Groupize Privacy Notice
Last modified November 13, 2024
1. THE PURPOSE OF THIS PRIVACY NOTICE
1.1 This privacy notice applies to Groupize and its subsidiaries. Please see the event planner’s separate privacy policy, which specifies the event planner’s collection, use, disclosing and safeguarding of your personal information. Groupize is not aware of and is not responsible for the event planner’s privacy practices.
1.2 Our use of personal information
In common with most global organizations, we collect, use and share information, including personal information, in connection with providing our services and technology solutions and running our business.
1.3 This privacy notice
This is our main general privacy notice that applies across our business, although we may publish additional privacy statements that apply to:
If an additional privacy statement is relevant to you because of the way in which you engage with us and there is a conflict between the information set out in this notice and the additional privacy statement, then the additional privacy statement will take precedence over the information set out in this notice.
We have a separate privacy notice that sets out how we process the personal information of our staff, which prospective, current and former members of staff should refer to.
Where we process your personal information for and on behalf of one of our customers as part of providing our services and technology solutions to them, we act as a processor of our customer and this privacy notice does not apply. You can read more about our role as a processor when we provide our services and technology solutions to our customers under.
1.4 Updating this privacy notice
This notice may be updated from time to time.
1.5 What is personal information?
Personal information is information that relates to an identified or identifiable living individual. This includes obvious things like your name, address and telephone number but can also include less obvious things like analysis of your use of our websites.
Special categories of personal information require additional protection under data protection laws around the world. These categories include information about your health, racial or ethnic origin, political opinions, religious or philosophical beliefs and trade union membership, your genetic data and biometric data, and information concerning your sex life or sexual orientation. Criminal convictions information – this is information relating to your criminal convictions and offences. Local data protection laws may restrict the way in which we can use this information when compared to, for example, your name and address.
1.6 What personal information do we collect?
Individual details, as applicable and as required:
Name, address, other contact details (e.g. email and telephone numbers)
Identification details, as applicable and as required:
ID numbers issued by government bodies or agencies, such as your passport number.
1.7 Our responsibility to you
We process your personal information in our capacity as a controller. This means that we are responsible for ensuring that we comply with relevant data protection laws when processing your personal information.
1.8 Data protection officer
We have a data protection officer whose job is to oversee our data protection compliance. You can contact our data protection officer by sending:
2. YOUR PERSONAL INFORMATION
2.1 Why are we collecting personal information about you?
We only collect personal information about you in connection with providing our services and running our business. We will hold information about you if:
2.2 Where do we collect your personal information from?
We collect your personal information from various sources, including:
Which of the sources apply to you will depend on the particular types of personal information we are collecting, and why we are collecting your personal information. Where we obtain your information from a third party, in particular your employer or the organization that you represent, we may ask them to provide you with a copy of this privacy notice (or a shortened version of it) to ensure you know we are processing your information and the reasons why.
2.3 Information Collected or Stored As You Access and Use the Site or Platform
While we generally act at our business customers’ direction in processing personal information as part of our services and technology solutions, when you access and use our services and technology solutions, including the Groupize website and services platform, we may directly collect certain personal information about you when you use the site and/or the platform apart from the data that has been provided to us by our customers (e.g., when you register to use the platform). In addition to any personal information or other information that you choose to submit to us via the site or the platform, we and our third-party service providers may use a variety of technologies that automatically (or passively) store or collect certain information whenever you visit or interact with the site or the platform (“Usage Information”). This Usage Information may be stored or accessed using a variety of technologies that may be downloaded to your personal computer, browser, laptop, tablet, mobile phone or other device (a “Device”) whenever you visit or interact with the site or the platform. To the extent we associate Usage Information with Personal Information we collect directly from you on the site or the Platform, we will treat it as personal information.
If you have an account and you log in to use the platform, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices.
Usage Information may include:
Tracking Technologies. We may use various methods and technologies to store or collect Usage Information (“Tracking Technologies”). Tracking Technologies may set, change, alter or modify settings or configurations on your Device. A few of the Tracking Technologies include, without limitation, the following (and subsequent technology and methods later developed):
Cookies. A cookie is a data file placed on a Device when it is used to visit the site or the platform.
Web Beacons. Small graphic images or other web programming code called web beacons (also known as “1×1 GIFs” or “clear GIFs”) may be included in the site or the platform’s pages and messages. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a page or e-mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to the platform, to monitor how users navigate the site or the platform, to count how many e-mails that were sent were actually opened or to count how many particular articles or links were actually viewed.
Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the site or the platform, such as the links you click on. The code is temporarily downloaded onto your Device from our web server or a third-party service provider, is active only while you are connected to the site or the platform, and is deactivated or deleted thereafter.
Browser Fingerprinting. Collection and analysis of information from your Device, such as, without limitation, your operating system, plug-ins, system fonts and other data, for purposes of identification.
ETag, or Entity Tag. A feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. If the resource content at that URL ever changes, a new and different ETag is assigned. Used in this manner ETags are a form of Device Identifier. ETag tracking may generate unique tracking values even where the consumer blocks HTTP, Flash, and/or HTML5 cookies.
Recognition Technologies. Technologies, including application of statistical probability to data sets, which attempt to recognize or make assumptions about users and devices (e.g., that a user of multiple devices in the same user).
Tracking Technologies Usage. We may use Tracking Technologies for a variety of purposes, including:
Strictly Necessary. We may use cookies or other Tracking Technologies that we consider are strictly necessary to allow you to use and access the site or the platform, including cookies required to prevent fraudulent activity and improve security.
Performance-Related. We may use cookies or other Tracking Technologies that are useful in order to assess the performance of the site or the platform, including as part of our analytic practices or otherwise to improve the content, products or services offered through the site or the platform.
Functionality-Related. We may use cookies or other Tracking Technologies that are required to offer you enhanced functionality when accessing the site or the platform, including identifying you when you sign-in to the site or the platform or keeping track of our specified preferences, including in terms of the presentation of content on the site or the platform.
Targeting-Related. We may use Tracking Technologies to deliver content relevant to your interests on the site or the platform and third-party sites based on how you interact with our content. This includes using Tracking Technologies to understand the usefulness to you of the content that has been delivered to you.
Tracking Technologies Choices and Consent.
We obtain your consent to our information storage or collection Tracking Technologies by providing you with transparent information in this Privacy Notice and providing you with the opportunity to make a choice to disable cookies as set forth above. Please note that we are not required to obtain your consent to the information collection Tracking Technologies identified above that are strictly necessary.
We are giving you detailed notice of the Tracking Technologies and your limited choices regarding them so that your consent is meaningfully informed.
Third Party Tracking and “Do Not Track.”
There may be other Tracking Technologies now and later devised and used by us in connection with the site or the platform. Further, third parties may use Tracking Technologies in connection with our platform, which may include the collection of information about your online activities over time and across third-party websites or online services. We may not control those Tracking Technologies and we are not responsible for them. However, you consent to potentially encountering third-party Tracking Technologies in connection with use of the site or the platform and accept that our statements under this Privacy Notice do not apply to the Tracking Technologies or practices of such third parties. Also, various third parties are developing or have developed signals or other mechanisms for the expression of consumer choice regarding the collection of information about an individual consumer’s online activities over time and across third-party web sites or online services (e.g., browser do not track signals). Currently, we do not monitor or take any action with respect to these signals or other mechanisms.
3. OUR USE OF YOUR PERSONAL INFORMATION
3.1 How do we use your personal information?
3.1.1 Use of our services and technology solutions
Access to our services and technology solutions:
Whilst we generally act as our customer’s processor in processing personal information as part of our services and technology solutions, when you access and use our services and technology solutions, we may collect certain personal information as part of the initial set-up and registration process and to control access and use of the services and solutions on a day to day basis, including your name, email address and login credentials (for example, your user name). This information is used by us as part of the initial registration process, to manage your use of the application and provide it to you.
Monitoring your use of our services and technology solutions:
Our services and technology solutions allow us to track (i) the general geographic region/area from which you access and use certain of our services and solutions; and (ii) how you use our services and solutions (for example, the type of product features that you click on and use). We use this information to (i) understand how and where the application is being used and to provide, develop and improve the application; and (ii) inform our discussions with our customers about their services and solutions needs and the licensing arrangements that we have in place with them.
Use of technologies to automatically discover patterns in data sets:
We use data analytics to help us make accurate predictions and understand user behavior, for example, to model and forecast customer pipelines, sales efforts, and opportunities. Information on data analytics helps us to discover patterns in data sets (where those data sets may contain personal data) and use them to make predictions, classifications, or risk scores.
Our technology solutions also allow us to track who accesses and use the solutions (including the solution features that are being used) and users’ general location (including by region and area). We do this through the collection of information such as your user and login credentials (including your name, registered email address, job title and operating system login name), IP addresses, product keys, licence codes and the data created through the use of the solution and other data collection tools. For further information on the same, please see our cookie policy.
We do not generally look to collect special categories of personal data and criminal convictions data for this purpose.
Access to our services and technology solutions:
Legitimate interests.
We have a legitimate interest in using your information where this is necessary or appropriate to provide our services and solutions.
3.1.2. Contract
We may use this data to enter a contract with you, for example where we use the details to create an account or in providing cee complying with our contract for services to you.
Monitoring your use of our solutions: services and technology.
Legitimate interests.
We have a legitimate interest in understanding when and how our services and solutions are used and by whom.
Consent
We rely on your consent to use data analytics to understand the patterns in data sets.
Individual details, as applicable and as required:
Name, address, other contact details (e.g. email and telephone numbers), employer, job title and other details as required under law.
3.1.3 Service providers
We collect information about you in connection with your provision of services to us or your position as a representative or worker of a provider of services to us.
We do not generally look to collect special categories of personal data for this purpose, other than where we are required to do so to meet our legal obligations (see ‘Know Your Customer and other legal obligations’ above).
Legitimate interests.
We have a legitimate interest in contacting and dealing with individuals involved in providing services to us.
Individual details, as applicable and as required:
Name, address, other contact details (e.g. email and telephone numbers), date and place of birth, nationality, employer, job title.
3.1.4 Events
If you wish to attend one of our events or schedule a catch-up with us at a third party event that we are attending, we ask you to provide us with a limited amount of information (normally your work contact details, your employer’s name, your job title, and the topics, services or technology solutions of interest).
We use this information in order to facilitate and communicate with you about our events and third party events we are attending.
If you provide your details to enter a competition organized by us together with our partners, we may use your details to contact you in relation to the competition. We may also retain your details to contact you for promotional activities in the future based on your consent.
We do not generally look to collect special categories of personal data for this purpose.
Consent:
We rely on consent to contact you in the future where we collect your personal data during the course of a competition or prize draw.
Legitimate interests.
Our events, the third party events we attend and our updates are intended primarily for customers and potential customers. We have a legitimate interest in confirming that our events and updates are being made available to their intended audience. We also have a legitimate interest in understanding your use of our events and updates, and whether this presents any opportunity for us to improve the services and solutions we offer to you.
Individual details, as applicable and as required:
Name, address, other contact details (e.g. email and telephone numbers), date and place of birth, nationality, employer, job title,
Identifiers, location information such as IP address, a website tracking code or electronic images of you and usage of our services and technology solutions, IP address, a website tracking code or electronic images of you
3.1.5. Marketing
We may use your name and contact details to provide you with our news updates.
Legitimate interests
Where we send you marketing communications without your consent, we do so because we have a legitimate interest in keeping you informed about seminars, events and developments in our business and the topics or technology solutions that may be of interest to you. When we send you marketing communications, there are separate laws regarding marketing communications that we adhere to, in addition to data protection laws. You may opt out of receiving marketing communications from us at any time by contacting us at by clicking the link here and selecting “unsubscribe from all communication”. Each communication we send provides a straightforward means of doing so.
Individual details, as applicable and as required:
Name, address, other contact details (e.g. email and telephone numbers), date and place of birth, nationality, employer, job title.
Identifiers, location information such as IP address, a website tracking code or electronic images of you and usage of our services and technology solutions, IP address, a website tracking code or electronic images of you.
3.1.6. Relationship management
We use relationship management software to understand the strength of our relationship with our customers and potential customers, which includes individual representatives of those customers – for example records of frequency of contact with those individuals.
Where we have a sales opportunity, we may obtain information about relevant decision makers in order to improve the prospects of our sales pitch or proposal being successful. This information may come from a variety of public databases and information sources.
As part of our marketing analysis, we track how you interact with our marketing activities – in particular whether you click on any of the links in our marketing materials (such as the updates or event invitations we send you). We are able to record this information against your email address by placing ‘cookies’ on your device. For information on how we use cookies, please see our separate cookies notice.
We do not generally look to collect special categories of personal data and criminal convictions data for this purpose.
Legitimate interests
We have a legitimate interest in understanding our relationship with our customers and potential customers. Using the frequency of your contact with our organization and analysing how you interact with our marketing activities is a reasonable means of doing so.
We also have a legitimate interest in understanding relevant information about you where you are likely to be involved in deciding whether you or the person you represent will buy our services and solutions.
3.1.7. Visitors to our websites
A number of facilities on our websites invite you to provide us with your personal information. Where you provide us with information, we will only use it for the purpose for which it has been provided by you.
Most of our websites use cookies to help them work more efficiently and to provide us with information on how the website is being used. For information on how we use cookies, please see our separate cookies notice.
We do not look to collect special categories of personal data on our websites.
Legitimate interests.
We have a legitimate interest in providing to you the facilities on our websites that you have requested and in understanding how our websites are used and the relative popularity of the content on our websites.
Consent
We will only use cookies with your consent.
3.1.8. Visitors to our offices
We have security measures in place at our offices, which include building access controls and may include CCTV. Images captured by CCTV are securely stored and only accessed on a need to know basis – for example, to look into an incident. CCTV recordings are typically automatically overwritten after a short period of time unless an issue is identified that requires investigation (such as a theft).
We require visitors to our offices to sign in at reception and we keep a record of visitors for a short period of time. Our visitor records are securely stored and only accessible on a need to know basis – for example, to look into an incident.
We do not generally look to collect special categories of personal data for this purpose.
Legitimate interests.
We have a legitimate interest in making sure our offices, and the people that visit and work at our offices, are safe and secure.
3.1.9. Establishing our legal position
We may use your personal information, including sharing it with our legal advisers, when looking to establish our legal position.
In some cases, this information will include special categories of personal data and criminal convictions data.
For all information – legitimate interests.
We have a legitimate interest in understanding and establishing our legal rights and obligations.
For special category and criminal convictions data – the establishment, exercise or defence of legal claims.
We may also use analytics data to automatically discover patterns in data sets (which may sometime contain personal data) and use them to make predictions, classification, or risk scores. We try to use data analytics in pseudonymized form.
For details on third party analytics being used on our website, please refer to our cookie notice.
3.3 Do we share your information with anyone else?
We do not sell your information to any third parties. We share your information in the following circumstances:
4. OTHER IMPORTANT THINGS YOU SHOULD KNOW
4.1 Keeping your personal information safe
We take security issues seriously. We implement appropriate steps to help maintain the security of our information systems and processes and prevent the accidental destruction, loss or unauthorised disclosure of the personal information we process.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our services. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the services.
4.2 Profiling and automated decision making
We do not use profiling (where an electronic system uses personal information to try and predict something about you) or automated decision making (where an electronic system uses personal information to make a decision about you without human intervention).
4.3 How long do we keep your personal information?
We keep your personal information in accordance with our global data retention policy which categorises all of the information held by us and specifies the appropriate retention period for each category of information. Those periods are based on the requirements of relevant data protection laws and the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and our business purposes.
For more information on how long we keep your personal information please contact us at [email protected].
4.4 Cross border transfers of your personal information
We are a global business that operates, and provides services and solutions to customers located, in many different countries around the world.
The global nature of our business means that your personal information may well be transferred across national boundaries, including, potentially, to countries that do not require organisations by law to look after your personal information in the way in which you have come to expect in your own country.
Where we transfer your personal information across national boundaries, we will protect your personal information by ensuring that those transfers are made in compliance with all relevant data protection laws.
We also have in place a global data protection policy which we follow worldwide and which is based on UK, European Union and Californian data protection principles (known to be some of the toughest privacy principles in the world).
If you would like further details of how your personal information is protected when transferred from one country to another then please email us at [email protected].
4.5 Interactions with Third-Party Platforms
The site or the platform may include functionality that allows certain kinds of interactions between the site or the platform and a third-party website or application. The use of this functionality may involve the third-party operator providing certain information, including personal information, to us. For example, when you register with the platform, you may have an option to use your Facebook, Google or other account provided by a third-party site or application to facilitate the registration and log-in or transaction process on the platform, or otherwise link accounts. If we offer and you choose to use this functionality to access or use our platform, the third-party site or application may send Personal Information about you to us. If so, we will then treat it as personal information under this Privacy Notice, since we are collecting it as a result of your accessing of and interaction on the site or the platform. In addition, we may provide third-party sites’ interfaces or links on the site or the platform to facilitate your sending a communication from the site or the platform. For example, we may use third parties to facilitate emails, tweets or Facebook postings. These third parties may retain any information used or provided in any such communications or other activities and these third parties’ practices are not subject to our Privacy Notice. Groupize may not control or have access to your communications through these third parties. Further, when you use third-party websites or services, you are using their services and not our services and they, not we, are responsible for their practices. You should review the applicable third-party privacy policies before using such third-party tools on or via the site or the platform.
5. YOUR RIGHTS
5.1 Contacting us and your rights
Under certain conditions, you may have the right to require us to:
If you would like to exercise any of your rights please contact us at [email protected].
5.2 Your right to complain
If you are not satisfied with our use of your personal information or our response to any request by you to exercise your rights, or if you think that we have breached any relevant data protection laws, then you have the right to complain to the authority that supervises our processing of your personal information or, where you are based in the EU, the data protection authority (DPA) in your country. A list of DPAs from the European Commission may be found here: https://edpb.europa.eu/about-edpb/about-edpb/members_en#member-be. The information Commissioner is the relevant authority for the UK https://ico.org.uk.
If you are unsure of the authority that supervises our processing of your personal information then please email us at [email protected].
5.3 Local differences
Whilst this privacy notice describes the data protection practices adopted by us generally across the world, local data protection laws may vary and our operations in some countries may mean that we are subject to different, or additional, local data protection requirements.
This section of our privacy notice lists those countries/states where our data protection practices differ from those set out in the rest of this notice. In the relevant countries stated below, you can find how our data protection practices differ in that country/state as well as any additional information that we are obliged to provide to you to comply with local data protection laws in that country/state.
If any of the country/state specific privacy practices and additional statements are relevant to you because of the way in which you engage with us and there is a conflict between those practices or statements and the information set out elsewhere in this notice, then the country/state specific practices and statements will take precedence.
5.3.1 State Privacy Rights
State consumer privacy laws may provide their residents with additional rights regarding our use of their personal information. To learn more about California residents’ privacy rights, see Privacy Notice for California residents detailed in Section 5.3.2 below.
California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, and Virginia provide (now or in the future) their state residents with rights to:
The exact scope of these rights may vary by state. To exercise any of these rights or to appeal a decision regarding a consumer rights request, please contact us at [email protected].
5.3.2 California
The Groupize Privacy Notice describes how we may collect, use and share California consumers’ information in compliance with California law, including the California Consumer Privacy Act of 2018 (CCPA) and the California Rights Privacy Act (CPRA). Therefore, the following California-specific additional information should be read in the context of the entire Privacy Notice.
5.3.2(i) Notice of California Privacy Rights
The CCPA and CPRA grants California consumers the following rights:
California consumers also have the right not to be discriminated against due to exercise of any of the consumer’s rights including, but not limited to:
5.3.2(ii) Under California’s “Shine the Light” law, California Civil Code Section 1798.83, California residents may also request businesses to provide information regarding any disclosures made within the prior calendar year to third parties who the business knows or reasonably should know may have used the consumer’s personal information for the third parties’ direct marketing purposes. Information that California residents are entitled to include the names and addresses of any such third party businesses with whom such information has been shared, if any.
5.3.2(iii) Exercising Your Rights to Know or Delete
To exercise your rights to know or delete described above, please submit a request by contacting us at: [email protected] with the phrase “California Privacy Request” in the subject line. You must include sufficient detail for us to locate your information and contact you. Please include, at a minimum, your name, email and postal address. We will attempt to provide you with the requested information within thirty (30) days of receipt. We reserve our right not to respond to similar requests sent more than once in a calendar year.
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request to know or delete related to your personal information. You may only submit a verifiable consumer request to know twice within a 12-month period. The verifiable consumer request to know or delete must:
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
You do not need to create an account with us to submit a request to know or delete.
We will only use personal information provided in the request to verify the requestor’s identity or authority to make the request.
5.3.3 What Should Parents Know About Children?
We understand the importance of protecting children’s privacy in the interactive world. We do not use the site or platform to knowingly collect personal information from children under the age of thirteen (13) that requires parental notice and consent under the Children’s Online Privacy Protection Act (“COPPA”) without such parental consent. In the event that we become aware that we have collected personal information from any child, we will dispose of that information in accordance with COPPA and other applicable laws and regulations. If you are a parent or guardian and you believe that your child under the age of 13 has provided us with personal information without COPPA-required consent, please contact us at [email protected].
7-day free trials are for organizations seeking to manage their meeting program.