We take your privacy extremely seriously and expect the same from the event organisers using Accredion. This Privacy Notice explains what Personal Data we collect and store, how we use them and why. It also explains your rights in relation to your Personal Data.
If you have any questions or comments, or if you want to update, delete, or change any of your personal data, or you have a concern about the way in which we have handled any privacy matter, please send us an email at [email protected] or send a letter to:
1014 BS Amsterdam
In this Privacy Notice, we refer to Accredion as “we”, “us” or “the Website”. When we refer to “you”, we mean the User or Organiser who uses Accredion.
About the personal data we collect
Voluntarily provided data: Information you voluntarily provide to us and, through us, the Event Organiser in relation to Accredion.
Automatically provided data: Your IP-address.
Error reports: Via Sentry, we collect reports in case of errors that occur while using Accredion.
About the way we store your personal data
How we treat backups: To secure the reliability of the Service, we make backups on a regular basis, including a snapshot of all personal data. These backups are being stored up to 90 days, after which they are removed. A recovered backup may contain personal data that was originally removed by you as User/Organiser. In the unlikely event a backup is being recovered, we will inform you within 48 hours of the recovery, so you can review their Personal Data.
About the way your personal data is being used
To provide the Service: We use your personal data in order to provide the Service as described on the Website, e.g. to empower the Organiser to review your application for accreditation, to produce the badge and to facilitate event security, such as access control to the event venue.
To provide logs: To ensure event organisers stay on stop of their accreditation, and thus event security, Accredion provides logs of how your application is being treated. We give event organisers insight into when your application was submitted, when it was reviewed and when changes were made to your application or its status. Logs are being kept until 90 days after the event, after which they are being deleted.
To bill paying Organisers: We use personal data of paying Organisers to facilitate the billing process.
To provide support: We use personal data to provide you with support, e.g. to reply to questions or provide solutions to problems you may have experienced. In case you send us a support email, that email will be handled through the Groove support desk system.
To be compliant with the law: We collect and store personal data when that is required to comply with the law, e.g. financial transactions between you and Accredion, which must be kept for seven years in accordance with relevant tax legislation.
About the way your personal data is being protected
Data protection: We implement appropriate and reasonable security measures to protect your personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and/or organisational measures.
Credit card processing: Our credit card processing partner uses industry-standard security measures to protect your personal data both during the transaction and after it is complete.
Account access: Using Accredion as an Organiser requires a username and password to log in to an account. You must keep your username and password secure, and never disclose it to a third party. Account passwords are encrypted, which means we do not store, nor can see your password. We therefore cannot resend forgotten passwords either, but only reset them for you.
Your rights and obligations
Right to access: We are committed to providing you with digital access to all of your personal data we possess.
Right to be forgotten: We provide you with the possibility to digitally request the removal of all of personal data we have on record. Upon your request, we will remove your data as soon as possible and within 30 days. Personal data stored in backups will be kept no longer than 90 days. Personal data stored in logs will be kept no longer than 90 days after the event. Data we must keep in order to comply with legal obligations will be kept for as long as Dutch law requires.
Our rights and obligations
Reporting data breaches: We will, in case of a security breach and/or data leak, inform you and relevant supervisory authority within 72 hours of us becoming aware of such breach or leak, in accordance with the European Union’s General Data Protection Regulation.
Data transfer to authorities: We reserve the right to transfer your personal data to the relevant authorities upon the authority’s explicit request, as long as such data is being used specifically and exclusively to serve the interest of safety and security. We will inform the Organiser of such data transfer upfront. It is the sole responsibility of the Organiser to inform you of such data transfer.
Data transfer to badge producers and/or event access control providers: We reserve the right to transfer your personal data to a third-party producer of badges and/or event access control providers upon the Organiser’s explicit request, as long as that data is being used specifically and exclusively for that purpose. We will inform Organiser of such data transfer upfront. It is the sole responsibility of the Organiser to inform you of such data transfer.
Other data transfers: Unless for the aforementioned purposes, the Organiser shall not transfer your data from Accredion to any external platform or device without your explicit permission.
Compliance: We reserves the right to store your personal data, even after you requested the removal of that data, in order to comply with legal obligations.
Latest update: 23 February 2022