Last Updated: February 16, 2022
In this policy “You” refers to any individual who accesses and uses the Sites and/or Services. For example, You may be a customer or representative of a customer of Bizzabo who accesses and uses the Sites and Services as the host or organizer of an event (“Customer”), and with whom Bizzabo has entered into a Master Services Agreement or other agreement containing separate terms and conditions that govern delivery, access and use of the Sites and Services (either, a “Customer Agreement”). You may be the employee or agent of a Customer, who is authorized to access the Platform as an administrator or to interact with Bizzabo on behalf of a Customer. Or, You may be a visitor to our Website who is just interested in browsing and learning more about Bizzabo.
If You are invited to, register for, check into, or receive data regarding a Customer event (“Event”) through Bizzabo Sites or Service, You will be considered an “Event Attendee” and we will provide any Personal Data You submit through the Sites or Service to the Customer organizing that Event. Bizzabo does not control its Customer’s Event registration or management process, or the Personal Data that a Customer requests from Event Attendees. We are not responsible for any decisions or actions taken by the Customer with respect to Your data (or by any third party with whom the Customer may share Your data). Please read the applicable privacy policies of the Customer who is organizing the Event before submitting Personal Data in connection with their Event.
When we collect data from You, we may be doing so on our own behalf (in which case we will be considered a “controller” of Your data), or on behalf of a Customer who is using the Services to organize an Event and manage other Event-related activities (in which case, the Customer will be the “Controller” and Bizzabo will be considered a “Processor” of Your data). In general, and unless we are the event organizer, when collecting or otherwise processing data from Event Attendees, Bizzabo will do so as a processor on behalf of the respective Customer who is the controller of such data.
2. Information We Collect.
Summary: We collect various categories of personal and non-personal data in order to enable our Services. Data may be provided by You or by a third party when authorized to do so.
“Personal Data” is any information collected on or through our Sites and/or Services that may be used to identify or personally contact You or another individual, or that relates to an identifiable natural person. Personal Data (sometimes called Personally Identifiable Information, or Personal Data) may include, but is not limited to, name, job title, company name, email address, mailing address, phone number, browser and device information (including IP Address), and other identifying information You may provide to Bizzabo.
You are not required to provide Bizzabo with any Personal Data. However, certain Services and Sites’ functionalities may not be available to You unless some Personal Data is provided by You, or by a Customer or Customer administrator on Your behalf.
Non-Personal Data includes any information that is anonymized, aggregated or otherwise presented in a way that does not allow identification of a specific individual, or is not directly associated with a unique person.
3. How We Collect Information.
From our Website
If You visit our Sites and request a free demo, register for a webinar, subscribe to our blog, ask for Service information or download content (such as a whitepaper), or otherwise contact us, You will be asked to provide certain Personal Data, including Your contact details.
We will use this Personal Data for purposes that will be clear from the context: such as answering questions regarding our Service offerings, providing support, registering You for a demo, initiating a sales dialogue, targeted marketing and advertising, personalizing services, enabling account management, fraud prevention, etc.
From our Platform
Except for data pertaining to Customer’s Event administrators, information collected via the Platform (including the App) is collected from or on behalf of our Customers who host or manage Events. This information is either collected from Customer administrators who access the back-end of our Platform, or from Event Attendees directly, including through their use of the Platform and of the Services.
This type of Personal Data is controlled by the Customer, and Bizzabo collects and processes it at the Customer’s direction, and in accordance with instructions provided by the Customer, including the applicable terms in any Customer Agreement. With respect to this type of information, Bizzabo is a processor, and Customer is the controller. Bizzabo works together with Customers and offers tools so that Customers can provide appropriate notice regarding the purposes for which they are collecting Personal Data on our Platform, and so that Customers can also obtain consent to the collection and use of such information, where appropriate, or secure alternate lawful bases for the processing. Such notices, consent and lawful bases are entirely the responsibility of the Customer.
Personal Data may also be collected through the Platform by Bizzabo for events run by Bizzabo, in which case Bizzabo is the controller of such Personal Data.
From the App or Other Smart Devices
When You download or use the App or other smart devices in connection with a Customer Event, we collect app usage data, including which of our apps have been downloaded to Your mobile device and when.
If, where applicable, You have requested or consented to location services in connection with your use of the App or other smart devices, we may receive information about Your location and Your mobile device. We use this information to provide You with location-based Services and other personalized content based on Your location, as part of Customers’ management of Event Attendees’ data. Most mobile devices enable You to shut off location-based services; please access Your mobile device’s “Settings” for more information. With respect to all App data in connection with an Event of which You are an actual or prospective Event Attendee, Customer is the controller.
Personal Data may also be collected through the App and other smart devices by Bizzabo for events run by Bizzabo, in which case Bizzabo is the controller of such Personal Data.
From Email messages
If You contact a Bizzabo representative using our customer service email, or any one of our informational email mailboxes (e.g., email@example.com, firstname.lastname@example.org), we will store information such as the email address from which You sent the message, and use the information to reply to You.
From Offline Interactions
We may request and collect Your Personal Data offline – for example, when You attend a Bizzabo promotional event or if You connect with one of our sales representatives for Data about our product offerings. Likewise, we collect Personal Data of our vendors and partners or their representatives and staff in connection with our contracts with them.
We may ask You to participate in a survey, and Your responses could contain Personal Data.
In connection with Your use of the Sites and/or Services, we may also request occasional information about Your interests and preferences, to better provide communications, offers and content that are specifically tailored to Your personal interests.
We collect information in connection with job applications, from submissions, publicly available sources, recommendations, interviews, references, and related sources.
Information Collected Automatically
As is true of most websites, we gather certain information automatically when You visit our Sites, such as Your computer type (MAC or Windows), mobile device type, language, internet browser, any web pages that referred You to our Sites, and Your Internet Protocol (IP) Address (which may be identified and logged automatically in our server log files whenever You visit the Website or Platform). We may also store general usage and activity data, such as the date and duration of Your visit, and Your navigation of the Sites. We use this information for reasons such as improving Sites performance, analytics, and functionality, and monitoring the regions from which users access our Website or Platform, in order to help us enhance the user experience and Sites security.
Information from Cookies
Cookies, beacons, tags and scripts may are sometimes also be used by Bizzabo and our integration partners or analytics and service providers. These technologies are used in analyzing trends, administering the Sites, tracking users’ movements around the Platform and to gather demographic information about our userbase as a whole. We may receive reports based on the use of these technologies by our partners or providers on an individual as well as aggregated basis.
From Other Sources
In order to better provide You with marketing offers and additional services that are of interest or relevant to You, we obtain information from other sources, including public databases, marketing partners, social media platforms, and other third parties.
4. What is Bizzabo’s Legal Basis, as a Controller for Collecting and Processing Your Personal Data.
Summary: Data is collected on the basis of our contractual obligations, Your consent, for legal requirements, and also to meet various legitimate interests, such as improving products and services and fraud prevention.
Bizzabo’s legal basis for collecting and using the types of Personal Data described above will depend on the nature of the Personal Data collected, and the context in which we are collecting it. When we collect, use, process or disclose Your Personal Data, we rely on one or more of the following legal grounds:
Performance of a contract (including any Customer Agreement) – Where we need to process the Personal Data to perform our obligations under a Customer Agreement or other contracts, or in anticipation of such a contract, including employment agreements.
Consent – Where we have received Your consent to do so. You can withdraw Your consent at any time.
Legitimate Interests – Where it is in our legitimate business interests; for example, to improve our products and services, to market our services, to recruit suitable staff, to protect our legal rights and interests and those of our staff, Customers, or third parties, and/or to detect and prevent fraud and security breaches. We rely on our legitimate interests when they are not overridden by Your fundamental rights and freedoms.
Legal Requirement – If we are required to collect, use, process or disclose Your Personal Data due to a legal, ethical, or regulatory requirement, we may do so.
5. How Do We, as a Controller, Use Your Personal Data?
Summary: We process Personal Data to meet our obligations, protect our rights, manage our business, and provide our service.
Bizzabo uses Your Personal Data:
- To respond to Your inquiries and fulfill Your requests, and to provide You with customer support when You ask for it.
- To market and sell our Services, develop leads and prospects, and respond to enquiries.
- To send You updates, newsletters and other content that You have requested or subscribed to, as well as informational materials regarding our Services.
- To personalize Your experience on the Sites by offering content tailored to Your preferences or content and settings that You have chosen.
- For our internal business purposes that include administering Your access and use of any Bizzabo Services, data analysis, securely identifying You when You log onto a Service, fraud monitoring and prevention, enhancing or modifying our Sites and Services, determining the effectiveness of our promotional campaigns, billing You for Services, and operating our business.
- To identify and authenticate users of our Services; and to maintain the security of our Sites and Services, and of our offices and the safety of our staff.
- To recruit staff.
- As necessary for us to comply with applicable law, court orders, law enforcement orders etc.
- To protect and defend our rights, and those of our staff, customers, partners and third parties; for compliance and audit purposes, and for crime prevention and prosecution in so far as it relates to our staff, customers, facilities etc.
6. Sharing Personal Data.
Summary: We share Personal Data with our service providers, partners, group companies and authorities where required.
Aggregated Data. Bizzabo may share aggregated, non-personally identifying information, log data and usage statistics with third parties for purposes including demographic, industry, and marketing analysis.
Customers. If You are accessing any Site or Service as an administrator or authorized user of a Customer, or as an Event Attendee, Bizzabo is permitted to provide the Customer with Your information, including but not limited to Your Personal Data, access information and usage data.
Third Party Websites and External Links. Our Sites may contain links to websites (including social media sites) owned and operated by third parties, including Third Party Services. When You click on such links, You may leave our Sites and be directed to the third parties’ websites. These websites may themselves collect Personal Data about You or have Personal Data shared with them by us under Customer instructions. If You submit information to any of those sites, Your information is governed by their privacy policies, which may differ from those of Bizzabo. Bizzabo is not, and will not be, responsible for the privacy practices or security of any such websites.
Social Media Pages. You may choose to disclose Personal Data during Your participation on our social media pages. This Personal Data may appear in public ways, including through search engines or other publicly available platforms, and can be “crawled” or may be searchable by third parties. Do not share or post any information on our social media pages that You do not want to be disclosed to the public.
With Your Consent. Other than as set out above, You will receive notice when information about You might go to third parties, and You will have an opportunity to consent to Bizzabo sharing this information.
7. What Do We Do to Secure Your Personal Data?
Summary: we take data security very seriously, invest in security systems, and train our staff. In the event of a breach, we will provide notifications as required by law.
Bizzabo makes it a priority to safeguard the security and privacy of Your Personal Data. Bizzabo has implemented appropriate organizational, technical, and administrative measures to protect Your Personal Data from unauthorized access, disclosure, misuse, alteration or loss.
These measures include security controls to prevent unauthorized access to our facilities and systems, strong authentication procedures and strict password protection protocols, utilizing encryption software for all financial and other sensitive Personal Data transmitted on or through our Sites, and conducting penetration tests. We follow generally accepted standards to protect Personal Data submitted to us, both during transmission and once we receive it.
In the event of any security breaches, we will make legally required disclosures, which may include providing notification via email or on our Sites, as applicable.
While we take reasonable steps to protect Your Personal Data, please be aware that no method of Internet transmission or electronic storage guarantees complete protection and there is always some risk when You share Your Personal Data online. Bizzabo therefore cannot guarantee the absolute security of Your Personal Data.
If You have any questions about the security of our Sites and Services, You can contact us at email@example.com.
8. How Can You Access, Correct, Update or Delete Your Personal Data?
Summary: You can contact Bizzabo directly through logging into a user account or by email. If You are an Event Attendee and wish to exercise Your data subject rights please contact Your Controller, the Event Organizer.
Depending on Your user type and location, we provide You with various ways to access, download, correct and request deletion of Your Personal Data.
If You are a registered user of the Sites or Services (for example, a Customer’s employee who has been assigned an administrator account on the Platform), You can access, update, modify, correct or delete both Personal and Non-Personal Data by logging onto Your user account and visiting Your account settings.
Others may submit requests to access, update, correct or delete their Personal Data, to no longer receive communications, or to “opt-out” of certain Services, by contacting us directly at Bizzabo email and/or mailing address provided in the “Contact Information” section of this Policy.
Please note that Event Attendees are subject to our End User Terms, however, their Personal Data is processed by us on behalf of a Customer (the data controller). If You are an Event Attendee and use our Platform or any Service and would like to access, move, correct or delete Your Personal Data, or would no longer like to be contacted by the Customer controlling the information, please direct Your request to the Customer, who is the controller of Your data.
Please be aware that we may need to retain certain Personal and Non-Personal Data for recordkeeping and archival purposes, or to complete any transactions that You initiated prior to requesting such change or deletion.
9. Personal Data Retention.
Summary: we retain personal data according to our data retention policy, as required to meet our obligations, protect our rights, and manage our business.
We will retain Personal Data we collect from our Customers or Event Attendees, and process it on behalf of a Customer, for as long as necessary to provide our Services to the Customer, and will maintain any such information controlled by a Customer in accordance with the Customer’s instructions, including any applicable Customer Agreement terms, and as required by applicable law.
We will also retain and use Personal Data for a period of time required to comply with our legal, tax, audit or regulatory obligations, to manage potential liability, to resolve disputes, and to enforce our agreements.
10. Applicable Legislation.
Summary: Bizzabo complies with applicable requirements of the General Data Protection Regulation (EU) 2016/679 (“GDPR”) as it applies to personal data of individuals in the EU.
If EU data protection laws apply to the processing of Your Personal Data under this policy, then the following additional details apply.
Individuals from the EU may contact our EU representative (in accordance with GDPR Article 27) as follows:
MyEDPO Ltd., a company incorporated in the Republic of Ireland, which can be contacted by e-mail: firstname.lastname@example.org
As an individual from the EU, when Bizzabo is a controller of Your personal data, You may have the right – subject to certain conditions and limitations in applicable law – to:
- request access and copies of all of Your Personal Data that we possess, in an electronically portable format (e.g., electronic copies of information attached to an email).
- request that we modify or update any of Your Personal Data.
- request that we delete any of Your Personal Data or restrict access to Your Personal Data.
- fully or partially withdraw Your consent to the collection, processing, and/or transfer of Your Personal Data.
- ask to transfer Your Personal Data in accordance with Your right to data portability.
- object to the processing of Your Personal Data for direct marketing purposes.
- lodge a complaint with a data protection supervisory authority of Your habitual residence, place of work or of an alleged infringement of the EU data protection laws.
These data subject rights cannot be exercised in a manner inconsistent with the rights of Bizzabo, Bizzabo employees and staff, with our proprietary rights, and third-party rights. As such, for example, job references, reviews, internal notes and assessments, documents and notes including proprietary information or other forms of intellectual property or business confidential information, cannot be accessed, erased or rectified. In addition, these rights may not be exercisable where they relate to data that is not in a structured form, for example emails, or where other exemptions apply. Where a request for erasure is made, some Personal Data will remain in our backups and various systems until they are cycled out or until it is feasible to remove that data. Where processing occurs based on consent, withdrawal of consent will not affect the lawfulness of processing that occurred prior to the removal of the consent.
California Privacy Rights:
Summary: We do not sell the Personal Data we collect. California consumers have certain rights in relation to their Personal Data. They can exercise those rights by contacting us.
This section provides additional details about the Personal Data we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act or “CCPA.”
For more details about the Personal Data we have collected over the last 12 months, please see section 2 (What Information We Collect). We collect this information for the business and commercial purposes described in section 5 (How Do We Use Your Personal Data). We share this information with the categories of third parties described in section 7 (Sharing Personal Data). We do not sell (as such term is defined in the CCPA) the Personal Data we collect (and will not sell it without providing a right to opt out). Please note that we do use third-party cookies for our advertising purposes as further described in our Cookie Page.
Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories or specific pieces of Personal Data we collect (including how we use and disclose this information), to delete their Personal Data, to opt out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights.
California residents may make requests to obtain certain information regarding our disclosure of Personal Data to third parties for their direct marketing purposes. To make such a request, please send an email to email@example.com. Government identification may be required. Consumers can also designate an authorized agent to exercise these rights on their behalf.
Our California Do Not Track Notice.
We do not currently respond or take any action with respect to web browser “do not track” signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personally identifiable information about an individual consumer’s online activities over time and across third-party web sites or online services. We will allow third parties, such as companies that provide us with analytics tools, to collect personally identifiable information about an individual consumer’s online activities over time and across different websites when a consumer uses the Services.
To request access to or copies of Your Personal Data, a change to Your Personal Data, deletion of Your Personal Data, or to withdraw Your consent to processing of Your Personal Data, contact firstname.lastname@example.org. Once we have received notification that You withdraw Your consent, we will no longer process Your information for the purpose(s) to which You originally consented unless there are compelling legitimate grounds for further processing which override Your interests, rights and freedoms or for the establishment, exercise or defense of legal claims. Prior to enabling exercise of these rights we may undertake a process to verify Your identity.
Summary: Our Services are not intended to be used by children.
The Website, the Platform and the Services are not intended for children sixteen (16) years of age or younger. Bizzabo does not market any products or services to children sixteen (16) years of age or younger, or knowingly collect, as a Controller any Personal Data from children sixteen (16) years of age or younger.
12. Choices and Opting Out.
Summary: You can opt-out of communications from us
When You choose not to provide information, this may affect Your access to certain Services or prevent You from taking advantage of certain Site features offered by Bizzabo.
You may have consented to receive certain communications marketing or advertising of the Services and other products, in accordance with Your marketing preferences. You can opt-out of receiving these marketing messages at any time by clicking on the “Unsubscribe” link at the bottom of any such message, or by contacting us at the email and/or mailing address provided in the “Contact Information” section of this Policy.
Customers may use our Services to send You emails and other electronic communications, if You are on their email subscription lists or have registered for one of their Events. Although these messages are sent using our Services, we don’t determine the content or recipients of these messages. You should contact the Customer directly, or click the “Unsubscribe” link provided in messages, if You no longer want to receive communications from that Customer.
Even if You have opted to “Unsubscribe” from certain types of messages, please be aware that emails and other communications that respond to Your specific requests for information, or are provided as part of the Services You are still receiving, will be sent to You.
13. Sensitive Information.
Summary: We do not generally process any Sensitive Information
Where we are collecting, storing and processing information on our own behalf, as a data controller, we will not request any sensitive Personal Data such as Your health history, race, religion, or sexual orientation. We request that You do not send us such sensitive Personal Data on or through the Sites, by email, or through any other means.
California residents may make requests to obtain certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to email@example.com. Government identification may be required. Consumers can also designate an authorized agent to exercise these rights on their behalf.
14. Data Transfers.
Currently, we process information in the US, in Israel, in the UK and in the EU, including in sites operated and maintained by cloud-based service providers.
Whenever we transfer Personal Data out of the European Economic Area (EEA) to countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be made in compliance with GDPR Chapter V, including in reliance on the Standard Contractual Clauses (“SCCs”) in the form issued as part of the EU Commission Decision (EU) 2021/914. In general, Bizzabo has no reason to believe that the laws and practices in the third country of destination applicable to the processing of the personal data by the data importer, including any requirements to disclose personal data or measures authorizing access by public authorities, prevent the data importer from fulfilling its obligations under the SCC. Where required by EU law, an assessment of that belief is made on a case by case basis.
15. Contact Information.
Summary: You may contact us regarding any concern or question about privacy. If You are an Event Attendee, You should direct Your questions to the Customer organizing the Event.
Your privacy is important to us. If You have any questions or concerns about privacy at Bizzabo, please contact us, and we will try to answer Your question or resolve any issues for You.
You may contact us using the following information:
31 W 27 St., 10 Fl
New York, NY 10001 USA
Our Data Protection Officer may be emailed at firstname.lastname@example.org, and contacted at the above address and phone.