Privacy Policy - Attendee

Updated 2024-01-22

1. General information

   We are Confetti Technology AB, company registration number 556964-6465, with registered address at Svartmangatan 9, 111 29 Stockholm, Sweden (“Confetti” “we” or “us”).

   Our business is to provide a service where individuals and businesses can create event websites, invite guests, manage registrations and sell tickets.

   In this document (the “Attendee Privacy Policy”) we provide information on how we collect, use and process personal data about you (the “Attendee”) when you sign up to participate in an event which is created through our service.

   The organizer of the event (i.e., our customer) is the data controller of your personal data. We are processing your personal data and providing this information on behalf of the organizer and in accordance with the data processing agreement we have entered into with the organizer.

   All definitions in this Attendee Privacy Policy shall be interpreted in accordance with applicable data protection laws which refers to the General Data Protection Regulation (the “GDPR”) and the Directive on Privacy and Electronic Communications (Directive 2002/58/EC), as well as the national implementations and related national legislation.

2. Processed data

   In the table below, we have set out details about the processing of personal data related to you as an Attendee.

   The personal data is collected directly from the Attendee though the sign-up procedure.

   Personal Data	Purpose	Retention
   First name and last name Email address Company Payment details (bank account and personal identification number) Other information which may be required due to the nature of the booking which you are asked to provide	To manage your registration To communicate with you and to enable the organizer the event to communicate with you To receive payment from you and transfer it to the organizer To invite you to future events	The retention period is set by the organizer of the event.	Fulfilment of contract. Your personal data is processed to be able to provide the services to you in accordance with the agreement entered into with the organizer of the event.

3. Disclosure of personal data

   1. We use certain service providers who we will share your personal data to. You can find an up-to data list of these service providers here .
   2. In addition, personal data about you as an Attendee will be shared with other participants and the person or company arranging the event.
   3. Your information may be transferred outside the EU/EEA as some of our service providers are located outside EU/EEA, but only to a country deemed adequate by the European Commission or if we have a transfer mechanism in place in accordance with the legislation of the European Union. Please contact us for further information regarding such transfer.
   4. When using the Website or our services you may be directed to other websites where the personal data collected is outside of our control. The privacy policy of the other website will govern the personal data obtained from you on that website.
   5. We have a payment gateway where a third-party payment service provider will manage your payment. When you submit payment, you also accept the separate terms of the payment provider relating to privacy.
   6. If parts or all assets or shares of Confetti are acquired, user information is likely to be one of the business assets that transferred to the new owner.

4. Responding to legal requests and preventing harm

   We may access, preserve and share your personal data in response to a legal request (like a search warrant, court order or a subpoena or the like), or when necessary to detect, prevent and address fraud and other illegal activity, to protect ourselves, you and other users, including as part of investigations.

5. Cookies, pixels and other system technologies

   The cookies of each event site depends on choices made by the event organizers themselves. The minimal setup is show in this cookie policy. For the full list of cookies used on a specific event site, please see the cookie policy linked in the footer.

6. Retention

   We store your personal data as long as necessary in order to fulfil the purposes for which it was collected according to this Attendee Privacy Policy or as long as we have legal grounds to do so and as set out in the table above. We may also keep anonymous versions of your data and process it for statistical purposes indefinitely as it will no longer constitute personal data.

7. Children

   The Services are not directed to persons under the age of 13. If you are a parent or guardian of a person under the age of 13 and you become aware of that the child has provided personal data to us without your consent, please contact us via the contact details set forth in section 10 to exercise your access, rectification, erasure, limiting of processing and objection rights.

8. Links to other sites and social plugins

   Our website uses social plugins from social networks. If you click on one of the buttons, a new window of your browser opens, and the page of the respective social network is opened. On that site, you can login, press like or share button etc. When clicking on plugin links or other links on our website or in newsletters, the collection of personal data is outside of our control. The policy of the other website will apply for the personal data obtained from you on that website.

9. Your rights

   1. You have an absolute right to object to the processing of your personal data for direct marketing. You also have the right to recall your prior given consent. The withdrawal of your consent does not affect the lawfulness of the processing based on the consent before its withdrawal, and we may continue processing your personal data based on other legal grounds, except for direct marketing.
   2. You have the right to request access and further information concerning the processing of your personal data, or request that we correct, rectify, complete, erase or restrict the processing of your personal data. You have the right to obtain a copy of the personal data that we process relating to you free of charge once (1) every calendar year. For any additional copies requested by you, we may charge a reasonable fee based on administrative costs.
   3. If the processing is based on the legal grounds consent or fulfilment of contract you have the right to data portability. Data portability means that you can receive the personal data that you have provided to us, in a structured, commonly used and machine-readable format, and have the right to transfer such data to another data controllers.

10. Contact information

    11. We have created a feature where you can delete your personal data yourself in relation to an event you have signed up to. Please visit the event site and click on the section called “data”. You can of course also choose to contact us as described below if you prefer.
    12. To exercise your rights, or if you have any questions regarding our processing of your personal data, please contact us at the following address support@confetti.events or Confetti Technology AB, Svartmanagatan 9, 111 29 Stockholm, Sweden. In your letter/email please state your full name. Note that you should sign the request to receive information of the processing of your personal data yourself.
    13. If you have any complaints regarding our processing of your personal data, you may file a complaint to the competent data protection authority. You can find out more about the local data protection authorities under the following link http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm .

11. Notice of changes to the Privacy Policy

    If we make changes to this Privacy Policy, we will notify you through our Website. If your consent is required due to the changes, we will provide you additional prominent notice as appropriate under the circumstances and, ask for your consent in accordance with applicable law.