitimate interest to develop and promote Service(s). However, we would never identify you or your Users as the source of the information.
We may collect, and we may engage third-party analytics providers to collect, metrics and information regarding your use of the Service, including evaluating how Users use the Service (‘Usage Data’), to develop new features, improve existing features or inform sales and marketing strategies, based on our legitimate interest to improve the Services. When we process Usage Data, any personal data shall be anonymised. Any such third-party analytics providers will not share or otherwise disclose Usage Data, although we may make Usage Data publicly available from time to time.
Compliance with Laws and Law Enforcement Requests; Protection of Our Rights
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may disclose personal data to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Service Agreement, or as otherwise required by law.
Testimonials
From time to time, we may post testimonials on the Websites that may contain personal data. We always obtain your consent to post your name along with your testimonial. If you wish to update or delete your testimonial, you can contact us at [email protected].
If you choose to use our referral service to tell a friend about our products and services, we will ask you for your friend’s name and email address. You must only provide your friend’s name and email address if you have a reasonable belief they will not object to us contacting them. If you do, we will automatically send your friend an email inviting him or her to visit the Websites and will store this information for the purpose of sending this initial email, tracking the success of our referral program and other marketing activities. Your referral may contact us at [email protected] to request that we remove their information from our database.
Community Forums
The Websites may offer publicly accessible blogs, community forums, comments sections, discussion forums, or other interactive features (‘Interactive Areas’). You should be aware that any information that you post in an Interactive Area might be read, collected, and used by others who access it. To request removal of your personal data from an Interactive Area, contact us at [email protected]. In some cases, we may not be able to remove your personal data, in which case we will let you know if we are unable to do so and why.
To Market our Services
We may share information, including personal data, with our channel partners, solely for the purpose of enabling our channel partners to notify you about our Services. AttendZen requires its channel partners to provide an opt-out option within its communications to you. By opting out, you are opting out of receiving future communication from our channel partner.
With Your Consent
We may also share personal data with third parties when we have your consent to do so.
International Transfer of Personal Data
We do not share your personal data with third parties, unless it is necessary to carry out your request, for our professional or legitimate business needs, or as required or permitted by law. Where we do transfer your personal data to third parties or service providers, appropriate arrangements will be made in order to ensure correct and secure data processing in compliance with applicable data protection law.
We store personal data about Website Visitors and Subscribers within the EEA, the United States and in other countries and territories. To facilitate our global operations, we may transfer and access such personal data from around the world, including from other countries in which AttendZen has operations. Therefore, your personal data may be processed outside of the EEA and in countries which are not subject to an adequacy decision by the European Commission and which may not provide for the same level of data protection as the EEA.
In this event, we will ensure that the recipient of your personal data offers an adequate level of protection, for instance by entering into standard contractual clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR), or we will ask you for your prior consent to such international data transfers.
We have implemented safeguards to ensure an adequate level of data protection where your personal data is transferred to countries outside the EEA, such as:
- the recipient country has an adequacy decision from the European Commission;
- the European Commission’s Standard Contractual Clauses for the transfer of personal data;
- AttendZen has Binding Corporate Rules in place which guarantee an adequate level of data protection wherever your data is physically kept.
Other Important Privacy Information
Notice to End-Users
Our Services are intended for use by enterprises. Where our Services are made available to you through a Subscriber of ours, that enterprise is the data controller of your personal data. Your data privacy questions and requests should initially be submitted to the AttendZen Subscriber in its capacity as your data controller. AttendZen is not responsible for our Subscribers’ privacy or security practices which may be different than this Policy.
AttendZen’s Subscribers are able to:
- restrict, suspend or terminate your access to the Services;
- access and describe your personal data that you provided to them;
- access and export your personal data processed by them; and
- amend your personal data, including your end-user profile.
Data retention
Where AttendZen is the data controller of personal data (for example, personal data relating to Website Visitors, Attendees and individuals who register to use our Services), then we retain the personal data we collect where we have an ongoing legitimate business need to do so (for example, to provide you with our Services, to enable your participation in an event, and to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business need to process your personal data, we will either delete or aggregate it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
If your personal data is processed within a Subscriber’s Service Data, we will process the personal data for as long as we are instructed to do so by the relevant Subscriber that is the data controller of the Subscriber Service Data.
How to Exercise Your Data Protection Rights
You have certain choices available to you when it comes to your personal data. Below is a summary of those choices, how to exercise them and any limitations.
Correcting, updating and removing your information
An individual who seeks to exercise their data protection rights in respect of personal data stored or processed by us on behalf of a Subscriber of ours within the Subscriber’s Service Data (including to seek access to, or to correct, amend, delete, port or restrict processing of such personal data) should direct his/her query to our Subscriber (the data controller). Upon receipt of a request from one of our Subscribers for us to remove the personal data, we will respond to their request within thirty (30) days. We will retain personal data that we process and store on behalf of our Subscribers for as long as needed to provide the Services to our Subscribers.
Accessing and updating or deleting your information
Our Services give Subscribers and their Users the ability to access, update and delete certain personal data from within the Service. For example, you can access your User profile and make updates to your personal data. In cases where we act as the data controller of your personal data, we will provide you with information about whether we hold any of your personal data upon request. We will respond to such requests within a reasonable timeframe. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.
Deactivating your user profile
If you no longer wish to use our Services, AttendZen’s Subscriber may be able to deactivate your User account. First, please contact AttendZen’s Subscriber with your request. If you are an AttendZen Subscriber and are unable to deactivate a User account through your administrator settings, contact AttendZen for support. Please be aware that deactivating your account does not delete your information; your information remains visible to other Service users based on your past participation within the Services.
Request that we stop using your information
You may request that your personal data no longer be accessed, stored, used and otherwise processed where you believe that an AttendZen Subscriber or AttendZen do not have the appropriate rights to do so. For example, if you believe a Services account was created for you without your permission or you are no longer an active user, you can request that we delete your account as provided in this Policy. Where you gave us consent to use your personal data for a limited purpose, you can contact us to withdraw that consent. You can also opt-out of our use of your personal data for marketing purposes by contacting us, as provided below. When you make such requests, we may need time to investigate and facilitate your request. Please note that a User of an AttendZen Subscriber should first contact AttendZen’s Subscriber with a request to stop access, storage, use of personal data. If there is delay or dispute as to whether we have the right to continue using your personal data, we will restrict any further use of your personal data until the request is honoured or the dispute is resolved, provided the AttendZen Subscriber does not object (where applicable).
Opt-out of communications
We offer those who provide personal contact information a means to choose how we use the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the ‘unsubscribe’ link located on the bottom of our marketing emails or you may send a request to [email protected]. You may opt-out of receiving promotional communications from us by using this unsubscribe link within each email. Even after you opt-out from receiving promotional messages from us, if you are a User, then you will continue to receive transactional messages from us regarding our Services. You can opt out of some notification messages in your account settings.
Other data protection rights
If you wish to exercise any other data protection rights that are available to you under your local data protection laws (such as the right to data portability or to data restriction) then please send your request to [email protected] and we will respond to your request in accordance with applicable data protection laws.
You have the right to complain to your local data protection authority if you are unhappy with our data protection practices.
Children’s Personal Data
We do not knowingly collect any personal data from children under the age of 16. If you are under the age of 16, please do not submit any personal data through our Websites or Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Policy by instructing their children never to provide personal data through the Websites or Services without their permission. If you have reason to believe that a child under the age of 16 has provided personal data to us through the Websites or Services, please contact us at [email protected], and we will use commercially reasonable efforts to delete that information.
Business Transactions
We may assign or transfer this Policy, as well as your account and related information and data, including any personal data, to any person or entity that acquires all or substantially all of our business, equity or assets, or with whom we merge. If we do, we will inform them of the requirement to handle your personal data in accordance with this Policy.
Supplemental Terms and Conditions for Certain Regions
Australia
Personal data collected, stored, used and/or processed by AttendZen, as described in this Policy, is collected, stored, used and/or processed in accordance with the Australian Privacy Act 1988 (Commonwealth) and the Australia Privacy Principles.
If you are dissatisfied with our handling of a complaint or do not agree with the resolution proposed by us, you may make a complaint to the Office of the Australian Information Commissioner (‘OAIC’) by contacting the OAIC using the methods listed on their website at http://www.oaic.gov.au. Alternatively, you may request that we pass on the details of your complaint to the OAIC directly.
Brazil
Personal data collected, stored, used and/or processed by AttendZen, as described in this Policy, is collected, stored, used and/or processed in accordance with Brazilian Law No. 13,709/2018, as amended (LGPD). Those individuals who use or access our Website or Services expressly consent to the collection, use, storage and processing of their personal data by us for the purposes described in this Policy.
Canada
Personal data (as the term is defined in the Personal Data Protection and Electronic Documents Act of Canada (‘PIPEDA’)) will be collected, stored, used and/or processed by AttendZen in accordance with AttendZen’s obligations under PIPEDA.
Japan
Personal data collected, stored, used and/or processed by AttendZen, as described in this Policy, is collected, stored, used and/or processed in accordance with Japan’s Act on the Protection of Personal Data.
New Zealand
Personal data collected, stored, used and/or processed by AttendZen, as described in this Policy, is collected, stored, used and/or processed in accordance with New Zealand’s Privacy Act 2020 and its 13 Information Privacy Principles (‘NZ IPPs’).
Singapore
Personal data collected, stored, used and/or processed by AttendZen, as described in this Policy, is collected, stored, used and/or processed in accordance with AttendZen’s obligations under the Personal Data Protection Act 2012 of Singapore.
United Kingdom
Personal data collected, stored, used and/or processed by AttendZen, as described in this Policy, is collected, stored, used and/or processed in accordance with AttendZen’s obligations under the Data Processing Act 2018.
AttendZen Supplemental Privacy Policy for California Residents
The California Consumer Privacy Act (‘CCPA’), which is effective as of January 1, 2020, regulates how we handle personal data of California residents and gives California residents certain rights with respect to their personal data.
AttendZen is both a ‘business’ and a ‘service provider’ under the CCPA. The following supplemental privacy policy applies to information we collect in our role as a business—this is when we interact directly with you.
When we act as a service provider (for example, by providing our services to another company that you interact with), we follow the instructions of the business that engaged us with respect to how we process your personal data. If you would like more information about how your personal data is processed by other companies, including companies that engage us as a service provider, please contact those companies directly.
This supplemental privacy policy is effective as of January 1, 2020, shall apply only to residents of California, and may be subject to change. The general privacy policy shall continue to apply to the extent that it applies to you as a resident of California. If you are a resident of California, we are required to disclose certain uses and disclosures in a certain format, as well as to inform you of certain rights you may have. Any capitalised terms used in this supplemental privacy policy shall have the same meaning as in the general privacy policy.
Information We May Collect
We may collect the following categories of information:
- Identifiers
- Demographic Information
- Commercial Information
- Internet or other electronic network activity information
- Geolocation data
- Audio, electronic, visual, or similar information
- Professional or employment-related information
For each category of information, we collect the information from a variety of sources, including directly from you, from your devices, from your social media profiles, and/or from third party providers. We collect the information to provide you with services, protect our customers and ourselves (including the services), and to improve the services. We do not share personal data with Third Parties as the term is defined under the CCPA.
Additional Disclosures
We do not sell personal data of any individual, including personal data of minors under 16 years of age.
We have disclosed the following categories of personal data for a business purpose in the 12 months prior to this Policy’s last update.
- Identifiers
- Demographic Information
- Commercial Information
- Internet or other electronic network activity information
- Geolocation data
- Audio, electronic, visual, or similar information
- Professional or employment-related information
- Inferences drawn from any of the above information.
We have not disclosed any personal data for valuable consideration in the 12 months prior to this Policy’s last update.
Your Rights
You may have certain rights with respect to your personal data, including:
- The right to access, including the right to know the categories and specific pieces of personal data we collect;
- The right to deletion of your personal data, subject to certain limitations under applicable law;
- The right to request disclosure of information collected;
- The right to disclosure of information disclosed for valuable consideration; and
- The right not to be discriminated against for exercising certain rights under California law.
To exercise these rights, please submit a request by emailing [email protected]. Please be as specific as possible in relation to the personal data you wish to access. Once we receive your request, we will review it, determine whether we can verify your identity, and process the request accordingly. If we need additional information to verify your identity, we will let you know. We will respond to your request within 45 days of receipt, or notify you if we require additional time.
If you would prefer, you may designate an authorised agent to make a request on your behalf.
Contact
If you have questions regarding this Policy or about AttendZen’s privacy practices, please contact us by email at [email protected], or at:
AttendZen Limited
3rd Floor
86–90 Paul Street
London
EC2A 4NE
United Kingdom
Changes to This Policy
This Policy may be updated from time to time to reflect changing legal, regulatory or operational requirements. We encourage you to periodically review this page for the latest information on our privacy practices.
If there are any material changes to this Policy, you will be notified by our posting of a prominent notice on the Websites prior to the change becoming effective.
If you do not accept any changes made to this Policy, please discontinue use of the Websites and the Services.
Contact Us
If you have questions or complaints regarding this Policy or about the AttendZen’s privacy practices, please contact us by email at [email protected], or at:
AttendZen Limited
3rd Floor
86–90 Paul Street
London
EC2A 4NE
United Kingdom
English Version Controls
Non-English translations of this Policy are provided for convenience only. In the event of any ambiguity or conflict between translations, the English version is authoritative and controls.