This Privacy Policy explains our privacy practices for the activities described herein. Please read this Privacy Policy carefully to learn how we collect, use, share, and otherwise process information relating to individuals (“Personal Data”) that we gather on the subdomains and websites of www.eventcreate.com (the “Websites”). We may collect this information from you when you become a Customer, contact us to obtain more information, or use our online platform and services (“Services”). This Privacy Policy will also inform you of your rights and choices regarding your Personal Data.
A reference to “EventCreate,” “we,” “us,” “our” or the “Company” is a reference to EventCreate, LLC and its relevant affiliates involved in the collection, use, sharing, or other processing of Personal Data. A reference to “you,” “your,” or “yours” means, depending on the context, Website Visitors, Customers, or End Users, as defined in Section 1, below.
Please visit the following links to learn more about our Privacy Policy:
1. Whose Personal Data We Collect
2. What Data We Collect
3. Purposes for Which We Process Personal Data
4. Who Do We Share Personal Data With?
5. How We Respond to ‘Do Not Track’ and Other Opt-out Signals
6. Cookies, Web Beacons and Other Tracking Technologies
7. Privacy Rights & Additional Disclosures for Certain U.S. Residents
8. Privacy Rights & Additional Disclosures for EEA, UK & Swiss Individuals
9. How to Exercise Your Rights
10. Data Security and Retention
11. Children
12. Privacy Policy Updates
13. Contact Us
We obtain Personal Data from various entities. These entities are defined below by what they are referred to in this Privacy Policy, and when information is collected. Entities may overlap and are not exclusive categories.
This Privacy Policy does not apply to the extent we process Personal Data in the role of a processor or service provider on behalf of our Customers, including where we offer to our Customers various software products and services through which our Customers (or their affiliates) collect, use, share or process Personal Data via our Services.
For detailed privacy information related to a EventCreate Customer or a Customer affiliate who uses the EventCreate software products and Services as the controller, please contact our Customer directly. We are not responsible for the privacy or data security practices of our Customers, which may differ from those explained in this Privacy Policy.
Third Party Links and Websites. Our Websites and Services may contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any data to these websites.
Information You Give Us. You may give us information by signing up for an online account, entering information through our online forms or surveys, inputting information while using our Services, or contacting us through our online platform, phone, or email for customer service.
The categories of information include:
The categories of sensitive information include:
If you provide us or our service providers with any Personal Data relating to other individuals, you represent that you have the authority to do so, and, where required, have obtained the necessary consent, and acknowledge that it may be used in accordance with this Privacy Policy. If you believe that your Personal Data has been provided to us improperly, or want to exercise your rights relating to your Personal Data, please contact us by using the information in the “Contact Us” section below.
Information We Collect from Third Parties. If you access our Websites through third parties (e.g. Facebook or Google), or if you share content from our Websites or Services to a third-party social media service, the third-party service and your account settings may allow such sharing. The information we receive will depend on the policies and your account settings with the third-party service.
Information We Collect Automatically. We use common information-gathering tools, such as cookies, web beacons, pixels, and similar technologies to automatically collect information that may contain Personal Data as you navigate our Websites, our Services, or interact with emails we have sent to you.
We collect and process your Personal Data for the following purposes:
If we need to collect and process Personal Data by law, or under a contract we have entered into with you, and you fail to provide the required Personal Data when requested, we may not be able to perform our contract with you.
Marketing. We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all of these communications from us by following the unsubscribe instructions provided in any email we send, by replying or texting ‘STOP’ if you receive EventCreate SMS communications, or you can contact us using the contact details provided in the “Contact Us” section below. You will still continue to receive service-related messages concerning Services you have purchased (unless we have indicated otherwise).
We may share your Personal Data with the following:
Aggregated Data. We may also aggregate or otherwise strip information of all personally identifying characteristics and may share that aggregated, anonymized data with third parties or publish it. We reserve the right to make use of any such aggregated data as we see fit. We commit to maintaining and using the information in deidentified form, and not to attempt to reidentify the information, except for the sole purpose of determining whether its deidentification processes satisfy the requirements of deidentification.
Do Not Track (DNT) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. We do not recognize or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT.
California and certain other U.S. state residents may opt out of tracking technologies by broadcasting an Opt-Out Preference Signal, such as the Global Privacy Control (GPC) (on the browsers and/or browser extensions that support such a signal). To download and use a browser supporting the GPC browser signal, visit the following link: https://globalprivacycontrol.org/orgs.
If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use. Your request to opt-out of sale/sharing will be linked to your browser identifier only and not linked to any account information because the connection between your browser and the account is not known to us. If you would like us to make the connection between your browser and your account, and you have not yet opted out of sale/sharing your Personal Data, please contact us at [email protected].
To make our Websites and Services work properly, we sometimes place small data files called cookies on your device. A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, shopping cart, or other preferences) over a period of time, so you do not have to keep re-entering them whenever you come back to the site or browse from one page to another. To learn more, please see our Cookie Policy.
Google Analytics. We may use Google Analytics. We use the information we get from Google Analytics only to improve the Websites. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Please refer to Google’s Privacy Policy for more information. You may also choose to download the Google Analytics opt-out browser add-on.
You may wish to restrict the use of cookies. Please be aware that some of the features of our Websites may not function correctly if you disable cookies. Most modern browsers allow you to change your cookie settings. You can usually find these settings in the options or preferences menu of your browser. To understand these settings, the following links for commonly used browsers may be helpful:
Personalized Advertising. We may also use targeted advertising cookies, such as Google Ads, to deliver tailored advertising on our Websites and Services. You can learn more about how to control advertising cookies by visiting the Network Advertising Initiative’s Consumer Opt-Out link, the DAA’s Consumer Opt-Out link for browsers, or the DAA’s opt-out link for mobile devices. You may also opt out of measurement services and targeted ads at websites such as http://www.aboutads.info/choices and http://www.youronlinechoices.eu/.
Please note that electing to opt-out will not stop advertising from appearing in your browser or applications and may make the ads you see less relevant to your interests.
Several jurisdictions grant state residents certain rights and disclosures. You may have certain rights relating to your Personal Data, subject to local data protection laws. If you would like to exercise any rights or inquire as to whether such rights are available to you, please email us at [email protected].
Request for Information. Residents of certain U.S. states have the right to know whether we are processing your Personal Data, and in some instances, you have the right to request that we disclose to you the categories listed below for the preceding 12 months. We have the right to request verification of your identity for all requests for information. In responding to this right, we shall provide to you:
Request for Deletion. Residents of certain U.S. states have the right to request we delete your Personal Data.
Request for Correction. Residents of certain U.S. states have the right to request the correction or rectification of inaccurate information in the resident’s Personal Data.
Request for Portable Data. Residents of certain U.S. states have the right to receive, in certain circumstances, a portable format of their Personal Data that allows the data to be transmitted to another entity.
Opting Out of Cookies and Sale/Sharing Using Online Tracking Technologies. Our use of online tracking technologies may be considered a “sale”/“sharing” under applicable law. Residents of certain U.S. states may have the right to opt out of being tracked by these third parties by clicking the Privacy Choices link at the bottom of our Websites and selecting your preferences.
If you do not have a EventCreate account or if you are not logged into your EventCreate account, your request to opt out of “sale”/“sharing” will be linked to your browser identifier only and not linked to any account information because the connection between your browser and the account is not known to us.
Do Not Sell or Share My Personal Data. Residents of certain U.S. states have the right to opt out of the sale or sharing of the consumer’s Personal Data. You can exercise this right by visiting this link.
Limiting the Use of Sensitive Personal Data. Residents of California have the right to direct us to use or disclose sensitive Personal Data only for providing goods or services, or as otherwise minimally permitted under applicable law.
Third Party’s Direct Marketing. If you are one of our Customers, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Data to third parties for the third parties’ direct marketing purposes.
Automated Processing & Profiling. Residents of certain U.S. states have the right to opt out of the processing of Personal Data for purposes of profiling in furtherance of decisions that produce legal or similarly significant effects concerning a consumer.
Right to Equal Service & Price. You have the right to receive equal service and price, even if you exercise a privacy right.
Verification Process for Exercising Rights. To protect our consumers’ privacy, we verify privacy rights requests to ensure that only you (or your authorized agent, as applicable) can exercise rights pertaining to your Personal Data. As part of our verification process, we may request you to submit additional information.
If you are an authorized agent wishing to exercise rights on behalf of a state resident, please contact us using the information at the bottom of this Privacy Policy and provide us with a copy of the consumer’s written authorization designating you as their agent. We may need to verify your identity and place of residence before completing your rights request.
Appeal Process. In certain cases, we may decline to take action on your request as permitted by law. Should we decline your request, we may provide you with a written explanation of the reasons for our decision and, where required by applicable law, an opportunity to appeal these decisions.
If we deny your appeal, we may provide a written explanation of our decision and, where required by applicable law, instructions on how to contact your local Attorney General or Department of Justice for further review.
If you are from the European Economic Area (EEA), United Kingdom (UK), or Switzerland our legal bases for collecting and using your Personal Data is as follows:
If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Data, please contact us using the contact details provided in the “Contact Us” section below.
EEA, UK or Swiss Individuals’ Rights. If you are from the EEA, UK, or Switzerland, you have the right, under certain circumstances, to:
Right to Lodge a Complaint. If you have any issues with our compliance, you have the right to lodge a complaint with the appropriate supervisory authorities. We would, however, appreciate the opportunity to first address your concerns and would welcome you directing an inquiry to us via the information in the “Contact Us” section at the bottom of this Privacy Policy.
Data Privacy Frameworks & International Transfers of Data. We may transfer information from or about you or your devices to countries other than the country where you are located (including to the United States), which may not have the same data protection laws as your jurisdiction. For more information regarding our compliance with the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework to authorize these data transfers, please review the following disclosures.
EventCreate complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF (“UK-U.S. DPF”), and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) (collectively, the “DPF”) as set forth by the US Department of Commerce. EventCreate has certified that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of Personal Data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. EventCreate has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of Personal Data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles (collectively, the “DPF Principles”), the DPF Principles shall govern. To learn more about the, DPF program, and to view our certification, please visit https://www.dataprivacyframework.gov.
With respect to Personal Data received or transferred pursuant to the DPF, EventCreate is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the DPF Principles, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain Personal Data relating to you in the United States. Upon request, we will provide you with access to the Personal Data that we hold about you. You may also correct, amend, or delete the Personal Data we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the DPF should direct their query to [email protected]. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your Personal Data, please submit a written request to [email protected].
As explained in this Privacy Policy, we sometimes provide your information to third parties to perform services on our behalf. If we transfer Personal Data received under the DPF to a third party, the third party's access, use, and disclosure of the personal data must also be in compliance with our DPF obligations, and we will remain liable under the DPF for any failure to do so by the third party unless we prove we are not responsible for the event giving rise to the damage. We may be required to disclose Personal Data that we handle under the DPF in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
DPF Complaints Involving Personal Data We Process as a Controller. For EU, UK, and Swiss individuals with inquiries or complaints regarding our handling of Personal Data received or collected as a controller in reliance on the EU-U.S. DPF, the UK-U.S. DPF, and the Swiss-U.S. DPF, please first contact us at: [email protected].
If your DPF-related complaint cannot be resolved through this channel, EventCreate commits to refer unresolved complaints to JAMS DPF Dispute Resolution, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgement of your DPF Principles-related complaint from us, please visit https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. The services of JAMS DPF Dispute Resolution are provided at no cost to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See DPF Annex 1 at https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction.
To exercise your rights in Sections 7 or 8 above, please contact us by using the information in the “Contact Us” section below, specifying which privacy right(s) you wish to exercise. We may need to verify your identity to honor your request. Your Personal Data may be processed in responding to requests and fulfilling these rights.
Data Security. We implement a variety of security measures to maintain the safety of your Personal Data when you enter, submit, or access your Personal Data. However, no website, application, or transmission can guarantee security. Thus, while we have established and maintain what we believe to be appropriate technical and organizational measures to protect the confidentiality, security, and integrity of Personal Data obtained through the Website and Services, we cannot ensure or warrant the security of any information you transmit to us.
Retention. We may retain your Personal Data for a period of time consistent with the original purpose of collection (see Section 3 above) or as long as required to fulfill our legal obligations. We determine the appropriate retention period for Personal Data on the basis of the amount, nature, and sensitivity of the Personal Data being processed, the potential risk of harm from unauthorized use or disclosure of the Personal Data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation).
After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of or access to such data.
Our Websites are not directed at individuals under the age of 16. We do not knowingly collect Personal Data from children under 16. If you become aware that a child has provided us with Personal Data, please contact us using the contact details provided in the “Contact Us” section below. If we become aware that a child under 16 has provided us with Personal Data, we will take steps to delete such information.
We may change our Privacy Policy at any time. If we make material changes to this Privacy Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to periodically review this Privacy Policy to ensure you are familiar with the most current version. Please review carefully before submitting Personal Data to our Websites or Services. The date the Privacy Policy was last updated is indicated at the top of this page.
If you wish to contact us or have any questions about or complaints in relation to this Privacy Policy, please contact us by emailing us at [email protected].