Sign up|Sign in
icon-Networking & сomunitiesNetworking & сomunities|icon-Education and skillsEducation and skills|icon-Business and ConferencesBusiness and Conferences|icon-EntertainmentEntertainment|icon-ExcursionsExcursions|icon-ChildrenChildren

Privacy policy

We highly prioritize the protection of your personal information. Through this privacy policy, we aim to provide you with the types of personal data we collect and the reasons behind processing this data.

 

  1. Controller and contact information

The entity responsible for handling your personal data is Event & You, located in Poland. If you have any queries or suggestions regarding data protection or wish to exercise your rights, please don't hesitate to reach out to us at: rgeretskiy@gmail.com.

 

  1. Subject of data protection

Our focus in data protection revolves around personal data, which encompasses all information pertaining to an identified or identifiable natural person. Throughout this document, personal data is simply referred to as "data."

 

  1. Automated data collection

Upon accessing our website, your device automatically sends data for technical purposes. This includes the URL of the accessed page, network connection latency, and date and time of access. We store this data separately for several purposes:

3.1. To facilitate load balancing, ensuring efficient distribution of access across our website and providing you with optimal loading times.

3.2. To uphold the security of our IT systems, such as defending against specific attacks and recognizing attack patterns.

3.3. To maintain the proper operation of our IT systems, particularly in cases where errors necessitate the storage of IP addresses.

3.4. To enable criminal prosecution, the prevention of danger, or legal action in instances where there are specific indications of criminal offenses.

Your IP address is retained for a duration of 30 days. This processing is conducted to safeguard the security of our operations as per Article 32 of the GDPR, and is also based on our legitimate interest in preventing misuse of our services, as outlined in Article 6(1)(f) of the GDPR.

 

  1. Event & You account

4.1. Registration:

You have the option to create an Event & You customer account, which allows you to manage bookings, save favorites, or view past bookings. To create an account, you must provide mandatory information including your surname/first name, email address, and password. Alternatively, you can choose to log in using your Facebook, Google, or Apple account. In this scenario, we collect certain personal data from the respective platform such as your name, email address, photo (Facebook only), and an authentication token. By registering, you enter into a (free) user agreement with us, under which we collect this data as per Article 6(1)(b) of the GDPR. While providing this data is necessary to conclude the agreement, you are not obligated either contractually or legally to do so.

4.2. Reviews and ratings:

Our website offers the opportunity to rate and comment on events. Following the completion of an event booked through our website, we may request you to provide a rating. Participation in rating is entirely voluntary. When you submit a rating, we collect the data you input to process and publish it on our website according to the functionality used. You have the option to request the deletion of your rating at any time by contacting our customer service. The processing of your data for these purposes serves to protect our legitimate interest in providing comprehensive information about the events we offer, benefiting all users. Hence, this processing is grounded on Article 6(1)(f) of the GDPR.

 

  1. Customer support

5.1. Processing of enquiries:

When you contact us with enquiries via email, telephone, contact form, social media channels, or any other means, we will process the information provided to address your enquiry (Article 6(1)(b) GDPR). Further retention of the data transmitted with your enquiry is based on our legitimate interest in accurately documenting our business operations and protecting our legal positions (Article 6(1)(f) GDPR), and, if applicable, for fulfilling legal obligations (Article 6(1)(c) GDPR).

5.2. Improvement of customer service:

To enhance our customer service, we analyze enquiries based on specific parameters and keywords. While no analysis is typically conducted using personal data, there may be instances where personal data is processed within this context. This processing is carried out to serve our legitimate interest as well as that of our customers in continually improving our customer service (Article 6(1)(f) GDPR).

5.3. Translations:

In some cases, we may need to translate incoming requests into a specific language. This may involve processing personal data necessary to support our legitimate interest in providing international customer service (Article 6(1)(f) GDPR).

 

  1. Newsletter

6.1. Registration:

You can subscribe to our newsletter on our website to receive personalized information on offers, events, or special promotions. By subscribing, you consent to the processing of your email address for newsletter delivery (Article 6(1)(a) GDPR). You can unsubscribe at any time. Upon registration, we store the IP address and timestamp for consent verification, fulfilling our legal obligation (Article 6(1)(c) in conjunction with Article 7(1) GDPR).

6.2. Legitimate interest:

If you've booked an event via our website or created an Event & You account, we may send you our newsletter based on our legitimate interest in promoting similar services, unless you've opted out. Your objection can be made at any time, including during registration or using the unsubscribe link in our emails. If cookies are used for personalization, separate consent will be obtained for them.

 

  1. Bookings & payments

7.1. Bookings:

When you make a booking for an event on our website, we collect necessary data to facilitate it. Typically, this includes your first and last name, billing address, email address, telephone number, number of participants, and date/time. Depending on the specific event, we may require additional information. Processing of this data is conducted under Article 6(1)(b) of the GDPR. If necessary, we may transfer your data to the relevant event organiser.

7.2. Payments:

We offer various payment options for bookings, and we process data accordingly for each method chosen. This processing is necessary to facilitate the selected payment method and is based on Article 6(1)(b) of the GDPR.

 

  1. Fraud Prevention

To safeguard against fraudulent bookings, we assess the information provided during the booking process, including technical data transmitted by your device. This evaluation is conducted to protect our legitimate interest and that of the event providers in reliable bookings, in accordance with Article 6(1)(f) of the GDPR.

 

  1. Cookies

We utilize cookies to offer specific functionalities on our website and optimize user experience. Cookies are small files stored on your device through your internet browser.

Types of Cookies:

9.1. Session Cookies: These store technical data during your website visit, such as login status.

9.2. Persistent Cookies: These store data beyond a single browser session, if desired.

 

  1. Marketing services

We place advertisements, widgets, and paid links on third-party websites and social media platforms to measure their effectiveness. Cookies are utilized, with your consent, to analyze click behavior when you are redirected from these sites to ours. This analysis is conducted for billing purposes. Your consent for cookie usage is obtained before they are set, in accordance with Article 6(1)(a) of the GDPR. You can withdraw your consent at any time through our cookie consent manager without affecting prior processing.

 

  1. Integrated third-party content

We incorporate third-party content on our website, which is loaded from the servers of respective providers. Your device may transmit certain technically necessary data to these providers, potentially including your IP address. Any personal data processing by these providers is governed by their respective privacy policies. Our integration of such content is based on our legitimate interests in providing users with relevant content and functionalities, as well as operating our website efficiently, as outlined in Article 6(1)(f) of the GDPR. Below are details of the third-party content we integrate:

 

  1. Social media

We maintain pages or profiles on various social media platforms, where personal data processing occurs as described below:

12.1. When you interact with us on social media by liking, sharing, commenting, or providing other content, we collect and process the information you provide, including your username and profile photo if applicable. This processing is typically based on our legitimate interest in providing corresponding functions on our social media pages (Article 6(1)(f) GDPR), and may also rely on your consent or contractual relationship with the social media platform operator.

12.2. We may also process data to handle and respond to enquiries or messages via our social media sites.

12.3. Please note that the operators of social media platforms collect and process personal data when you visit our social media sites or interact with them or our posts. This applies whether or not you are logged in, and such data may be aggregated across different platforms and services operated by the same entity.

 

  1. CRM system

To manage customer relationships, we store personal data in our Customer Relationship Management (CRM) system. This enables targeted responses to enquiries and contextual advertising within permissible boundaries. Processing within this context is based on our legitimate interest in managing customer relationships (Article 6(1)(f) GDPR).

 

  1. Product development

We process customer data for ongoing product development. This processing aligns with our legitimate interest in product improvement and business success measurement (Article 6(1)(f) GDPR), and may involve seeking your consent where necessary.

 

  1. Personalization of website content

Your data is processed to display personalized content on our website, aiming to show events relevant to you. This is based on our legitimate interest in providing tailored user experiences (Article 6(1)(f) GDPR).
Beyond the scenarios outlined, your personal data may be disclosed without your explicit prior consent under the following circumstances:

15.1.  Legal obligations and law enforcement:

Personal data may be shared with law enforcement authorities and, if necessary, with affected third parties, to address illegal use of our services or for legal proceedings. This occurs only when there are specific indications of unlawful behavior or abuse, or to enforce terms of use or other agreements. We're also obligated to provide information to certain public authorities upon request, such as law enforcement agencies, administrative offense authorities, and tax authorities. This disclosure is justified by our legitimate interest in combating abuse, prosecuting criminal offenses, and safeguarding our rights, as long as your data protection rights are not compromised.

15.2. Professional service providers:

We may disclose personal data to auditors, accounting service providers, lawyers, banks, tax consultants, and similar entities as necessary for service provision, business operations, or legal compliance.

15.3. Contractually affiliated third parties and service providers ("Processors"):

Personal data may be shared with carefully selected third-party processors to enable them to provide services on our behalf. These processors are contractually obligated to adhere to this privacy policy and relevant data protection laws, and they can only use the data for specified purposes.

15.4. Business changes:

In the course of business developments such as changes in legal structure, founding, acquisition, or sale of subsidiaries or parts of the company, customer information may be transferred along with the relevant business unit. Any such disclosure is carried out in compliance with this privacy policy and applicable data protection laws, driven by our legitimate interest in adapting our corporate structure to economic and legal circumstances.

 

  1. Data erasure

We delete or anonymize personal data when it's no longer necessary for the purposes outlined. However, we may retain data if required by law or for criminal prosecution, or to secure, assert, or enforce legal claims. If you delete your user account, we permanently delete your profile but retain backup copies if legally required. Storage beyond the contractual relationship aligns with our legitimate interests under Article 6(1)(f) of the GDPR.

 

  1. Passing on of data

Your Rights as a Data Subject:

17.1. Right of access to information:

You have the right to request and receive information from us about the personal data we process concerning you, in accordance with the conditions outlined in Article 15 of the GDPR and § 34 of the BDSG.

17.2. Right to correct incorrect data:

You have the right to request the correction of any inaccurate personal data concerning you without delay.

17.3. Right to erasure:

You have the right to request the deletion of personal data concerning you under the conditions specified in Article 17 of the GDPR and § 35 of the BDSG. This includes situations where the data is no longer necessary for its original purpose, or where its processing is unlawful.

17.4. Right to restriction of processing:

You can demand the restriction of processing in certain circumstances outlined in Article 18 of the GDPR. This includes cases where the accuracy of the data is contested, or when the data is no longer needed for our purposes but is required by you for legal claims.

17.5. Right to data portability:

You have the right to receive your personal data provided to us in a structured, commonly used, machine-readable format, as outlined in Article 20 of the GDPR.

17.6. Right to object:

You can object to the processing of your personal data at any time, on grounds relating to your particular situation, as stated in Article 21 of the GDPR. We will cease processing your data unless compelling legitimate grounds override your interests, rights, and freedoms.

17.7. Right of appeal:

If you have complaints, you have the right to contact a supervisory authority of your choice.

 

  1. Data processing when exercising your rights

We process the personal data you provide when exercising your rights under Articles 15 to 22 of the GDPR to implement these rights and provide evidence thereof. This processing is based on the legal basis of Article 6(1)(c) of the GDPR in conjunction with Articles 15 to 22 of the GDPR and § 34(2) of the BDSG.