RSVPify PRIVACY POLICY ADDENDUM
FOR RESIDENTS OF EEA USING THE SERVICES
IN RELATION TO EVENTS ORGANIZED BY RESIDENTS OF EEA 

If you are a resident of the European Economic Area (EEA), which is the European Union plus Norway, Iceland and Lichtenstein, and you use our Services in relation to an event organized by a resident of the EEA, the following rules apply to you. This Addendum prevails over standard terms of our Privacy Policy.

In this Policy, we refer to two types of user information: Identified Personal Data and Non-Identified Personal Data.

Identified Personal Data (IPD) refers to any information that can be used to uniquely identify, contact, or locate you. Examples of Identified Personal Data include a name, physical address, e-mail address, telephone number, date of birth, or credit card number.

The Company collects only the IPD that you voluntarily provide to us, such as when you register to use the Services, set up a profile, create content, sign up for a special offer, enter a sweepstakes or promotion, upgrade your Services, or complete a survey. If you purchase products or subscribe for paid services, you might also be asked to provide your credit card and related information for billing purposes.

Non-Identified Personal Data (NIPD) refers to additional information about yourself that does not, itself, specifically identify you, that you might also be asked for, or choose to provide. However, some information of this kind, such as your age, gender, geographic location and shopping preferences may be required (or merely requested) when you register for the Services and may be associated with your IPD.

Company may also automatically collect other types of NIPD as you use the Services, including technical information (such as your internet protocol (“IP”) address, mobile device ID, or browser type) and usage information (such as location data, preferred language, the parts of the Services you have visited, which links you have clicked and other information about how you interact with the Services).

Both IPD and NIPD are personal data in the meaning of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (GDPR).

1. Who controls your personal data?

We, the Company as defined in the Privacy Policy, control your personal data. You can contact us at contact details provided at our website in the Contact section. You may reach RSVPify’s representative for the purposes of GDPR inquires (Maciej Gawronsk) by sending an email to gdpr@rsvpify.zendesk.com.

2. Purposes and basis for processing

Providing Identified Personal Data is required to allow us to provide you with Services. Your Identified Personal Data may be used in one of the following ways:

• To contact you regarding your account in performance of our contract or to provide pre-contractual information. These communications may include notices regarding changes to our policies, Service updates, account management procedures and customer Service transactional messages.
• To bill your credit card or other specified form of payment, in accordance with the Terms of Use – in performance of our contract, optionally.
• To e-mail you newsletters or tips about how to use the Services, inform you of product updates, or notify you about our own special offers or those of our third-party partners – pursuing our legitimate interest in marketing our Services.

Your Non-Identified Personal Data may be used in one of the following ways pursuing our legitimate interest in marketing and optimization of our Services:

• To enable us to generate aggregate data about site traffic and site interaction.
• To customize your experience (your information helps us to better respond to your individual needs).
• To show you advertisements most relevant to your demographic characteristics.
• To make improvements to the Website and Services.
• To inform potential partners and advertisers about the size and characteristics of our audience.

Company maintains internal logs of usage of the Services. Logs include NIPD information such as IP address, browser type and version, computer processing speed, connection speed, clickstream data, and computer operating system. Company uses logs mainly for its legitimate interests such as internal systems administration and diagnostic purposes, and to detect improper use of the site.

Logs may also be used by the Company pursuing its legitimate interest to generate aggregate, non-Personally Identified Data for advertisers or other third parties. The Company may collect such usage logs even if the App is not open on your device, or you do not have the Website open.

RSVPify complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. RSVPify has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.

We describe the categories of potential recipients of your personal data in our main Privacy Policy in the section titled “Do we disclose any information to other parties?”.

Due to use of social media and other third-party plug-ins, pages or third-party services and integrations (e.g. for authorization or localization purpose) we may disclose information about your browser, activity, localization to other entities in order to fulfill your requests, or to provide services that you have requested.

4. How secure is your personal information?

The security of our user data is very important to us. We store your information securely in a globally leading cloud services infrastructure provider, using industry-compliant encryption technology. When you enter sensitive information (such as a credit card number) on our web forms, we encrypt the transmission of that information using secure socket layer technology (SSL).

5. How long do we retain your personal information?

The retention period of collected information depends on the type of information and the reasons why we collect it.

Primary retention. Your account information is retained while your account is active, unless you submit a request to us to delete the information or close your account, in which case some information may still be retained for a reasonable time up to 180 days post closing in case you decide to re-activate your account.

We may also retain some information we believe in good faith is necessary for legal and regulatory compliance, research and development, business matters, and improvement of our Services, in which case we would anonymize and encrypt such information until complete deletion.

Further, some information may be retained if it is contained in system logs, deleted emails or electronic documents which are archived by our company in compliance with our standard archival processes but which, in the ordinary course of operations, are not accessible by the individuals who created or received such emails or documents. We intend to keep such archives for a period not to exceed 10 years from the end of the calendar year in which they were created.

Please, be advised that if you request that we delete your information or close your account, some of the information you shared through the Services may still be accessible by those users with whom you shared it, as since you shared that information with them, it has become theirs as well.

In case your information is needed for a specific legal proceeding, we may keep such information as long as the proceeding in question is ongoing.

6. Your Rights

You have the right to:

1. request access and copies of your personal data, unless it would adversely affect the rights and freedoms of others;
2. request to have your information rectified if it is inaccurate or incomplete;
3. request we erase your personal data in certain circumstances;
4. request restriction of processing of your personal data in certain circumstances;
5. request to receive your data you have provided to us based on your consent or a contract, in a structured, commonly used and machine-readable format or request that we transmit said data to another controller;
6. to object to processing of your personal data if we are relying on a legitimate interest in case you are in a particular situation or if we are processing your information for direct marketing purposes;

Right to withdraw consent. If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time, but this will not affect any processing of your data that has already taken place. If you exercise this right, we may keep minimum information about you (for example, on a so called “Robinsons list”) as necessary for our and your legitimate interest to ensure your opt out choices are respected in the future and to comply with data protection laws.

To exercise your rights please contact us at gdpr@rsvpify.zendesk.com. However, please note that we may not be able to provide some or all of the Services without some necessary data collected from you.

Right to lodge a complaint with the data protection authority. If you believe that our processing of your personal data infringes upon your rights under GDPR, you may lodge a complaint with the data protection authority in the member state of European Union of your habitual residence, place of work or place of the alleged data infringement.

7. Children’s Personal Data

We do not knowingly collect Personal Data from children under the age of thirteen (13). If you are under the age of thirteen (13), please do not submit any personal data through the Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide personal data through the Services without their permission. If you have reason to believe that a child under the age of 13 has provided personal data to us through the Services, please email us at gdpr@rsvpify.zendesk.com and we will endeavor to delete that information from our databases.

If you are under the age of 16, your legal parent or guardian must provide us with consent to allow us to process your personal data.

8. Do we use cookies or other forms of tracking?

Cookies are small files that a website or one of its service providers transfers to your computer’s storage device via your Web browser (if your browser is configured to permit this) that enable its systems to recognize your browser and store certain information. We use “cookies” to collect information and improve our Services. We may use “persistent cookies” to save your user ID and password for future logins to the Service. We may use “session ID cookies” to enable certain features of the Service, to better understand how you interact with the Service and to monitor aggregate usage and web traffic on the Service.

Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to your computer and can only be read by a web server of the website that issued the cookie to you.

We use necessary cookies required to perform our Services and offer certain functionalities, as well and analytics and targeting cookies, when we have your consent to collect and use them.

Categories of cookies.

1. Necessary cookies. Strictly necessary cookies are strictly necessary to provide you with the Services. The information collected through these cookies is used only for the purpose of providing you with the Services and is never shared with third parties.

You cannot refuse those cookies. You may block or delete them by changing your browser settings, but you may not be able to use Services or Application features, and in some cases the RSVPify website simply will not perform.

1. Preferences cookies. Functional cookies allow us to remember the choices you make and provide enhanced, more personal features. Examples include your username, language, region, customizations, and prior purchase history. The information collected through these cookies is used for this purpose only and is never shared with third parties.
2. Performance & Statistic. We work with third parties who use cookies to collect data that helps us understand how people are using our site. We use this information to identify improvements we can make to the user experience.
3. Marketing &Targeting. We work with third parties who use cookies to collect information about the pages, links, and other sites that you visit. These cookies are used to deliver advertisements that are more relevant to you and your interests across the internet. The information collected by these cookies will be used to track visits and actions on our site, as well as to deliver reporting and analytics to us and our partners. You can opt out of targeted advertising associated with our Website by clicking opt out of (useful links below), which will block targeted ads on the web browser or device you are on.

The following cookies are used:

• Facebook (https://www.facebook.com/policies/cookies/)
• Google Maps (https://policies.google.com/technologies/types?hl=en)
• Google Analytics (https://policies.google.com/technologies/partner-sites?hl=en)
• Twitter (https://help.twitter.com/en/rules-and-policies/twitter-cookies)
• Pinterest (https://policy.pinterest.com/en/privacy-policy)
• Intercom (https://www.intercom.com/legal/privacy)
• LinkedIn (https://www.linkedin.com/legal/privacy-policy)

How can I control cookies?

All browser technologies enable you to manage the cookies in the cookie folder of your web browser. This means that you can either delete cookies from your cookie folder once you have finished your visit at our website or you can set your preferences with regard to the use of cookies before you begin browsing our website. Please note, as stated above, that deleting or rejecting cookies may adversely affect your user experience of our website.

You can find further information at:

• Google
• Firefox
• Windows
• Safari

To control privacy settings within mobile applications, please visit the privacy settings of your Android or iOS device and select “opt-out of interest based ads” (Android) or “limit ad tracking” (Apple iOS).

Where can I find more information about cookies?

If you want to learn more about cookies or how to control, disable or delete them, please visit www.aboutcookies.org for detailed guidance. In addition, certain third-party advertising networks, including Google, permit users to opt out of or customize preferences associated with your internet browsing. To learn more about this feature from Google https://adssettings.google.com/u/0/authenticated?hl=en

You can also learn more about targeting and retargeting for advertising, and about how to turn this feature off, by visiting www.networkadvertising.org, or in the case of those residing in the EU or UK, by visiting http://www.youronlinechoices.com.

Tracking technologies

Cookies are not the only way to recognize or track visitors to a website. Web beacons (sometimes called “tracking pixels” or “clear gifs”) are tiny graphics files that contain a unique identifier that enable us to recognize when someone has visited our or taken an action in relation with Services. We also facilitate our third -party platforms ability to learn more about your interest in their event at their request through their use of these tracking pixels on our Services.

9. How to refuse tracing technologies? In many instances, these technologies are reliant on cookies to function properly. As a result, declining cookies will impair their functioning. Where to look for more information?

You may find more information on the way we process your information in our main Privacy Policy.