Privacy policy

Last update: 23.05.2022
This notice describes how we collect and process users’ data through https://eventornado.com/ website (“Platform”). The terms “we”, “us”, “our” refer to Eventornado OÜ, a legal person registered under the laws of the Republic of Estonia.

We are committed to safeguarding privacy and not going to misuse our users’ data.
Controller details:
  • Name: Eventornado OÜ
  • Registration number: 14994027
  • Registered address: Telliskivi street, 60A/5, Tallinn 10412, Estonia
  • Contact email address: [email protected]
Eventornado OÜ is a data controller in respect of information you provide through Platform to us, including all website visitors whose logs and cookie information is collected, and the processor in respect of information gathered by the hackathon organizer from hackathon attendees through Platform.
TABLE OF CONTENTS:
  1. Information we collect:
    1. Account and profile set up;
    2. Platform functionality;
    3. Payments;
    4. Communications;
    5. Demo access;
    6. Website, sales, and marketing activities.
  2. Third-party access to information:
    1. Analytics;
    2. Other disclosures;
  3. Your rights;
  4. Security of information;
  5. Changes to this Notice.
  1. Information we collect
    1. Account and profile set up
      • This privacy policy (hereinafter: Privacy Policy) applies to all cases where Eventornado OÜ (hereinafter: we or us) processes personal data of natural persons(hereinafter: you) as a controller when operating and managing its funding platform at www.eventornado.com (hereinafter: Platform).
        You can also create an account on the Platform by the means of your Google/Facebook/LinkedIn accounts. In order to do so you will have to connect one of the said accounts and authorize with login and password for the respective service. Kindly note, account information might be partially collected from the respective company if you are using services mentioned above for the account creation.
        In profile settings, you can manage all the data in Platform related to your user account.
        We use your account information to:
        • create and maintain your user account, including in connection with other data point listed below. The applied legal basis for this is the performance of the contract (Terms and conditions) between you and us (GDPR Art. 6.1.b)
        • provide the hackathon platform service (hereinafter: Service) via the Platform. The applied legal basis for this is the performance of the contract ( Terms and conditions) between you and us (GDPR Art. 6.1.b);
        • provide customer support and any pre-contractual communication for the purpose of providing you the Service, alerting of new updates regarding your hackathon, software implemented or general updates regarding Platform functionality, including by email (GDPR Art. 6.1.b);
        • analyse the efficiency of Platform in our legitimate interests (GDPR Art. 6.1.f);
        • upon receiving the consent from you, to send you other relevant aspects of the Service and the Platform, e.g. marketing or promotional materials such as invitation for new events or demo proposals, newsletter (GDPR Art. 6.1.a).

        We will store your account data, including the categories from the below sections (platform functionality, payments, and technical support) for as long as you have the account with us. If you become inactive, we will delete or anonymize your information within 24 months after your last user session.

        As for the hackathon attendees, we may retain their account information as a controller based on their consent for us to do so. In this case, we will retain attendees accounts to invite them to participate in other hackathons.

        For the activities that are based on consent, you can withdraw your consent at any time by contacting us directly. The withdrawal will not affect the lawfulness of processing based on consent before.
    2. Platform functionality
      Via the Platform, you will be able to perform different actions to organize and manage hackathon events. We will store and process the following categories of information while you are using Platform:
      • information you provide so as to host or manage events;
      • internal communications within a particular event;
      • derived information created on a particular event.

      The applied legal basis for this is the performance of the contract (Terms and conditions) between you and us (GDPR Art. 6.1.b).
    3. Payments
      We ask for your billing information in order to invoice you for the use of the Service.

      The applied legal basis for processing information about payments is the performance of the contract with you (GDPR Art. 6.1.b). We shall also retain part of financial information to comply with applicable accounting and financial laws (GDPR Art. 6.1.c).
    4. Communications
      You may leave a request with your inquiries including request for support via the “Contact us” form on Platform or by email. We use this information to provide you with the help you might need, fix and improve the Platform, and analyse our efficiency, including by creating statistics of inquiries.

      The applied legal basis for this is the performance of the contract (Terms and conditions) between you and us (GDPR Art. 6.1.b) and our legitimate interest to improve the platform (GDPR Art. 6.1.f).
    5. Demo registration
      Before registering an account, you can book a free demonstration of how Platform works. To perform registration, we will ask you to provide your name, company name, email address.

      We will use this information to choose and provide you with the most appropriate type of demonstration. The applied legal basis for these activities is our legitimate interest (GDPR Art. 6.1.f).
    6. Website, sales, and marketing activities
      The following data collection activities are present on Platform:
      • collection of visitor logs (IP address, traffic information, activity on the Platform) to ensure correct Platform functionality and manage user sessions, stored for 6 months of your last visit. The applied legal basis is our legitimate interests (GDPR Art. 6.1.f);
      • cookies – for more information please visit our Cookie Notice;
      • visitor traffic analysis. This activity, depending on the method used, is performed based either on your consent (cookie tracking) or our legitimate interests (GDPR Art. 6.1.f).

      We store marketing data for 24 months of the last communication with you. For the activities that are based on consent, you can withdraw your consent at any time by contacting us directly. The withdrawal will not affect the lawfulness of processing based on consent before. You can also opt-out of the e-mail subscription by clicking the appropriate button our emails to you.
  2. Third-party access to information
    We use the following third-party software providers:
    • companies which provide cloud server computing services;
    • companies which provide communication, e-mail server, and client relationship management services, where the exchange of messages, e-mails or videos may include personal data;
    • companies which help to monitor the behaviour of the Platform’s visitors;
    • companies which provide accounting services, processing accounting documents and the personal data contained therein;
    • persons which provide us with software development services;
    • companies which help with work management with further personal data processing;

    The providers listed afore process personal data based on our instructions only.
    When we transfer personal data outside of EEA we apply appropriate safeguards required by the GDPR such as Standard Contractual Clauses (SCC).

    1. Analytics
      When using the analytics services, we collect details of the use of the Platform, including, but not limited to traffic data and location data.

      Non-personally identifiable information is collected and processed by Google Analytics in an anonymised and aggregated way to improve our app’s usability and for marketing purposes. Google Analytics is a web analytics service that tracks and reports user traffic on apps and websites. Google Analytics uses the data collected to track and monitor the use of the platform. This data may also be shared with other Google services. For more information on the privacy practices of Google, you can check its Policies at www.google.com/analytics/policies/.
    2. Other disclosures
      In addition to the disclosures for the purposes identified before, we may disclose information about you:
      • if we are required to do so by law, in connection with any legal proceedings or to establish, exercise or defend our legal rights;
      • in case we sell, license or otherwise assign our company, corporate rights, the platform or its separate parts or features to third parties.

      Except as provided in this privacy notice, we will not sell, share or rent your information to third parties.
  3. Your rights
    You may exercise GDPR rights regarding your personal data. In particular, you have the right to:
    • The right to object against the processing of your information.
      If we process your information for our legitimate interests (e.g., for direct marketing emails or for our marketing research purposes), you can object against it. Let us know what you object against and we will consider your request. If there are no compelling interests for us to refuse to perform your request, we will stop the processing for such purposes. If we believe our compelling interests outweigh your right to privacy, we will clarify this to you. You can also unsubscribe from all our emails in the section “Email settings” in “Profile” created within the Platform.
    • The right to access your information.
      You have the right to know what personal data we process. As such you can obtain the disclosure of the data involved in the processing and you can obtain a copy of the information undergoing processing. You can also see and manage some of the collected information in “Profile” created within the Platform.
    • The right to verify your information and seek its rectification.
      If you find that we process inaccurate or out-of-date information, you can verify the accuracy of your information and/or ask for it to be updated or corrected;
    • Restrict the processing of your information.
      When you contest the accuracy of your information, believe we process it unlawfully or want to object against the processing, you have the right to temporarily stop the processing of your information to check if the processing was consistent. In this case, we will stop processing your data (other than storing it) until we are able to provide you with evidence of its lawful processing;
    • The right to have your personal data deleted.
      If we are not under the obligation to keep the data for legal compliance and your data is not needed in the scope of an active contract or claim, we will remove your information upon your request. You can also delete all your data in the section “My data” in “Profile” created within the Platform.
    • The right to have your personal data transferred to another organisation.
      Where we process your personal data on the legal basis of consent you provided us or on the necessity to perform a contract, we can make, at your request, your data available to you or to an organisation of your choosing.

    You can formulate such requests or channel further questions on data protection by contacting us at [email protected].

    If you believe that our use of personal information violates your rights, or if you are dissatisfied with a response you received to a request you formulated to us, you have the right to lodge a complaint with the competent data protection authority of your choice.

  4. Security of information
    We will take all necessary measures to protect your information from unauthorised or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties. As we use the services of third-party software providers across several countries outside of the European Union, we may transfer the collected data to those countries for further processing. In such cases, we will make sure that relevant safeguards are in place. More information on the taken international safeguards can be provided upon request.

    Immediate access to the data is only allowed to our authorised employees involved in maintaining the application. Such employees keep strict confidentiality and prevent unauthorised third-party access to personal information.

  5. Changes to this notice
    We may update this privacy notice from time-to-time by posting a new version on our website. We advise you to check this page occasionally to ensure you are happy with any changes. However, we will endeavour to provide you with an announcement about any significant changes.
Your experience on this site will be improved by allowing cookies.