This Privacy Policy applies to Organisations using Accredion. In case an Organisation provides its own Privacy Policy/Notice to its individual Users, the respective policy applies for its individual Users instead. The Organisation’s Privacy Policy/Notice can be found on the organisation’s event overview page. In case an Organisation does not provide a Privacy Policy/Notice, the below policy applies for its individual Users.

Privacy Policy

We take your privacy extremely seriously and expect the same from the event organisers using Accredion. This Privacy Policy explains what personal data we collect and store, how we use and why. It also explains your rights in relation to your personal data.

If you have any questions or comments, or if you want to update, delete, or change any of your personal data, or you have a concern about the way in which we have handled any privacy matter, please send us an email at [email protected] or send a letter to:

Accredion
Koivistokade 56
1013 BB Amsterdam
The Netherlands

In this Privacy Policy, we refer to Accredion as “we”, “us” or “the Website”. When we refer to “you”, we mean the User or Organiser who uses Accredion.

About the personal data we collect

Voluntarily provided data: Information you voluntarily provide to us and, through us, the event organiser in relation to Accredion.

Automatically provided data: Your IP-address.

Usage of the Service: Via Google Analytics, we collect data about your usage of the Accredion. We have access to that data in anonimised form. The Website installs cookies on the your device. These cookies are essential to the performance and functionality of Accredion. Without these cookies, certain functionality may become unavailable.

Error reports: Via Sentry, we collect reports in case of errors that occur while using Accredion. Our error reports contain your IP address and email address.

About the way we store your personal data

How and where we store your data: We store personal data on servers of our suppliers, in accordance with the security measures and under the conditions described in our Terms of Use. Data is stored on servers within the European Union.

How we treat backups: To secure the reliability of the Service, we make backups on a regular basis, including a snapshot of all personal data. These backups are being stored up to 90 days, after which they are removed. A recovered backup may contain personal data that was originally removed by you as User/Organiser. In the unlikely event a backup is being recovered, we will inform you within 48 hours of the recovery, so you can review their personal data.

About the way your personal data is being used

To provide the Service: We use your personal data in order to provide the Service as described on the Website, e.g. to empower the Organiser to review your application for accreditation, to produce the badge and to facilitate event security, such as access control to the event venue.

To provide logs: To ensure event organisers stay on stop of their accreditation, and thus event security, Accredion provides logs of how your application is being treated. We give event organisers insight into when your application was submitted, when it was reviewed and when changes were made to your application or its status. Logs are being kept until 90 days after the event, after which they are being deleted.

To send you relevant information about Accredion: We may use your personal data to send you information about Accredion, scheduled maintenance, new features, changes in the Terms of Use and Privacy Policy, surveys and any background information we deem relevant for you in order to provide the best possible experience in using Accredion.

To bill paying Organisers: We use personal data of paying Organisers to facilitate the billing process.

To provide support: We use personal data to provide you with support, e.g. to reply to questions or provide solutions to problems you may have experienced. In case you send us a support email, that email will be handled through the Groove support desk system.

To be compliant with the law: We collect and store personal data when that is required to comply with the law, e.g. financial transactions between you and Accredion, which must be kept for seven years in accordance with relevant tax legislation.

About the way your personal data is being protected

Data protection: We implement appropriate and reasonable security measures to protect your personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and/or organisational measures.

Credit card processing: Our credit card processing partner uses industry-standard security measures to protect your personal data both during the transaction and after it is complete.

Account access: Using Accredion require a username and password to log in to an access account. You must keep your username and password secure, and never disclose it to a third party. Account passwords are encrypted, which means we do not store, nor can see your password. We therefore cannot resend forgotten passwords either, but only reset them for you.

Your rights and obligations

Right to access: We are committed to providing you with digital access to all of your personal data we possess.

Right to be forgotten: We provide you with the possibility to digitally request the removal of all of personal data we have on record. Upon your request, we will remove your data as soon as possible and within 30 days. Personal data stored in backups will be kept no longer than 90 days. Personal data stored in logs will be kept no longer than 90 days after the event. Data we must keep in order to comply with legal obligations will be kept for as long as Dutch law requires.

Our rights and obligations

Reporting data breaches: We will, in case of a security breach and/or data leak, inform you and relevant supervisory authority within 72 hours of us becoming aware of such breach or leak, in accordance with the European Union’s General Data Protection Regulation.

Data transfer to authorities: We reserve the right to transfer your personal data to the relevant authorities upon the authority’s explicit request, as long as such data is being used specifically and exclusively to serve the interest of safety and security. We will inform the Organiser of such data transfer upfront. It is the sole responsibility of the Organiser to inform you of such data transfer.

Data transfer to badge producers and/or event access control providers: We reserve the right to transfer your personal data to a third-party producer of badges and/or event access control providers upon the Organiser’s explicit request, as long as that data is being used specifically and exclusively for that purpose. We will inform Organiser of such data transfer upfront. It is the sole responsibility of the Organiser to inform you of such data transfer.

Change of ownership: We may transfer your data in the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this Privacy Policy. We will notify you of a change of ownership by email or posting a notice on the Website.

Other data transfers: Unless for the aforementioned purposes, the Organiser shall not transfer your data from Accredion to any external platform or device without your explicit permission.

Compliance: We reserves the right to store your personal data, even after you requested the removal of that data, in order to comply with legal obligations.

Latest update: 17 October 2018