Privacy Policy

1. Introduction

Your privacy and protection of your personal data is very important for us. Eventora is a platform for event management and provision of digital services, developed and operated by our company “Awapai Ltd.” registered in Athens, Greece. We provide our services through our websites and apps for personal computers, portable devices, and smartphones (“Eventora platform”).

2. Personal Data Collection

We collect and process your personal data with your consent, which you may revoke at any time. See the "Your Rights" section of this policy for more information. The processing of your personal data may be based on other legal basis, such as the execution of a contract, the protection of our legitimate business interests and compliance with legal obligations.

We collect personal data when: 

  • You create an account on our platform to use our services, create web pages for events, send invitations, get registrations, sell tickets, create questionnaires, manage your events and more. To describe this role, we use the term “Organizer”.
  • You use our platform to register for events, buy tickets, respond to invitations, schedule, and participate in meetings, answer questionnaires, watch online events and interact in events. To describe this role we use the term “Attendee”.
  • You create an account on our platform to use services such as accessing your tickets online, your certificates of attendance, your meeting schedules, and more.
  • You visit our platform to learn about our services, contact us, search for and find information for events.  
  • You participate in surveys and contests.
  • You contact us for technical support, questions, or complaints.
  • You subscribe to our newsletter services. 

We also collect and process information in automated manner, using cookies and server logs, Technical Data for the device you use, your visits to our webpages and your usage of our services. You can find more information in the Cookies declaration statement below.

GDPR defines the roles of a) “Data Controller” when a company/organization processes personal data for their own purposes, and b) “Data Processor” when they process personal data on behalf of other companies or organizations. Eventora is a Data Controller and a Data Processor:

  • If you create an Eventora account as an event organizer or as an event participant, Eventora is a Data Controller of the personal data you enter for your Eventora account. Eventora is also a Data Controller of the personal data of how event organizers and event participants use our services.
  • When you register to an event of an event organizer or when you use event digital services, for example when you complete an event evaluation survey, when you complete an event registration form, when you answer a questionnaire, Eventora is the Data Processor of the personal data, on behalf of the event organizer, who is the Data Controller.

3. Personal data we process

We process personal data of the following categories:

  • User information: name, surname, email address. Optionally you can provide you address, phone number and a picture or a photo of you.
  • Contact info: name, surname, email, address, phone number.
  • Your preferences, including your preferences for events and your answers to our questionnaires.
  • Information about how you use our platform and services. For example, which pages you visit and which services you use.
  • Marketing info, including your preferences for marketing newsletters (if you have opted-in)
  • Technical data, including your Internet Protocol address (IP), type and version of operating system and browser, time zone and location settings, type of device and technologies supported by the device.
  • Invoicing information (for event organizers): company, address, phone, profession, VAT number.
  • Transaction information (for event organizers): details of the transactions you have made with us.

When you pay with your credit or debit card, card data are collected by the bank or payment institution that the event organizer uses. We do not store card information in our servers. 

We collect, process, and publish aggregated data. Aggregated data can be generated by processing of your data; however, aggregated data are not personal data as they do not expose, directly or indirectly, your identity.  For example, we generate statistical data about the usage of our services.

4. How we use personal data

4.1 Purposes and lawfulness of processing 

 Function / Purpose Personal Data Lawfulness
 Creating an Eventora accounta) User informationPerformance of a contract with you (to access our platform and provide our services to you)
For participants: event registration, use of event digital services and communication (for example, sending registration confirmation to you).

a) User information

b) Contact information

a) Performance of a contract with you.
b) Legitimate interests(to provide you the services)
For organizers: Provision of event management services, provision of digital services for events

a) User information
b) Contact information
c) Invoicing information
d) Transactions information

a) Performance of a contract with you
b) Legitimate interests (to provide you the services, to invoice you)
To manage our relationship with you:
a) Use of platform and our services
b) Communication for terms of use and privacy policy updates
c) Technical support and management of complaints
a) User information
b) Contact information
c) Preferences data

a) Performance of a contract with you
b) Legitimate interests (to provide you the servicesς
c) Compliance with law and legal obligations

For marketing communication, for example promotion of events and serices.a) Contact information
b) Preferences data
c) Marketing information

With your consent
To participate in a survey or evaluate our servicesa) Contact information
b) Preferences data
c) Technical data
Legitimate interests (to improve our services)
To manage our services and the security of our platform (including resolving operational issues, support, reporting).a) User information
b) Contact information
c) Technical data
a) Legitimate interests (to ensure operation of our systems and services, for security reasons and fraud prevention, to better organize our services)
b) Compliance with law and legal obligations.
Analysis of statistics to improve our platform and services, for marketing and improving the user experiencea) Technical data
b) Information about use of platform and services 
Legitimate interests (to improve our platform and services, to improve our marketing policy)

As a participant, when you register to an event or participate in event digital services, the event Organizer is the Data Controller of personal data you provide for the event registration and when you participate in an event digital service, and the information about your event registrations and tickets you have bought for the organizer’s events. The Organizer as the legal requirement to inform you and ask you to accept his terms and his privacy policy when you register to Organizers’ event. For every question or request about how your personal data is used by the Organizer, consistency, deletion you can contact the Organizer directly by using the option “Contact Organizer” at event page, or by using other contact info and method he informs you about. You can also contact us at privacy[at]eventora.com and we will forward your question or request to the Organizer. In some cases, Organizers use our platform tools to communicate with their own mailing list, which might include participants of Organizer’s past events. In these cases, Organizer is responsible for sending the emails and it is required to comply to data protection and anti-spam laws. You can contact the Organizer and request to delete you from the mailing list (opt-out). If you believe that the Organizer does not comply to data protection and antispam laws, please contact us at privacy[at]eventora.com.

4.2 For how long we keep the data

We keep the data for as long as needed to provide our services or for other important reasons, as for example, to comply to tax regulations or other legal requirements.
If you ask us to delete your account, we will delete it in up to 10 days, except if there is a legal requirement not to do so.
If you are an Organizer, we might keep your contact, invoicing, and transactions info for as long as required by law and tax regulations.

4.3 Transfer of data

When you register to an event or participate in event’s digital services, we process your personal data on behalf of the Organizer, who is the Data Controller. Organizer has access to this data and process them in accordance with Organizers’ privacy policy. 

We do not transfer your personal data to third parties, unless it is necessary for the purposes described in this privacy policy.

For event participants: If you choose to pay with a credit/debit card or payment code, we transfer to the Bank or Payment Institution that the Organizer uses, required data for the transaction, usually name, surname, e-mail, address, country, amount. 

For Organizers: If you choose to pay for our services with a credit/debit card or payment code, we transfer to the Bank or Payment Institution that we use, required data for the transaction, usually name, surname, e-mail, address, country, amount. 

As we develop our company, we might be acquired by or merged with another company. In this case the personal data might be transferred to this company or to a new entity, in accordance with this Privacy Policy and GDPR. 

We may also disclose information to the Authorities if necessary, to comply with a law, regulation, legal procedure, to detect, prevent and deal with fraud, security, and to protect the rights, property, and security of Eventora, our users and the public interest in accordance with the laws.

We may provide information and data in aggregate form, in a manner that does not disclose the identity of our users, our partners or the public, for statistical, research or advertising purposes. For example, we can cite public data to show how our services are used.

We assign specific processing tasks with specific instructions to other processors (Data Processors), who meet the requirements and comply with the General Regulation of Personal Data Protection (GPD).

Such functions are, for example, the operation of our software systems in cloud computing infrastructure, the sending of e-mail and SMS, the operation of customer management and marketing (CRM) systems and pricing and management systems, for the provision of marketing services and service management. We select sub-processors after taking into account their compliance with the GPA and their binding corporate data protection policies. For processing, data may need to be transferred to other countries, mainly within but in some cases outside the European Economic Area.

Sub-Processors

For providing platform services:

  • Amazon Web Services (Data centers in EU - Ireland, France). Servers/Data Center infrastructure, email services, SMS services, streaming services)
  • Sendgrid (USA) (email services)
  • Stripe (EU, Ireland) Payment system
  • Seats.io (EU, Belgium) Seating services

For company functions:

  • Zoho (EU, Netherlands). Customer support and invoicing
  • Bitrix24 (EU, Germany) Customer relationship management

4.4 Data Security

Χρησιμοποιούμε τα κατάλληλα τεχνικά και οργανωτικά μέτρα για την προστασία και την ασφάλεια των δεδομένων σας, που περιλαμβάνουν: ασφαλή πληροφοριακά και δικτυακά συστήματα, έλεγχο και περιορισμό φυσικής πρόσβασης, ελεγχόμενη ηλεκτρονική πρόσβαση, επίπεδα πρόσβασης, εκπαίδευση προσωπικού, χρήση ασφαλών πρωτοκόλλων για κρυπτογράφηση δεδομένων, κ.ά.

5. Cookies

Τα cookies είναι μικρά αρχεία που αποθηκεύονται στη συσκευή σας όταν επισκέπτεστε δικτυακούς τόπους. Κατηγοριοποιούνται ως εξής:

  • Necessary
    They are necessary and used for the operation of our services.

  • To save preferences
    They are optional and improve the user experience.

  • Statistics (Analytics)
    They are used to understand how our services are used, how effective marketing campaigns are and to tailor the services to your preferences..

  • Marketing (social media and advertising)
    They are used for targeted advertising by third party providers and social networks, even when you visit other websites. These include cookies from Google, Facebook, LinkedIn, etc.

Cookies Management
You can view more information and manage the cookies you accept or discard on the page: Cookie settings
You can also delete cookies from your browser settings as well as ask third parties, such as Google, Facebook, LinkedIn, etc. to opt out of their cookies, through their websites.

6. Your rights – Contact info

For any questions and comments and to exercise your rights for the data that the Organizer is a Data Controller (for example, the personal data you submit when registering for an event), you can contact the Organizer via the "Contact the Organizer" option on the page of the event or by other means of communication that makes available to you. Alternatively, you can contact us at privacy [at] eventora.com and we will forward your question or request to him.

For any questions and comments regarding the protection of your personal data as well as to exercise your rights for the data that Eventora is a Data Controller, as well as for any questions or comments regarding the privacy policy, you may contact us by email at privacy [at] eventora.com

Your rights

According to the legislation and the General Regulation of Personal Data Protection you have the right to information about your personal data, to access it, to receive copies of them, to correct and update them. You can also request their deletion or restriction on editing.

You can contact us to explain the data we hold about you and the exact way is processed.

You can request a copy of your personal data (right of access).

You can request to delete your details (right of deletion).

You can request to suspend the processing of your personal data or to oppose it for reasons that concern you (right of objection).

You can remove your opt-out from the list of marketing communication recipients (restriction right).

You have the right to appeal to the Personal Data Protection Authority of your country for issues related to the processing of your personal data.

7. Changes

We may make changes to your privacy policy, always in accordance with the law and GDPR. We encourage you to visit this page for information and updates.

Updated: January 10, 2021