Privacy Policy

1. Information We Collect

1.1 Event Organizer Information

When companies use EventPassport to manage their events, we collect:

• Company details (name, address, billing information)
• Account administrator information (name, email, phone, job title)
• Event details and configurations
• Custom badge designs and branding materials
• Attendee lists and registration data uploaded by organizers

1.2 Event Attendee Information

For individuals attending events managed through EventPassport:

Registration Data:

• Full name and contact information (email, phone number)
• Company/organization name and job title
• Professional profile information
• Dietary requirements and accessibility needs
• Registration preferences and session selections

Badge and Check-in Data:

• Digital badge information and QR codes
• Check-in timestamps and location data
• Self-service kiosk interaction logs
• Badge printing and download records

Event Interaction Data:

• Session attendance tracking
• Networking interactions and connections made
• Lead capture data when business cards are exchanged
• App usage analytics and engagement metrics

1.3 Technical Information

• Device information (type, operating system, unique identifiers)
• IP address and location data
• App usage statistics and performance data
• Email delivery and open rates for badge distribution

2. How We Use Your Information

2.1 Core Event Management Services

• Event Registration: Processing attendee registrations and managing event capacity
• Badge Generation: Creating personalized digital and printable event badges with QR codes
• Self Check-in: Enabling automated attendee check-in via QR code scanning
• Event Access: Verifying attendee credentials and managing access to different event areas
• Communication: Sending event updates, badge delivery emails, and important notifications

2.2 Lead Generation and Business Development

• Networking Facilitation: Enabling attendees to exchange contact information digitally
• Lead Capture: Recording and organizing business connections made during events
• Follow-up Communications: Providing organizers with attendee engagement data for post-event outreach
• Analytics and Reporting: Generating insights on event performance and attendee engagement

2.3 Platform Improvement

• Service Enhancement: Analyzing usage patterns to improve app functionality
• Technical Support: Troubleshooting issues and providing customer assistance
• Security: Monitoring for unauthorized access and protecting platform integrity

3. Legal Basis for Processing

In accordance with Ghana's Data Protection Act, 2012 (Act 843), we process your personal data based on the following lawful grounds:

• Contractual Necessity: To provide the EventPassport services you've requested and fulfill our obligations under service agreements
• Legitimate Interests: To improve our services, prevent fraud, ensure platform security, and conduct business operations where necessary and proportionate
• Consent: For marketing communications, optional networking features, and lead generation activities (which you can withdraw at any time)
• Legal Obligations: To comply with Ghana's Data Protection Act and other applicable laws and regulations
• Vital Interests: To protect the safety and security of event attendees when necessary

We ensure that all processing adheres to the eight data protection principles established under Ghana's Data Protection Act, including lawfulness, purpose specification, data quality, accountability, and data subject participation.

4. Data Sharing and Third Parties

4.1 Service Providers

We work with carefully selected third-party providers to deliver our services:

• Email Delivery Services: For sending digital badges and event communications
• Cloud Storage Providers: For secure data storage and backup
• Payment Processors: For handling subscription and event payment transactions
• Analytics Services: For app performance monitoring and improvement
• Security Services: For fraud prevention and platform protection

4.2 Event Organizers

When you attend an event, your registration and interaction data is shared with the event organizer to:

• Manage event logistics and communications
• Facilitate networking and lead generation
• Provide post-event follow-up and analytics
• Ensure event security and compliance

4.3 Other Attendees (With Consent)

Through our networking features, you may choose to share your contact information with other attendees for professional networking purposes. This sharing is always opt-in and under your control.

4.4 Legal Requirements

We may disclose your information when required by law, legal process, or to protect the rights, property, or safety of EventPassport, our users, or others.

5. International Data Transfers

As a Ghana-based company, EventPassport may transfer your personal data to countries outside Ghana and the West African region. In accordance with Ghana's Data Protection Act, when we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Adequacy Assessments: Ensuring destination countries have adequate data protection standards
• Contractual Safeguards: Standard contractual clauses and data processing agreements with international partners
• Security Measures: Technical and organizational measures to protect data during transfer
• Compliance Requirements: Ensuring international processors comply with Ghana's data protection standards or equivalent protections

For data transfers to countries with different legal frameworks (such as EU, US, or other jurisdictions), we implement additional safeguards to maintain the level of protection required under Ghanaian law.

6. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this policy:

• Event Attendee Data: Retained for up to 24 months after the event conclusion
• Lead and Networking Data: Retained as long as consented to by participants
• Account Information: Retained while your account is active and for up to 7 years thereafter for legal and business purposes
• Technical Data: Typically retained for 12-24 months for security and improvement purposes

You may request earlier deletion of your data, subject to our legal and contractual obligations.

7. Security Measures

EventPassport implements robust security measures to protect your personal information:

• Encryption: Data is encrypted in transit and at rest using industry-standard protocols
• Access Controls: Strict access controls and authentication requirements
• QR Code Security: Dynamic QR codes with embedded security features to prevent fraud
• Regular Audits: Periodic security assessments and vulnerability testing
• Staff Training: Regular privacy and security training for all personnel

8. Your Rights and Choices

You have the following rights regarding your personal data under Ghana's Data Protection Act, 2012 and other applicable laws:

8.1 Access and Portability

• Request copies of your personal data
• Export your data in a machine-readable format

8.2 Correction and Updates

• Update your profile information within the app
• Request correction of inaccurate data

8.3 Deletion and Restriction

• Delete your account and associated data
• Request restriction of processing in certain circumstances

8.4 Opt-out Rights

• Unsubscribe from marketing communications
• Disable networking features and lead sharing
• Opt out of non-essential analytics tracking

8.5 Badge and Check-in Controls

• Choose between digital and printed badges
• Control visibility of your information to other attendees
• Manage self check-in preferences and notifications

9. Children's Privacy

EventPassport is not intended for use by individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If we discover that we have collected information from a child under 16, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. We will notify you of material changes by:

• Posting the updated policy in the app with the effective date
• Sending email notifications to registered users
• Providing in-app notifications of significant changes