Last Updated: Jan 4, 2022
As Data Controllers, InEvent’s customers are responsible for disclosing the rights of individuals ('Data Subjects') with respect to their Personal Data and other information regarding the collection and use of that Personal Data, in accordance with the GDPR, CCPA, and other laws requiring such disclosures.
InEvent acts as a Data Processor with respect to any Personal Data comprised in the Customer Data. By 'Customer Data' we mean the content or information which individuals authorized by a customer submit to the InEvent Service.
InEvent uses the Personal Data to provide the InEvent Service to our customers pursuant to the applicable data processing terms with those customers. This will include integration of the InEvent Service with the other services provided by InEvent, Inc. and its affiliates.
InEvent does not disclose your Personal Data to third parties except where permitted or requested by our applicable customer, or where required by law.
No Sale of Personal Data InEvent does not sell, rent or lease your Personal Data.
Service Providers InEvent may disclose your Personal Data to our contracted service providers so that they can provide InEvent with services, such as IT, system administration and hosting, and customer support.
InEvent will, to the extent required by law and the applicable customer contract, obtain assurances before disclosing Personal Data to a subcontractor or third-party agent that the recipient will: (a) use the Personal Data only to assist InEvent in providing, maintaining or improving the InEvent Service, (b) provide at least the same level of protection for Personal Data as is required of InEvent, and (c) notify InEvent if the recipient is no longer able to provide the required protections. Upon notice, InEvent will act promptly to endeavor to stop and remediate any unauthorized processing of Personal Data by the recipient. InEvent will remain liable for onward transfers to its subcontractors and third-party agents.
A current list of the subprocessors that support the InEvent Service can be found here.
As specified in the data processing terms with the applicable Data Controller, InEvent takes reasonable and appropriate measures to protect your Personal Data from loss, misuse, and inappropriate access. We use standard, industry-wide practices such as firewalls, encryption of Customer Data at rest and in transit, and (in certain areas) Secure Socket Layers ('SSL') to protect your information. However, as effective as encryption technology is, no security system is impenetrable. InEvent cannot guarantee the security of our databases, nor can we guarantee that information you supply won't be intercepted while being transmitted to InEvent over the Internet.
Storage periods depend on the data processing terms with our customers and their choices, type of Personal Data, purposes of its collection and processing, and applicable law.
InEvent does not direct the InEvent Service and associated website at children. We do not knowingly collect Personal Data from children under the age of 16. If you are a parent or guardian and believe your child has provided us with Personal Data without your consent, please contact us at firstname.lastname@example.org.
This section provides additional details about the personal information InEvent collects and receives about California consumers and the rights afforded to such consumers under the California Consumer Privacy Act or 'CCPA.'
Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt out of any 'sales' that may be occurring, and to not be discriminated against for exercising these rights.
California consumers may make a request pursuant to their rights under the CCPA or please contact us by e-mail at email@example.com. We will verify your request and may request government identification or other information in order to do so. Consumers can also designate an authorized agent to exercise these rights on their behalf.
Rights and requests
Data subjects in the EU and United Kingdom may have certain rights regarding the processing of their Personal Data. You can obtain information about the applicable rights and how to exercise them from the relevant customer that is the Data Controller of your Personal Data.
Access Within the scope of our authorization to do so, InEvent will work with its customers, the Data Controllers, to support them in providing their Data Subjects access to their Personal Data that InEvent holds on behalf of its customers.
Corrections InEvent will take reasonable steps to enable individuals, in connection with its customers, to correct, amend, or delete Personal Data that is demonstrated to be inaccurate.
Questions and Other Requests If you have further questions about the collection, retention and use of your Personal Data, about your choices and rights regarding such collection, retention and use, or wish to exercise your rights under applicable law, you should contact the InEvent customer that is the Data Controller of your Personal Data (this may be your employer). We will forward any such communications to our customer, provide you with contact information for the customer, and work with the customer to address your questions and/or facilitate your choices and rights as appropriate.
If you have questions about our role as a Data Processor, you can submit your questions or please contact us by e-mail at firstname.lastname@example.org.
Complaints InEvent may be able to assist you in resolving any complaints about the collection or use of your Personal Data. We will forward your complaint to the relevant customer (often the employer associated with that account), which is the Data Controller of that Personal Data. You may wish to reach out to the Data Controller before contacting InEvent, as the Data Controller may be in the best position to resolve your issue.
European Union Model Clauses InEvent offers European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union and the United Kingdom, and other international transfers of personal data. To request a copy of our standard data processing addendum, incorporating Model Clauses, please contact us by e-mail at email@example.com.
E.U.-U.S. Privacy Shield While InEvent remains self-certified under the E.U.-U.S. Privacy Shield, it is not currently relying on the framework for the transfer of personal data. InEvent is also subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. To learn more about the Privacy Shield Program, please see http://www.privacyshield.gov/welcome.