GDPR & Your Personal Data With Us

GDPR, or The General Data Protection Regulations is coming into force on 25th May and applies to every business working with people within the EU.

We wanted to take this opportunity to share with our customers how we’re preparing for GDPR to keep your personal data secure.

Get Invited is registered with the Information Commissioner’s Office (ICO) as a Data Controller for the personal data that we hold and process. Our registered address is 42 Waring Street, Belfast, BT1 2ED, our registration number is ZA180332.

Data We Store On You

When you create an account on Get Invited, either as an event organiser or attendee, or when you purchase a ticket; we collect and store a few pieces of your personal data.

Event Organiser Data

• Full name
• Email address
• IP address
• Logo or photo (optional)
• Bio (optional)
• Facebook profile URL (optional)
• Twitter profile URL (optional)
• Phone number (optional)
• Website URL (optional)

As an event organiser, we only require your full name and email address to set up your account. However, you may supply optional pieces of information (listed above) that will be displayed on your event page to help you market your brand.

Your username and logo or photograph will be displayed on your public profile page along with a list of events that you’re organising.

Attendee Accounts

• Full name
• Email address
• IP address

When creating a user account as an attendee, we will store your full name and email address. You can choose to create a custom username and upload a profile photo if you’d like.

Ticket Buyers

When purchasing a ticket on Get Invited, we store your full name, email address, ticket id and the date of purchase. We need this information to identify you at a particular event and to deliver your ticket to you via email.

Credit Card Information

When we collect your credit card details, these are processed directly by our payment processing partner – Stripe. We do not collect or store your credit card information on our server. Please refer to Stripe’s privacy policy for further information.

Sharing Your Data

We share your name, email address and your ticket type with event organisers for the purpose of effective event management. Event organisers may contact you from time to time with news or important announcements regarding the event you have registered for.

We encourage all event organisers to include an opt-in question on their booking page if they plan to contact attendees. Get Invited is not responsible for enforcing that event organisers are GDPR compliant, nor are we responsible for any misuse of data on behalf of the event organiser.

If you suspect that an event organiser is abusing your personal data, please contact us and we will do what we can to help.

For the purpose of tracking and measuring analytics on your service, we share your IP address with the following companies:

• Google Analytics
• Hotjar
• Mixpanel

We never share or sell any of your personal data with any third party services that are not directly related to the operation of our service.

Marketing

From time to time, we may send you email newsletters containing important news and updates to our service. For this, we share your email address with our third party email marketing service: Mailchimp.

Personal Data Security

We have an SSL Certificate installed on our server to ensure all data sent between your computer and our server is encrypted. We encrypt your email address and password. Your username, first name and last name are unencrypted.

Server Location

The server we store your personal data on is located in the European Union and resides in an ISO27001 certified facility. We do not store your data on a virtual or cloud server. Your data is stored on a dedicated, locked-down Get Invited server. Nothing else is hosted on our server. ISO27001 ensures the server technicians have relevant processes established to protect access to the data centre.

Server backups are made multiple times per day and made to another bare metal server (not a cloud or VPS server) . Backup data is not stored for longer than 30 days.

Data Access Requests

You have the right to view any data we hold on you and we would be happy to share this with you upon your request. Please submit a support ticket.

Destruction of Your Data

Upon, your request, we will delete any data we hold on you. Please be aware that this may impact your ability to attendee any upcoming events that you are registered for as you will no longer appear on the event organisers attendee list.

If you would like us to close your account or delete any data we hold on you, please submit a support ticket.