LAST UPDATED: 1 March 2023
Thank you for choosing to be part of our community at run.events GmbH ("Company", "we", "us" or "our"). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this Privacy Notice or our practices with regard to your Personal Data, please contact us at email@example.com.
This Privacy Notice describes how we might use your information if decide to use our Services, for example when you visit our website or use our mobile app.
Our main platforms are:
· run.events mobile app (Android, iOS)
· webpages: https://run.events/
· social media profiles: Facebook, LinkedIn, Twitter, Instagram, TikTok.
Our Personal Data processing practices divide into two groups: (i) we Process your Personal Data as a Data Controller to fulfil our data processing purposes, or (ii) we Process your Personal Data as directed by our Clients for the provision of our Services. Our Clients are the Data Controllers who determine the purpose of the Processing of Personal Data and, accordingly, we are a Data Processor of User’s data with respect to those services.
In order to fully understand how your Personal Data is Processed, you should review this Privacy Notice and privacy policies of those Clients’, for whose services you are directed to our platform (e.g., event organizers).
“Personal Data” means any information relating to an identified or identifiable natural person (“Data Subject”, “you”) which is Processed by us. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the natural person.
“Process” or “Processing” means any operation or set of operations which is performed on the Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Service” means all the services provided by us via our online platform (e.g., webpage, app), including related or in person services (e.g., sales, marketing, events).
“Client” or “Customer” means the natural or legal person who has purchased our services for its professional, commercial, or entrepreneurial purposes and has thus access to the Service. The persons who are exempt to pay a fee to use our services are also referred as Clients (e.g., event organisers who do not charge for tickets, non-commercial event organisers).
“User” means the end users of our platforms, which must coincide with or be authorized by the Data Subject, to whom the Personal Data refers.
“Laws” means the EU General Data Protection Regulation 2016/679 (“GDPR”) and other European Union wide data protection laws applicable to the Processing, as amended from time to time.
1. Personal Data we process
1.1 Data you provide to us
We collect Personal Data that you provide to us when you register as a User to our Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the websites (such as by posting messages in our online forums or entering competitions, contests or giveaways) or when you otherwise interact with us.
The Personal Data that we collect is dependent on the context of your interactions with us, the choices you make and the products and features you use.
The personal information we collect may include the following:
· Contact details: name, phone number and e-mail address.
· Profile information: your profile picture, language and communication preferences.
· Other optional personal data: education, employer, hobbies interests etc.
· Communication and correspondence records such as when you engage with our in-app chat or speak with our customer service agents.
· Limited identification data of the device, like the IP address, on which the App has been installed.
· Other user-generated content such as posts to our social media accounts.
1.2 Data from others
(i) Social media partners. Our Services offer you the ability to register and login using your third-party social media account details (like your LinkedIn or Twitter logins). Where you choose to use this option, we will receive certain profile information about you from your social media provider. The Personal Data we receive may vary depending on the social media provider concerned, but will include mandatory data such as your name, login ID, security credentials (AccessToken, RefreshToken).
(ii) Data from our Customers (e.g., event organizers). When registering to an event or when being invited to an event organised by our Customer, our Customer may process the data of its event attendees in our systems to fulfil it legitimate purposes.
1.3 Service use
We collect automatically certain information when you visit, use or navigate our Website or App. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Website or App and other technical information. This information is primarily needed to maintain the security and operation of our Website, and for our internal analytics and reporting purposes.
1.4 Cookies and similar technologies
We also collect information through cookies and similar technologies such as:
(i) Log and Usage Data. Log and usage data is service-related, diagnostic, usage and performance information our servers automatically collect when you access or use our online Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type and settings and information about your activity in the Website or App (such as the date/time stamps associated with your usage, pages and files viewed, searches and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called 'crash dumps') and hardware settings).
(ii) Device Data. We collect device data such as information about your computer, phone, tablet or other device you use to access the Website or App. Depending on the device used, this data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model Internet service provider and/or mobile carrier, operating system and system configuration information.
(iii) Location Data.
We collect location data such as information about your device's location, which can be either precise or imprecise. How much information we collect depends on the type and settings of the device you use to access the Website and the App. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your location setting on your device. Note however, if you choose to opt out, you may not be able to use certain aspects of our Services.
Subject to applicable Law we also process metadata. Metadata is for example log files.
Our Services are dynamic, and we will often introduce new features, which may require the collection of new information. If we collect materially different Personal Data or materially change how we collect, uses or share your data, we will notify you.
2. How do we use your data and what are the legal basis
2.1 Our Services
(i) Users. Your data will be processed to provide you an access to our Services. You will have a digital solution to interact and communicate with other Users during Client organized events, meetings or community engagements. Such communication is carried out in a paperless environment through the functionalities available in the App. Once the App User has joined the event environment, they can start using the engagement features of the App, including but not limited to, posting questions, receiving learning or training material, communicating in real time with other App Users, taking notes, casting votes etc., the exact functionalities depending on the feature set made available on that application and on the setting thereof, as established by the Client and/or the User.
You will also have access to our Services to organize your private events such as birthday party, housewarming party or family reunion.
(ii) Clients. Our company specializes in providing virtual and hybrid event and engagement application solutions that may either be built autonomously by Clients or with the assistance of our trained team of specialists. Each of these applications provide our Customers tools to organize and manage their events and all the related aspects of event planning.
Your Personal Data may be processed in our systems because you are a member of our Client’s organizing team (e.g., event manager, marketing specialists) or are similarly connected to our Client’s event planning process, or you are a speaker and/or attendee of our Client’s event. Your Personal Data may be also processed in our systems if you are a representative or an employee of an event sponsor.
Within this context we act as a data processor to our Client and the information processed within our systems belongs to our Client (i.e. data controller). This means that our Client determines the purposes and means of the processing of your Personal Data. Therefor this Privacy Notice must be red together with the privacy notice of the event organizer.
Taking into account your privacy settings, we keep you informed about the Services you use and about any changes to our terms, conditions, and policies. For this purpose, we may process your name, phone number and email address.
(i) To send you marketing and promotional communications if you have provided us such consent to do so. We and/or our third-party marketing partners may process your Personal Data for marketing purposes. For example, when expressing an interest in obtaining information about our Services, subscribing to marketing emails or otherwise contacting us. We may process your name, phone number and email address.
(ii) Deliver targeted advertising to you, if you have provided us such consent to do so. We may use your information to develop and display personalized content and advertising (and work with third parties who do so) tailored to your interests and/or location and to measure its effectiveness.
(iii) To post testimonials. We may post testimonials on our Website that may contain personal information. Prior to posting a testimonial, we will obtain your consent to use your name and the content of the testimonial. If you wish to update, or delete your testimonial, please contact us at firstname.lastname@example.org and include your name, testimonial location, and contact information.
2.4 Developing services
We may use your Personal Data to develop our Services so we can continue providing Services that meet yours and our Client’s expectations. For this purpose we may analyse your activity in regards of our Services and request your feedback. When technically possible we process your Personal Data in a pseudonymised way or if possible, anonymise your data. We process your Personal Data based on our legitimate interest.
3. How we share your data
3.1 Our services
(i) With other Users. When you share personal information (for example, by posting comments, contributions or other content to our social media accounts) or otherwise interact with public areas of our Services, such personal information may be viewed by all Users and may be made available outside the Website in perpetuity. If you interact with other Users of our Websites, your contacts on the social network may see your name, profile photo, and descriptions of your activity.
(ii) With our Clients. We may share your Personal Data respective to what is necessary and proportionate to help our Clients to organise the event you have registered to attend to. For example, during the event, our Client’s sponsors and partners may collect your information if you give them your consent and then scan your conference badge. Scanning your badge will result in Personal Data transfer from your profile (e.g., name, email, employer’s data).
3.2 Data transfers
(i) Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on the Website, which will enable them to collect data on our behalf about how you interact with our Website over time. This information may be used to, among other things, analyse and track data, determine the popularity of certain content, pages or features, and better understand online activity.
We do not sell, rent or trade any of your information with third parties for their promotional purposes. We have concluded data processing contracts with our data processors, which are designed to help safeguard your personal information. This means that they cannot Process your Personal Data unless we have instructed them to do it. They will also not share your personal information with any organization apart from us. They also commit to protect the data they hold on to our behalf and to retain it for the period we instruct.
(ii) Disclosure of Personal Data to authorities. Please note that due to legal requirements, we may be obliged to disclose or grant access to your Personal Data to the authorities or the supervisory authority to help them fulfil their legal duties (e.g., a court or a government agency).
(iii) Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. If this is applicable, we will notify you of such Personal Data disclosure when and to the extent we are obliged to do so.
3.3 International data transfers
We will not transfer your Personal Data to third countries (countries outside the EU/EEA), unless this is assessed as necessary. When the transfer is necessary, then we will apply appropriate safeguards regulated by Laws before transferring your data. Necessary transfer of personal data will subject on exceptions of Article 49(1)(b-e) of the GDPR.
We inform you that Personal Data collected with the help of cookie providers can be transferred to a non-EEA country (e.g. US, when Google Analytics are used). We make every effort to ensure that such data transfers comply with the requirements prescribed by Laws and implement appropriate measures to ensure that your personal data remains protected and secure.
4. Data security
We have implemented appropriate technical and organizational security measures designed to protect your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.
However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We recommend you to only access our Services within a secure (internet) environment.
5. Data retention
We will retain your Personal Data for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. In addition, we may store your data based on the agreement with our Clients, when we act as a data processor for them.
You have the option to delete the data you have voluntarily provided to us at any time under your profile settings, or to delete your account completely. After deleting your account, the Personal Data relating to that account will be completely deleted within twenty-four (24) hours.
In addition, we will analyse user database to detect inactive accounts. Inactive accounts together the personal data it holds will be deleted regularly. We will notify the account holder about the deletion beforehand.
6. Your rights as a data subject
You may, at any time, exercise the following rights with respect to processing of your personal data:
(i) Right to access: You have the right to request access to any data that can be considered your personal data. This includes the right to be informed on whether we process your personal data, what personal data categories we process, the purpose and the legal ground that we rely on when processing your data. Please be informed that most part of the data that we process is available on your profile.
(ii) Right to rectification: You have the right to request that we correct any of your personal data if it is inaccurate or incomplete. Please be informed that you can update your data at any time on your profile.
(iii) Right to object: You are entitled to object to processing of personal data, if the processing of your personal data is based on legitimate interest.
(iv) Right to erasure: You may also request that your personal data be erased subject to certain statutory exceptions if the personal data is no longer necessary for the purposes for which it was collected, or if you consider that the processing is unlawful. Please be informed that you can delete your data that you have voluntarily provided at any time on your profile.
(v) Right to data portability: If we process your Personal Data based on your consent or on the basis of a mutual contractual relationship, you may request that we provide you with that Personal Data in a structured, commonly used and machine-readable format. Moreover, you may also request that the Personal Data is transmitted to another controller. Bear in mind that the latter can only be done if that is technically feasible.
(vi) Right to withdraw your consent: In cases where the processing is based on your consent, you have the right to withdraw your consent to such processing at any time. Please be informed that you can manage your consents on your profile.
Please note that some of the rights listed above may be limited where our legitimate interests or legal obligations override your interests and rights (particularly, in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations).
If you have complaints on how we process your Personal Data, or you would simply like to know more about our data processing activities, feel free to contact us at any time on the contact details listed in the beginning of this Privacy Notice.
You have the right to lodge a complaint to a Data Protection Authority if you think that your personal data is being processed incorrectly or your data subject’s rights have been violated by us. You can find the contact details of your national Data Protection Authority here: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
7. Update disclaimer
We may update this Privacy Notice from time to time. If we make material changes to this Privacy Notice, we will notify all Users via appropriate channels. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.