GEVME Client Privacy Policy

GEVME Client Privacy Policy

This statement applies to GEVME’s information collection and use policies with respect to use of the Sites and the users of its Platform (as such terms are defined in the Site’s Terms of Use, available at http://www.gevme.com/terms-of-use/ located at www.gevme.com.By using the Site or the Platform, you consent to the data practices described in this Statement.

Privacy policy principles are guided by the Personal Data Protection Act (PDPA) which will be enforced in Singapore in July 2014 as well as the European Union General Data Protection Regulation (GDPR) which cameinto force on 25 May 2018 to govern the collection, use and disclosure of Personal Data by organisations in a manner that recognizes both the right of individuals to protect their data and the need of organisations to collect, use or disclose personal data for purposes that a reasonable person would consider appropriate in the circumstances.

The PDPA has made a further distinction between Personal Data and Business Contact Information which specifies the scope of application of the Act itself.

“Personal Data” refers to data about an individual who can be identified from that data; or from that data and other information that the organisation is likely to have access. On the other hand, “Business Contact Information” is defined as “an individual’s name, position name or title, business telephone number, business address, business electronic mail address or business fax number and any other similar information about the individual, not provided by the individual solely for his personal purposes.”

The PDPA does not cover Business Contact Information.

For the avoidance of doubt, all references to “Services” shall include our event management platform (“the Platform”), applications, technological tools, products, features and offering that is made available by us to our Customers and/or Users. All references to “Client” herein shall refer to an individual or entity who has engaged and/or entered into an event management agreement with us for the purposes of using our Services for, inter alia, a specific event or as the case may be. All references to “Attendee” herein shall include an individual or entity who has registered an account with our Services for the purposes of attending the said event.

By using the Site or the Platform or our Services, you have consented to our collecting and using the Business Contact Information that you may provide to us in accordance with this privacy policy. You will also be deemed to have read and accepted this privacy policy.Acceptance of the Policy

Acceptance of the Policy

Please read carefully: By accessing or using the site or the platform, you agree to the terms and conditions set forth in this privacy policy, including to the collection and processing of your personal information (as defined below). If you disagree to any term provided herein, you may not use the site and the platform.

Which information we may collect on our Clients?

We collect two types of data and information:

A. Non-personal Information

The first type of information is non-identifiable and anonymous information (“Non-personal Information”). To put it simply, we have no idea what is the identity of the User from which we have collected the Non-personal Information. Like most websites on the Internet the Non-personal Information which is being gathered consists of technical information and behavioral information, without limitation, details such as:

Technical information:

  • Type of operation system (e.g. Windows, Linux, etc.)
  • Type of Browser (e.g. Firefox, Chrome etc.)
  • Browser and keyboard language (e.g. English)
  • IP Address
  • Your approximate geographic location
  • Any Similar technical information

Behavioral information:

  • User activity such as log-ins, date, and time of access.
  • Overall, impersonal statistical information regarding total amount of e-mails that were sent, received, opened and/or hyperlinks clicked by the recipient(s).

Please note that in order to collect the Non-Personal Information we may use common third party analytics services such as: Google Analytics , Facebook Insightetc.

B. Personal Information

The other type of information is individually identifiable information (“Personal Information”). To put it simply, this information may identify an individual or is of a private and/or sensitive nature. Personal Information which is being gathered consists of any personal details provided voluntarily by the User (e.g. User’s name, email address, company etc.) mainly by registration to the Platform and/or sync services of such Personal Information on our Platform. The clicks, mouse movements and similar information with regard to the User’s session (e.g. the fact that User has chosen to click on a certain link or access a certain webpage) may be identifiable and regarded as Personal Information. We also respect and treat any email you may send to us as Personal Information.

We shall keep all Personal Information confidential and shall only process Personal Information on behalf of and in accordance with your instructions. For the avoidance of doubt, we will only comply with such instructions that are not in contravention with the applicable laws, including but not limited to privacy and/or data protection laws enforceable at the time.

To avoid confusion, rest assured that any Non-personal Information combined with Personal Information shall be regarded as Personal information.

C. Aggregated Personal Information:

In an ongoing effort to better understand and serve the users of the Services, we often conduct research on our customer demographics, interests and behavior based on Personal Information and other information that we have collected. This research may be compiled and analysed on an aggregate basis and this aggregate information does not identify you personally and therefore is considered and treated as Non-Personal Information under this Privacy Policy.

When you connect to third-party services provider (“Third-Party Services Provider”) via the Platform, for the first time, you will be asked to permit such Third-Party Services Provider to share with us information about you, such as: Basic Information (your first and last name, your profile picture and/or its URL & gender); Your latest Profile Status update; Pages you admin, your living location and hometown as specified in your profile; information regarding and/or relating to posts and/or posts in your news feed; Your user ID number, which is linked to publicly available information such as name and profile photo.

How do we collect information on our Clients?

Following are our main methods of collecting information on our clients

  1. We collect information while you install, access, browse, view or otherwise use the Platform. In other words, when you use or otherwise access the Platform we are aware of your usage of the Platform, and may gather, collect and record the information relating to such usage. For example, when you connect to the Platform, your computer tells us your IP address.
  2. We collect information which you provide us voluntarily. For example, when you wish to register to the Platform, we may ask you to provide certain Personal Information which shall be kept on our servers. Each time you will be interested in providing information voluntarily we may ask you to consent to the collection and public display of such information.
  3. We will store, on our Platform, your customized templates, including and not limited to, your uploaded images and any other information you included in your templates, with our online backup & sync services.
  4. We will store, on our Platform, your email distribution lists, including and not limited to, email addresses that were imported to or created on our platform, and any additional fields that were imported to or created on our platform.
  5. We may track overall, Non-personal, email usage and hyperlink engagement. We will do so using standard email tracking methods, such as measuring hyperlink clicks and/or embedding a tiny tracking image. We do so to measure and improve the performance and quality of our services.
What are the purposes of collecting our Clients information?

Non-personal Information is collected in order to:

  • Enhance the User’s experience on the Platform (e.g. by determining the best location for buttons and links etc.).
  • Learn about the preferences of Users and general trends on our Platform (e.g. understand which functionality of our Platform is more popular than others).
  • Better understand the priorities and interests of our potential customers and partners in order to better suit their needs and increase the efficiency of our sales and marketing processes.
  • Administer the Platform, help diagnose problems with our server, to gather broad demographic information.

Personal Information is collected in order to:

  • Register you as a user of the Platform and to control access to your personal account.
  • Personalize your experience on the Platform.
  • Provide you with certain Features, services and information you have asked us to provide.
  • Allow us to update you with news and tailored information regarding new features, offers and display content and advertising on or of the Services that we believe might be of relevance to you
  • Manage your account and provide you with customer service, and to generally manage the Services and our business.

Attendee GEVME Account

When an attendee registers for an event on GEVME, a corresponding GEVME account is created for that attendee. Among other things, this GEVME account allows the attendee to login to view the events they registered for and to edit their registration details.

Processing of Attendees Data

In case you would engage us for our managed services offerings. We shall only process Personal Information on behalf of and in accordance with your instructions. For the avoidance of doubt, we will only comply with such instructions that are not in contravention with the applicable laws, including but not limited to privacy and/or data protection laws enforceable at the time

Sharing your Attendees Data with third parties

We may use your Attendees Data for planning, research, design and marketing of services, rendering assistance to law enforcement, government or regulatory agencies, or complying with any applicable laws or any order of court.

As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Attendees Data may be part of the transferred assets. You acknowledge and hereby agree that any successor or acquirer of our assets will continue to have the rights to use your Attendees Data and other information in accordance with the terms of this Privacy Policy.

Any information disclosed in the public areas of the Site (such as message boards and forums) becomes public information. You should exercise caution when disclosing your personal information in this way.

We do not under any circumstances, sell your email distribution lists, contact people on your lists, market to people on your lists, steal your lists, or share your lists with any other party, unless it’s required by law. If someone on your list complains or contacts us, we may then contact that person. Only authorized employees have access to view email distribution lists. You may be allowed access to your email distribution lists from our platform at any time during the entire duration such lists are stored on our Platform.

Retention and Access of Attendees Data

Our policy is for Attendees personal data to be retained on our Platform for a period of five years following any respective event. If for any reason you wish to delete your Attendees Data, you should send an email to the address cs@globalsignin.com or contact your account manager, and we will make reasonable efforts to anonymised any such information pursuant to any applicable privacy laws. The anonymisation process is irreversible.

To the extent legally permitted, we shall promptly notify you if we receive a request from an Attendee to exercise his/her right of access, right to rectification, restriction of processing, right to be forgotten, data portability, object to the processing, or right not to be subject to an automated individual decision making. In such an event, we shall assist you by appropriate organizational and technical measures, insofar as this is possible, for the fulfilment of your obligation to respond to an Attendee’s request in accordance with the applicable privacy and/or data protection laws enforceable at the time.

Cookies

During your use of the Site, we may issue to and request from your computer blocks of data known as “cookies” to enable more convenient browsing when you revisit the Site. A cookie is a type of data which is sent from the Site to your Internet browser software, and is stored on your computer. Storing cookies does not have any adverse effect on your computer. You must not alter any cookies sent to your computer from the Site and you must ensure that your computer sends correct and accurate cookies in response to any relevant request from the Site. Find out more about our Cookie Policy.

Security

We take great care in maintaining the security of the Platform and your information therein, and in preventing unauthorized access to the Platform through the use of standard industry technologies and internal procedures. However, we do not guarantee that unauthorized usage or access will never occur. We cannot assure that no unpermitted use of your locally personalized information is made by any third-party with access to your computer You are solely responsible for protecting your computer and your locally stored personal information in any way from unpermitted access and use.

Users using the Platform agree to keep their password in strict confidence and not disclose such password to any third party.

Sub-processors

GEVME makes use of third parties Sub-processors to provide specific functions with in the Services. The Sub-providers and their purposes are listed as below. In order to provide the relevant functionality these Sub-processors access Service Data only for the use of the indicated services.

Entity Name

Purpose

Applicable Services

Amazon Web Services

Amazon Web Services (AWS) is a subsidiary of Amazon that provides on-demand cloud computing platforms to individuals, companies and governments, on a paid subscription basis. We use AWS for the majority of our cloud computing and storage needs.

All

MongoDB Inc

MongoDB Inc (MongoDB) provides the MongoDB Atlas service, an on-demand fully managed NoSQL database. We run MongoDB Atlas runs on AWS for storing data used by our applications on the cloud. The primary information that MongoDB has is the information of the attendees stored in our database.

GEVME, CrowdFlow

Elastic NV

Elastic NV ("Elastic") provides the Elastic Stack made up of Elasticsearch, Logstash and Kibana. We use these for gathering logs and analysing the performance of the applications we run. These logs contain information such as the timestamp, token ID, email address, user agent, username, Account ID, User ID, name, IP address, application paths and parameters, Session IDs, provisioned infrastructure, Ticket and Help Center data, Agent data and other types of Service Data

GEVME, CrowdFlow

The Rocket Science Group

The Rocket Science Group. (“Mandrill”) is an email campaign service provider we use to send campaigns and notification emails. The primary information Mandrill has access to is the email addresses of recipients of the emails and the content of the emails themselves.

GEVME Email Campaigns

Mailgun Technologies, Inc.

Mailgun Technologies, Inc. (“Mailgun”) is an email campaign service provider we use to send campaigns and notification emails. The primary information Mandrill has access to is the email addresses of recipients of the emails and the content of the emails themselves.

GEVME Email Campaigns

New Relic, Inc

New Relic, Inc. (“NewRelic”) is a third party logging platform that we use for ingesting, parsing, querying and performing analytics on Service application and infrastructure logs (“Logs”). These Logs are then used for debugging, troubleshooting, auditing, reporting, and detecting and alerting on unexpected application behavior. Incidental to the purpose of the Log Processing, Service Data and Personal Data may be Processed by New Relic. Examples of the data that may be in the Logs includes: timestamp, token ID, email address, user agent, username, Account ID, User ID, name, IP address, application paths and parameters, Session IDs, provisioned infrastructure, Ticket and Help Center data, Agent data and other types of Service Data.

GEVME, CrowdFlow

Imperva, Inc

Imperva, Inc. (“Incapsula”) provides content distribution, security and DNS services for web traffic transmitted to and from the Services. This allows us to efficiently manage traffic and secure the Services. The primary information Incapsula has access to is information in and associated with our website URL that the End-User is interacting with (which includes End-User IP address). All information (including Service Data) contained in web traffic transmitted to and from the Services is transmitted through Incapsula's systems. Incapsula also processes a limited amount of Personal Data (specifically End-User IP addresses and browser and operating system information) for logging purposes.

 

Third Party Sites

While using the platform and/or the Site you may encounter links to third party websites. Please be advised that such third party websites are independent sites, and we assume no responsibility or liability whatsoever with regard to privacy matters or any other legal matter with respect to such sites. We encourage you to carefully read the privacy policies and the terms of use or service of such websites.

EU Representative Contact

Pursuant to Article 27 of Europe’s General Data Protection Regulation (GDPR), GlobalSign in has appointed European Data Protection Office (EDPO) as its GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR by sending an email to privacy@edpo.brussels, using EDPO’s online request form,or writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium.

Changes to the Privacy Policy

The terms of this Privacy Policy will govern the use of the Site and the Platform and any information collected therein. Company reserves the right to change this policy at any time, so please re-visit this page frequently. In case of any material change, we will post a clear notice on the Site.

Changes to this Privacy Policy are effective as of the stated “Last Update” and your continued use of the Site on or after the Last Update date will constitute acceptance of, and agreement to be bound by, those changes.

Support and Enquiry

If you have any questions (or comments) concerning this Privacy Policy, you are most welcomed to contact us or send us an email to the address dpo@globalsignin.com and we will make an effort to reply within a reasonable timeframe.

Avenue Huart Hamoir, 71
1030 Brussels/Belgium
privacy@edpo.brussels

Ready to empower
your event management experience?