Policy Established: September 30, 2016
Policy Last Updated: May 25, 2018
At eventcore, we believe in being up front and transparent about what data we collect, how we collect it, and how it is used.
We know that Privacy Policies are a lot to process, so let’s break it out into pieces.
1. Who is eventcore?
1.3. How to contact us
2. What information do we collect and how do we collect it?
2.1. As eventcore
2.2. For Clients and Partners
2.3. Is information collected and stored securely?
3. How is information used?
3.1. How does eventcore use information?
3.2. How do our Clients and Partners use information?
3.3. What is eventcore’s legal basis of processing?
3.4. How long is information stored?
4. Your data and your rights
5. Other important information
5.1. Do we transfer personal data beyond U.S. borders?
5.2. Accessing, amending and deleting information
5.3. Changes and updates to this Policy
1. Who is eventcore?
Welcome! eventcore is a company that designs and hosts custom event platform solutions. These solutions enable us to collect, store and make available event registration and platform data on behalf of our Clients and Partners.
To avoid defining one term with every use, please know that as you’re reading this page, these are our intentions as we use certain words below:
- "eventcore", "we", "us", or "our" refers to eventcore, LLC and anyone that is authorized to speak on behalf of or represent eventcore, LLC
- "Client" refers to any organization or individual that financially and contractually retains eventcore for eventcore’s custom event platform.
- "Partner" refers to any related organization or individual that is involved in the delivery of event services, as organized and retained by the Client
- "Consumer" refers to anyone who is utilizing one or more of eventcore’s custom event platform that is being hosted on behalf of a Client. For example, this could be a registrant of an event that is being offered by a Client.
- "Visitor" refers to anyone that is using the eventcore corporate website, "https://eventcore.com"
- "Site" refers to the eventcore corporate website, "https://eventcore.com"
- "Services" refers to any solution that eventcore designs or creates on behalf of a requesting organization of eventcore’s custom event platform
- "Web Property" refers to any application, web service, website, API interface, or any other web-based solution that eventcore offers
- "Designated Countries" refers to member states of the European Union (EU) or European Economic Area (EEA) member state or Switzerland
- "Regulation" and "GDPR" refers to the General Data Protection Regulation (EU) 2016/679
- "Personal Data" refers to any personal information relating to an identified or identifiable natural person.
- "Identifiable person" is anyone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
We collect and store Personal Data at the direction of our Clients and Partners. We do not use any data that we collect or store on behalf of our Clients and Partners in any way outside of what is specifically required by our Clients and Partners.
Clients and Partners are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as any and all relevant privacy policies, agreements or other legal duties that relate to the collection, management and uses of Personal Data in connection with the use of eventcore Services by any end users or Consumers. If you are an individual who engages with a Client or Partner’s use of eventcore’s Services, then you will be directed to contact the particular Client or Partner for additional support regarding any requests or questions you have concerning your Personal Data.
1.3 How to contact us
eventcore, LLC is a Washington State limited liability company that is headquartered in Seattle, WA. Our office is located at 4743 Ballard Avenue NW, Suite 200, Seattle, Washington 98107. Our phone number is +1.206.784.0626.
If you a citizen of or reside in the Designated Countries, then eventcore, LLC is the responsible party as it pertains to Personal Data that is collected on behalf of eventcore. This is true of legal citizens and residents outside of Designated Countries as well.
If you a citizen of or reside in the Designated Countries and you are seeking information or action regarding Personal Data that is collected on behalf of a Client or Partner that makes use of eventcore’s custom event platform Web Properties, then we encourage you to pursue your inquiry with the respective Client or Partner for whom eventcore operates on behalf of.
If you have any questions, concerns or feedback regarding privacy, please reach out to us via phone or email at firstname.lastname@example.org.
2. What information do we collect and how do we collect it?
eventcore collects information in two ways: on our own behalf and on behalf of our Clients and Partners via our Services. The nature of what we collect and how we collect it differs based the purpose of collection.
2.1 As eventcore
When eventcore acts on its own behalf, we collect data in a few ways.
The second is that we collect and store any data that is provided to us by Clients and Partners in order to use our Services. For example, in order to engage with the data that we collect on behalf of a Client or Partner, any personnel that is given permission to access this data is assigned login credentials based on data that is presented to us and is required to authenticate their identity to be able to engage with Consumer data.
At no time, however, do we knowingly solicit, collect or store any information from or about children under the age of 13.
2.2 For Clients and Partners
When a Client or Partner relies on eventcore’s Services, the Web Properties that we are able to provide are customized for each event. This means that a Client can specify the collection of a wide range of data in order to achieve a custom event platform experience. Depending on the needs of a Client, we can collect information from Consumers in the form of:
- Data that a Consumer provides which can include name, contact information, company information, demographic information, social media information, etc.
- Data that a Consumer provides about their preferences, opinions and feedback
- Financial data that a Consumer provides, such as whatever information is required for the secure processing of a financial transaction. This can later include additional information from third party sources such as a Consumer’s bank or payment processor.
- Hotel data that a Consumer provides, such as a hotel reservation request and reservation preferences. This can later include information from a third party source such as a Consumer’s preferred hotel.
Information that is collected on behalf of a Client via an eventcore Web Property is collected solely at a Client’s discretion, and is not controlled or processed in any way out of the scope of eventcore’s retainment.
2.3 How do we safeguard information?
The security of your information, whether you are a Client, Partner, Consumer or Visitor, is very important to us. To honor that trust, we implement industry-standard physical, administrative and technical security safeguards and procedures to ensure that data is protected from unauthorized access, use, or disclosure in our Services and Web Properties. We undergo ongoing security training and third-party penetration testing to ensure that we are always protecting the privacy and confidentiality of the data we control or process.
As a good practice, however, we always recommend that any users of our Site or Web Properties take steps to ensure that interactions are as safe as possible. We urge you to keep your personal information safe by ensuring that you select a strong password that is securely stored, always logging out of any event platform experience and closing your browser if on a shared on unsecured device once you’ve completed your session.
3. How is information used?
At eventcore, we engage with information and Personal Data on our own behalf and on behalf of our Clients and Partners. Because some data protection law requires designations of who and how data is controlled and processed, these designations are made below.
3.1 How does eventcore use information?
When acting on our own behalf, we collect information in order to:
- Provide eventcore Services and deliver solutions. We use information to be able to communicate with you about your use of our Services, respond to inquiries, and other client support needs.
- Personalization. As a provider of custom Web Properties, we are always seeking to ensure that we’re meeting your specific needs. To assist us, we collect information about your interests as they relate to custom event platform experiences.
- Analytics. In order for us to continue improving our offerings and Services, and to expand in areas of potential growth, we make decisions having to do with our Services based on information we gather about how Visitors interact with our Site.
- Legal compliance. We will always act in accordance with the requirements of local, state, federal and international legal regulations.
We share information in the below scenarios, and where individuals have otherwise consented:
- Service providers. In order to meet needs of our Clients and Partners regarding specialized forms of secure data transfers, we may share information with third party service providers who may use this information to perform services, such as payment processors, hosting providers, auditors, advisers, Client and Consumer support, as well as if a Client or Partner chooses to engage with an advertising or marketing service.
- Business transfers. We may disclose or transfer information as part of any merger, sale or transfer of our assets, acquisition or restructuring of all or part of our business, bankruptcy or similar event.
- Legal requirements. We may disclose information if we are required to by local, state, federal and international law enforcement. This includes the ability to respond to any claims brought against us, enforce or administer our agreements and terms, for prevention of and protection against fraud, risk assessment, investigation, and to protect the rights, property or safety of eventcore, its users and others.
- Anonymized and aggregated data. We may disclose anonymized and aggregated data that is not able to identify a particular individual with third parties for research, marketing, analytics and other purposes.
We do not sell any information we collect or store to third parties for any marketing purposes. Additionally, when eventcore is acting on its own behalf to achieve the aims as outlined above, eventcore functions as a "Controller" of any data that is provided by Visitors and/or collected for eventcore’s business needs.
3.2 How do our Clients and Partners use information?
Because we rely on our Clients to determine how they will use and share any information that we collect or facilitate on their behalf, in our engagement with them, we regard Clients as data "Controllers" of any and all Consumer data as it relates to the local and state laws of Designated Countries, and regard eventcore as the "Processor" of Consumer data. We encourage all Visitors and Consumers that engage with our Clients to make themselves knowledgeable about the respective privacy policies and practices of the event for which they are engaging with a specific Client. We do not assume the responsibility or liability for a Client’s privacy practices and procedures, unless otherwise specified.
Typically, our Partners are co-Processors in our engagements with a Client, as Partners are individuals or organizations who assists in the delivery of an event service, and are separately retained by the Client for the achievement of a specific event purpose. To achieve the requests of the Client, we make any data that we collect on behalf of a client available to any co-Processor or Subprocessor that is appointed or retained by the Client, at the Client’s discretion. As with Clients, we encourage all Visitors and Consumers to make themselves knowledgeable about the respective privacy policies and practices of any specific Partner that they are engaging with. We do not assume the responsibility or liability for a Partner’s privacy practices and procedures, unless otherwise specified.
3.3 What is eventcore’s legal basis of processing?
If you are a citizen or take residence in one of the Designated Countries, our legal basis for collecting and using the personal information will depend on the personal information concerned and the specific context in which we collect it. In most cases, we normally collect personal information where:
- We have your consent to collect personal information
- We require the personal information in order to perform a contract with you (e.g., to execute on a Service or solution for which you have retained eventcore)
- Where the processing is in our or a third party’s legitimate interests and not overriding by your data protection interests or fundamental rights and freedoms.
In some cases, we may have a legal obligation to collect personal information from you, or may otherwise need the personal information to protect your vital interests or those of another person.
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.
3.4 How long is information stored?
The duration of time for which we collect and store information about you depends on the type of information as described below. If all of the requirements below are met, then we will either delete or anonymize your information. If this is not possible, then we will securely store your information and isolate it from any further or non-essential use until deletion is possible.
We will retain personal information or data that is provided to us where we have an ongoing legitimate business need to do so. For example, we will retain Personal information in order to perform a Service or deliver a Web Property that you have requested, or to comply with local, state, federal and international obligations and dispute resolutions.
Where there is no ongoing legitimate business need to process the personal information or data that is provided to us, then we delete this information or anonymize it, or securely store the information in isolation until deletion is possible. Information and data can be deleted at an earlier time, depending on the context. For more information, please see Section 5.2.
- Visitors of our Site may request the deletion of data via a request to email@example.com.
- Clients and Partners may request the deletion of data via a request to the eventcore contact with whom they have the business relationship. Please note that that this may be subject to ongoing legitimate business needs where it applies.
Any information or data that is provided to eventcore when eventcore is collecting, managing and disclosing data on behalf of a Client or Partner is subject to the data retention policies of said Client or Partner. In this capacity, any data that is consumed via eventcore by a Client or Partner and is therefore no longer in eventcore’s processing purview, is subject to the data retention of policies of said Client or Partner.
4. Your data and your rights
You have data protection rights. Provided there are no exemptions as required by local, state, federal and international law, you may have the right to request access to your personal information, as well as to correct, update or delete this information.
Additionally, where eventcore has collected information from you when acting on our own behalf, you have the ability to withdraw consent where previously provided. Please note that withdrawing this consent does not affect the lawfulness of our processing activities prior to the withdrawal, nor does it affect the processing of information as required by the lawful processing on grounds other than consent.
If, as a citizen or resident of a Designated Country, you wish to pursue a complaint to a data protection authority about our collection and use of your personal information, please navigate to: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
If you wish to exercise any of the rights as mentioned above, please reach out to us at firstname.lastname@example.org, or send a mail to 4743 Ballard Avenue NW, Suite 200, Seattle, Washington 98107, Attention: Privacy. We will respond to your request within a reasonable time period and notify you of the action we have taken.
5. Other important information
Below is additional information as relevant to this Policy.
5.1 Do we transfer personal data beyond U.S. borders?
eventcore is headquartered in the United States. Our Web Properties are hosted in a cloud-based service that has data centers located in the United States. We do not currently utilize any data centers outside of the United States.
There are several scenarios in which data or information that eventcore processes may traverse into and out of U.S. borders.
- We provide our Clients and Partners with a role-based access controlled administrative interface so that they may access, process and manage the data we have collected on their behalf. This interface is hosted in a cloud-based service that may be accessed from anywhere in the world as long as the accessor has the required permissions.
- The custom Web Properties that we host on behalf of Clients and Partners are often accessible by and presented to international audiences. In these cases, citizens or residents of Designated Countries may be able to provide personal data to these Web Properties in order to attend an event that is hosted by a Client.
- As one of our product offerings, we have Web Properties that are designed to assist a Client in their needs to successfully manage registrant data while the event is in progress. In the scenario that a Client’s event takes place outside of the United States, data or information may be accessed and processed beyond U.S. borders.
Due to the above scenarios that occur when we act on behalf of our Clients, we rely on the legally-provided mechanisms to lawfully transfer data across borders that our Clients have in place.
Additionally, eventcore is in the process of participation and certification of the E.U.-U.S. Privacy Shield Framework as well as the Swiss-U.S. Privacy Shield in order to safeguard cross-border data transfers. These frameworks were created to enable companies to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States. For more information on the Program, please navigate to: https://www.privacyshield.gov/welcome.
5.2 Accessing, amending and deleting information
Upon request, eventcore can assist individuals in being able to manage their information and personal data. The management of this data can take the form of being able to access the data that is held about you, editing or correcting the data that is held about you, or delete the data that is held about you. The avenue for how to accomplish these tasks depends on the role that eventcore has in your inquiry.
- If you are a Visitor of our Site, and have provided data to us, please reach out to email@example.com to access, modify or delete your information.
- If you are a Client or Partner, and have provided data to us, please reach out to your eventcore contact to access, modify or delete your information. Please note that if a delete request is issued, then this may result in the termination of a contractual service agreement. If that is not desired, as much information as is necessary to comply with our legal obligations to perform a Service may be retained while accessory data is deleted. We will disclose to you the nature of this determination.
- If you are a Consumer of one of our Web Properties and you wish to gain access to, correct or amend an inaccuracy, or delete your information, please direct your request to the particular Client or Partner with whom your event is affiliated. Once requested to process an access, correction, or deletion request by the Client or Partner on whose behalf we collect and store data, we will fulfill the request within one month of when the request was initially issued. Please note that if a delete request is issued, that in some scenarios it may be legally necessary for some data to be partially retained as necessary to comply with existing obligations, dispute resolutions and the enforcement of pre-existing agreements.
Our fulfillment of any request is contingent on the below factors. For more information, please refer back to Section 3.4.
- A request must be able to undergo an identity verification process, where we are able to verify that you have the right to access the information that you’re requesting
- There are no conflicting existing legal obligations, dispute resolutions, or enforcements to any pre-existing agreements.
5.3 Changes and updates to this Policy
eventcore may make changes or updates to this Policy at its discretion. You may refer to the "Policy Last Updated" date at the top of this page to determine the timely relevance of the Policy. We encourage you to check back here regularly to understand any changes that have been made. We will ensure that changes are easily accessible.
If you are a Client or Partner, and we make any material changes that will affect your privacy rights, eventcore will provide you additional notice via Email or other Services.
If at any point you disagree with this Policy or changes that are made to this Policy as a Client, Partner or Visitor, please contact firstname.lastname@example.org so we can explore how we can remove your information and deactivate Services.