01.01.2025

Data Policy for Organisers of events and communities with OnlineExpo

OnlineExpo was founded by event professionals, for event professionals. 

Organiser is the sole controller of the customer user data (including visitor and exhibitor user data) and any intellectual property (such as content or products) shared on the platform. 

The types of data our policy applies to includes:

Type of data	How we treat it
Customer User data	The Organiser is the sole controller of all identifiable user data, including name, email address, demographic data, as well as the taxonomy that is used for the event. Platform has no control of this data, and cannot use it for any marketing purposes outside the wishes of the Organiser. The Organiser can export all this data and remove it from our platform as they wish.
Content and intellectual property	The Organiser is the sole controller of all content shared within the platform, including presentations, news, on-demand content, exhibitor products and press releases. Platform has no control of content, and cannot use it in any purposes without express permission by the Organiser.
Platform Usage data	Platform and the Organiser are the co-controllers of the usage data generated by the platform. This is anonymous data regarding clicks and behaviour of users, and is anonymised for the sole purpose of making improvements to the platform itself.

When we run events with an Organiser we will typically use their own Data Protection Agreement (DPA) and Privacy Policy, rather than our own (detailed below)

Data Policy for users of onlineexpo.com website

This policy (together with our terms of use available) applies to your use of:

“OnlineExpo.com” website and for those organisers who do not have their own privacy policy, can also cover our web  and mobile application software, or any event-branded version of OnlineExpo’s web platform or mobile application once you have downloaded mobile application onto your mobile phone or handheld device (Device); and Any of the services accessible through on OnlineExpo Platform (Services).

This policy sets out the basis on which any personal data we collect from you, or that you or others provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. In particular, note that we will use your data to propose you as a match to other OnlineExpo users. This is based on the content of social media platforms hosting accounts you notify us of, and information provided to us by the organiser of an event for which you have registered and we have produced a branded version of OnlineExpo (“Organiser”).

For the purpose of data protection legislation:

• the data controller of usage data is onlineexpo.com platform. 
• The data controller of personally identifiable information is the Organiser who has deployed our platform and is identified in the privacy policy linked to or available in each instance of our web and mobile applications.

INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following data about you:

• Information you give us (Submitted information): You may give us information about you by completing your profile or filling in forms on Platform, or by corresponding with us (for example, by e-mail or chat). This includes information you provide when you register to use Platform, subscribe to any of our Services, search for another user, ‘handshake’ with another user, share data via Platform’s social media functions, enter a competition, promotion or survey, and when you report a problem with Platform. The information you give us may include your name, address, e-mail address and phone number, access to your LinkedIn, FaceBook or other social media account, the Device's phone number, your age, username, password and other registration information, personal description and photograph. It will also include the details of any event for which you have registered with an Organiser.
• Information we collect about you and your Device. Each time you use Platform we may automatically collect the following information:
  • Technical information, including the type of mobile device you use (model, manufacture and library version), a unique device identifier, mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting, (Device Information);
  • Information contained in your LinkedIn, FaceBook account (if you permit us to access them) or other account we ask your permission to access (Social Information);
  • Details of your use of Platform and the resources and features that you access, the users you are matched with (Log Information).
  • Information we receive from Organisers. We work with Organisers and may receive information about you from them, in relation to an event you have registered to attend. This information comprises the registration details you provided to the Organiser - for example, your name, email address, street address and demographic data. (Organiser Information).

If you contact us, we may keep a record of that correspondence.

Uses made of the information

We use information held about you in the following ways:

• Submitted Information: We will use this to help us provide you with Platform’s various features and personalise your experience; we will also use it to display your profile to other users, and propose you as a potential matches for other users. We also anonymise and aggregate the information such that it can no longer identify you as an individual. We do this for various purposes including research and improving our Services.
• Device information: We use this to better understand who uses Platform and quickly understand if bugs are related to specific phones.
• Social Information: We use this to build your profile and to help us decide which other users are good potential matches for you, and whether you are a good potential match for other users. We also anonymise and aggregate the information such that it can no longer identify you as an individual. We do this for various purposes including research and improving our Services.
• Log information: we use this to optimize and further develop Platform for the benefit of us and all our users. We also anonymise and aggregate the information such that it can no longer identify you as an individual. We do this for various purposes including research and improving our Services.
• Organiser Information: we use this to personalise your Platform experience in relation to the event you are attending, and to decide which other users to propose a match with. We may use an email address we receive from an Organiser for the purposes of sending you service messages regarding how to access and use Platform. We also anonymise and aggregate the information such that it can no longer identify you as an individual. We do this for various purposes including research and improving our Services.

We may associate any category of information with any other category of information and will treat the combined information as personal data in accordance with this policy for as long as it is combined.

If we have your consent, we may also use your personal data to provide you with marketing messages about other products and services we provide which may be of interest to you.

Also, we may provide various third parties (including Organisers) with anonymous aggregate information about our users (for example, we may inform them that delegates of a specific category have participated in at least one meeting during the event). This data will not identify you as an individual.

Our Legal basis for Processing Your Data

The legal grounds for processing your personal data are as follows:

• It is necessary for the performance of a contract to which you are a party, or to take steps prior to entering into a contract with you. Our Terms of Use sets out the basis of your use of the Services and the rules for using them.
• It is necessary for the purposes of our legitimate interests, except where our interests are overridden by the interests, rights or freedoms of affected individuals (such as you). To determine this, we shall consider a number of factors, such as what your expectations are about the processing of the data, the nature of the data, and the impact of the processing on you.
• In some cases, your consent (such as where we seek your consent to send you details of our products and services by email).
• It may be necessary for us to undertake processing in order to comply with mandatory legal obligations to which we are subject under EU law.

Disclosure of your information

We may disclose some or all of the data we collect from you when you download or use Platform’s services and applications to the following third parties:

• Organiser Information -  Organisers will receive activation data in respect of your email address – that is, whether or not you have successfully downloaded and registered on Platform.
• Social Information - Other users of Platform.

We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.

We may disclose your personal information to third parties:

• In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
• If Platform or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
• If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.
  
  In order to:
  • enforce or apply our Terms of Use and other agreements or to investigate potential breaches; or
  • protect the rights, property or safety of Platform, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

How long will we retain your data?

We will not retain your personal data for longer than is necessary in relation to the purposes for which the data was collected or otherwise processed. The criteria we use for determining this period data will be any legal or regulatory requirements, statutory retention periods or guidance provided by regulatory bodies such as the Information Commissioners Office. For example, we delete any personally identifying Log Data when you disable your Platform account, or 3 months after your last use of Platform. 

Security

We take security seriously and we use best industry practices to protect your data.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to or through Platform or the Services; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Platform includes chat features. Ensure when using these features that you do not submit any personal data that you do not want to be seen, collected or used by other users.

Automated Profiling

To assist us in providing an effective networking service, in addition to the data that you provide to us if you register, we may also obtain data from your usage of Platform to help us understand what you might be interested in, or who you might be interested in connecting with. This ‘profiling’ activity is powered by some intelligence in our software which makes calculations about potential preferences or requirements you might have about what you see in the application or who we think you might wish to connect with. There’s no consequence for you of this profiling other than improvements to what we suggest to you in Platform applications.

Marketing

You have the right to ask us not to process your personal data for marketing purposes. we will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. If you are using a third party-branded version of the App, this includes disclosure to the owner of, or companies doing business under that brand. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at hello@Platform.events.

Websites of others

Platform may, from time to time, contain links to and from the websites of others. If you are using a third-party branded version of Platform, this includes websites of companies providing services under that brand. If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these policies before you submit any personal data to these websites or use these services.

Disabling your Platform account

You can disable your account at any time in your personal profile, if you are member of the Platfrom. Please note that this will not remove your data across the all Data Controller's (i.e. Organiser), and you may need to repeat this procedure on other events with other Organisers where you have participated as each Organisers data is logically separated.

Transfers of data outside Europe

The information which you provide to us may be transferred to countries outside the European Economic Area (“EEA”) by Data Controller (i.e Organiser). These countries may not have similar data protection laws to those in the EEA. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. We currently use Amazon Web Services to help us manage our email communication.

If you use our Services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those Services.

Your Rights

You have a number of rights regarding our use of your data.

Upon written request, we will provide you with a copy of the personal data which we keep about you, subject to any exceptions under data protection laws (for example, if the data includes information about other people). We will respond to you within the time frame specified within the applicable data protection law, which is generally within one month of receipt of the written request. We will provide the information without charge, but we may charge a reasonable fee for the administrative cost of providing the information where the request for information is excessive.

You can require us to correct any mistakes in your personal data which we hold about you. You can request a copy of your information which we hold (this is known as a subject access request). To the extent required by data protection laws, we will provide you with a readable copy of the personal data which we keep about you. We will respond to you within the time frame specified within the applicable data protection law, which is generally within one month of receipt of the request.

You can ask us to stop contacting you for direct marketing purposes.

You have the right to restrict the processing of your personal data where: you contest the accuracy of the personal data; you have objected to our processing of your data, and we are considering your objection because we have said the processing is necessary for the purpose of our legitimate interests; the processing is unlawful and you do not wish for the data to be erased but require restricted processing of the data instead; or we no longer require your personal data but you require the data to establish, exercise or defend a legal claim.

You have the right to object to us processing your personal data where our legal basis for processing the data is for the purposes of our legitimate interests or for the performance of a task carried out in the public interest. We may refuse if there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the exercise or defence of legal claims.

Personal data deletion

You can require us to erase personal information we hold about you where: the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; you object to the processing and there is no overriding legitimate interest for us to continue the processing of the data; your personal data was unlawfully processed; or your personal data must be erased in order to comply with a legal obligation.

Should you wish to exercise these rights then you can write to us at gdpr@onlineexpo.com

Changes to the privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you when you next start Platform. The new terms may be displayed on-screen and you may be required to read and accept them to continue your use of Platform.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to gdpr@onlineexpo.com

Mobile App Legal Disclaimer

By using Platform you agree to the Licensed Application End User Licence Agreement provided by the Apple App Store and Google Play Store. If there are any questions regarding this please fill in the feedback form and we will get back to you quickly.

The mobile app does not collect any personal data. The purpose of the Mobile App is to control your access to the restricted event pages or the physical location of the event based on QR codes or personal login details.