In order to ensure that this policy reflects current legislation we may issue updates to it from time to time. You will receive notice of such changes and be asked to confirm your agreement to such changes that we deem necessary to protect our users interests.
2. Controlling Entity
Which Cloud4Events group company is responsible for the collection and processing of your personal data in connection with the provision of the Services (the Controlling Entity) depends on how you use our Services. Initially, all registrations will be via our UK based Cloud4Events Ltd company and therefore will be governed by the laws of England. As further companies in the Cloud4Events group are launched we may inform you of changes to the Controlling Entity relevant for you and your data. We will not alter your Controlling Entity without informing you in advance.
2.1 Use of the Services
2.2 Use of the payment services for sellers
3. Data protection officer and contact
4. What personal data we collect and process
We collect your personal data when you use our Services, create a new Cloud4Events account, provide us with information via a web form, add or update information in your Cloud4Events account, participate in online community discussions or otherwise interact with us. We also collect personal data from other sources (such as other Cloud4Events Inc. corporate family members, credit agencies or bureaus, and other data brokers).
5. Purposes and legal basis for data processing and categories of recipients
We process your personal data for various purposes and based on several different legal bases that allow this processing. For example, we process your personal data to provide and improve our Services, to provide you with a personalised user experience on this website, to contact you about your Cloud4Events account and our Services, to provide customer service, to provide you with personalised advertising and marketing communications, and to detect, prevent, mitigate and investigate fraudulent or illegal activity.
6. International data transfers
Some recipients of your personal data are located outside your country or have offices in countries where data protection laws may provide a different level of protection than the laws in your country. When transferring personal data to such recipients, we provide appropriate safeguards.
7. Storage duration and erasure
Subsequently, we will delete your personal data in accordance with our data retention and deletion policy or take steps to properly render the data anonymous, unless we are legally
obliged to keep your personal data longer (e.g. for legal compliance, tax, accounting or auditing purposes).
In Europe, the retention periods are generally between 6 and 10 years (e.g. for contracts, notifications and business letters). As far as legally permissible or required, we restrict the processing of your data instead of deleting it (e.g. by restricting access to it). This applies in particular to cases where we may still need the data for the execution of the contract or for the assertion of or defence against legal claims, or where such retention is otherwise required or permitted by law. In these cases, the duration of the restriction of processing depends on the respective statutory limitation or retention periods. The data will be deleted after the relevant limitation or retention periods have expired.
8. Rights as a data subject
Subject to possible restrictions under national law, as a data subject, you have the right to access, rectification, erasure, restriction of processing and data portability with regard to your personal data. In addition, you can withdraw your consent and object to our processing of your personal data on the basis of our legitimate interests. You can also lodge a complaint with a supervisory authority.
Exercising your rights and managing your settings
9. Cookies & similar technologies
10. Data security
We protect your personal data through technical and organisational security measures to minimise risks associated with data loss, misuse, unauthorised access and unauthorised disclosure and alteration. To this end, we use firewalls and data encryption, for example, as well as physical access restrictions for our data centres and authorisation controls for data access.