Introduction
Matchmeeting AB, org. number: 556598–6634 (hereinafter referred as “InvitePeople”) provides a cloud-based service to manage and conducting digital and physical events (“the service”). Through the service a Customer can sell or distribute their tickets to their clients. InvitePeople is responsible for the technical mediation of tickets through its system.
Data protection and the data integrity is something that InvitePeople take very seriously, for both our Customers and their End user. Personal data is information that, directly or indirectly, can identify an individual, such as name, telephone number, address, and email. InvitePeople complies with all applicable legislation and all personal data processing, that InvitePeople are responsible for, takes place based on the EU Data Protection Regulation, GDPR (EU) 2016/679.
Personal data responsibility
InvitePeople provides the service to the organizer (“Customer”), where InvitePeople acts as data processor and the customer as data controller. A Personal Data Processing Agreement is signed between the Customer and InvitePeople to ensure secure, correct and legal processing of personal data in each individual case. The Customer is responsible for the personal data from the end users (“data subject”) that are processed within the service and InvitePeople is responsible to only process data in accordance with instructions from the Customer.
InvitePeople ensures that only employees within InvitePeople who need to have access to deliver the service are given access to the personal data that is processed on behalf of the Customer. All employees that have access to Customer personal data has received training in information security and any special instructions from the Customer.
The customer has the right to access information required to show that all data responsibilities are met.
Personal data that are processed within the service
InvitePeople process personal data within the service as follows:
Process | Category of data subject | Category of personal data |
---|---|---|
Administering end user personal information to be able to provide the service to invite, implement and manage digital and physical events for the Customer, following processes are involved:
|
|
|
Administering administrator personal information to be able to provide the service to invite, implement and manage digital and physical events for the Customer, following processes are involved:
|
|
|
The Customer have also the ability to add other processes, data subjects and categories of personal data that will be processes within the service. InvitePeople only process these in accordance with the instructions from the Customer and InvitePeople, as data processor, are not responsible for the legality of handling this information. Below are examples of processes, data subjects and categories of personal data that a customer may add to the service:
Process | Category of data subject | Category of personal data |
---|---|---|
Administering data subjects personal information to be able to provide the service to invite, implement and manage digital and physical events for the Customer, following processes are involved:
|
|
|
If an End user or Administrator (“data subject”) would like to know which categories of personal data each Customer use within the service contact, in first place, the organizer.
Data subjects’ rights
If a data subject considers that any personal information about him or her is incorrect or misleading, you should contact in first place the organizer and ask for rectification. A data subject should also contact the organizer if him or her in any way wish to restrict the handling of the personal data, object to the processing, delete them (subject to certain exceptions), transfer any data or request information about which personal data that are processed.
Revoke consent
If an End user would like to withdraw a consent you can use: https://invitepeople.com/revoke
Regular data erasure of personal data within the service
The customer (”data controller”) are responsible for the data erasure time frame for the processed personal data. All personal data will be processed throughout the term of the agreement between InvitePeople and the Customer.
Location
Sub-contractors
InvitePeople uses sub-contractors to provide the service. All sub-contractors sign a Personal Data Processing Agreement with InvitePeople to agree on the relationship where the requirements are at least what is agreed in the Personal Data Processing Agreement with the Customer. InvitePeople does not transfer personal data
outside the EU / EEA without prior approval from the Customer. If personal data is transferred to a sub-contractor outside EU/EEA a standard contractual agreement is signed.
To find out which subcontractors are affecting, contact the organizer.
Security measures
InvitePeople maintain a high level of technical and organizational security measures and we continuously update and test our security measures and technology, although these may change over time InvitePeople will not do so in a way that adversely affects the security of the Customer processed personal data.
Technical security
Below is a list with examples of technical security measures (but the technical security is not limited to these).
Organizational security
Below is a list with examples of organizational security measures (but the organizational security is not limited to these).
Contact regarding integrity
Matchmeeting AB
privacy@invitepeople.com
Tysta gatan 9
SE-115 20 Stockholm
Sweden
Org.nr 556598-6634