Conference Badge & GDPR
Conference Badge is compliant with the EU General Data Protection Regulation [GDPR].
Article 1. Subject-matter and objectives
This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.
This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.
The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data.
Here are some of the processes and practices we have in place to protect our users’ data
Privacy by Design 32
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of personal data, username, password, transaction information and data stored on our servers.
Sensitive and private data exchanges between Conference Badge and its users happen over a TLS secured communication channel (also known as SSL) and is encrypted and protected with digital signatures. All personal data stored on our servers is encrypted at rest.
We’ve partnered with various providers to offer a reliable service. All of our partners have a great security track record, take personal data privacy seriously, and are fully compliant with GDPR. We have signed a Data Processing Agreement (DPA) with each of them.
To be fully transparent, here is the complete list of providers who come in direct contact with our users’ personal data:
|Name||Services||Location||GDPR compliance||DPA signed with us|
|Heroku||Web servers, database||US||Read more||✓|
|AWS||File hosting, CDN, secrets management||US||Read more||✓|
|Stripe||Payment processing||US||Read more||✓|
|Missive||Communications, support||CA||Read more||✓|
|Analytics||Marketing analytics||US||Read more||✓|
|Logentries||Log management||US||Read more||✓|
|Postmark||Transactional emails||US||Read more||✓|
|SendGrid||Email marketing||US||Read more||✓|
Subscribe to this RSS feed to be notified of new subprocessors
Rights of the data subject 15 16 17 20 21
Our users have the right to access and export their personal data. Upon request, we will provide them with information about whether we hold any of their personal data. They may access (structured and machine readable format), correct, or request deletion of their personal data by contacting us at email@example.com We will respond to and proceed with requests within 30 days.
Data Processing Agreement
Our users can request a data processing addendum with us by contacting firstname.lastname@example.org
This document was last updated on December 16th, 2019