EVENTCAGE PRIVACY POLICY

1. INTRODUCTION

EventCage ("we," "our," "us," or the "Company") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, share, store, and protect personal information when you use our venue listing platform, website (www.eventcage.com), AI-powered semantic search, and related services (collectively, the "Services").

This Privacy Policy applies to venue owners, event planners, website visitors, and all users of our Services. By accessing or using our Services, you acknowledge you have read, understood, and agree to the practices described in this Privacy Policy.

2. DATA CONTROLLER AND CONTACT INFORMATION

2.1 Data Controller

EventCage is the data controller responsible for your personal data.

2.2 Data Protection Officer/Data Protection Contact

Questions, comments, and requests regarding this Privacy Policy should be addressed to:

Email: info@eventcage.com

Phone: 0333 090 8750

3. INFORMATION WE COLLECT

3.1 Personal Data You Provide Directly

Venue Information:

• Venue name, address, and location data
• Contact details for venue representatives
• Venue specifications (capacity, facilities, pricing, etc.)
• Images and descriptive content for venue listings
• Availability calendars and booking policies

Account and Profile Information:

• Full name and contact details (email, phone number)
• Business details and company information
• Login credentials (password is stored in encrypted form)
• Profile preferences and settings

Booking and Transaction Information:

• Event details (dates, times, expected attendees)
• Communications regarding bookings
• Transaction records and payment information
• Commission-related information and invoices

Communications and Support:

• Inquiries, feedback, and correspondence with our team
• Customer support requests and resolution details
• Responses to surveys or research initiatives

3.2 Information Collected Automatically

Usage and Analytics Data:

• IP address and location information
• Browser and device information
• Operating system details
• Pages viewed and features used
• Time spent on our platform
• Referral sources and exit pages
• Search queries and AI semantic search interactions

3.3 Information from Third Parties

We may receive information about you from:

• Payment processors and financial institutions
• Analytics providers and marketing partners
• Business partners and service providers
• Public databases and social media platforms (when you connect your accounts)

3.4 Special Category Data

We do not intentionally collect or process special category data (sensitive personal information) as defined under data protection laws. Please do not provide such information unless specifically requested and with appropriate legal basis.

4. LEGAL BASIS FOR PROCESSING

We process your personal data on the following legal bases:

4.1 Performance of Contract

Processing necessary to provide our Services and fulfill our contractual obligations to you, including:

• Creating and managing your account
• Listing venues and processing bookings
• Facilitating communications between venues and clients
• Processing commissions
• Providing customer support

4.2 Legitimate Interests

Processing necessary for our legitimate business interests, including:

• Improving and optimizing our Services
• Ensuring security and preventing fraud
• Marketing our Services to existing customers
• Analyzing usage patterns and trends
• Developing new features and services

We balance our interests against your fundamental rights and freedoms, and you have the right to object to processing based on legitimate interests.

4.3 Consent

Processing based on your specific consent, including:

• Marketing communications to non-customers
• Certain cookies and tracking technologies
• Processing of optional information you provide

Where we rely on consent, you have the right to withdraw consent at any time.

4.4 Legal Obligation

Processing necessary to comply with our legal obligations, including:

• Tax and accounting requirements
• Responding to legal requests or court orders
• Compliance with regulatory requirements
• Maintaining business records as required by law

5. HOW WE USE YOUR INFORMATION

5.1 Providing and Managing Services

• Operating and maintaining our venue listing platform
• Processing venue listings, inquiries, and bookings
• Facilitating communications between venues and clients
• Managing accounts and user profiles
• Processing commissions
• Providing customer support and resolving disputes

5.2 AI-Powered Semantic Search Functionality

• Processing natural language search queries
• Analyzing search intent to provide relevant venue matches
• Improving search algorithms and results accuracy
• Creating and updating venue-matching parameters
• Providing personalized venue recommendations

5.3 Communications and Marketing

• Sending essential service and transactional messages
• Providing administrative notifications and updates
• Sending marketing communications (subject to preferences)
• Responding to inquiries and support requests
• Conducting surveys and collecting feedback

5.4 Analytics and Improvement

• Analyzing usage patterns and platform performance
• Conducting research to improve our Services
• Testing new features and functionality
• Diagnosing technical issues and bugs
• Generating aggregated, non-identifiable analytics

5.5 Security and Compliance

• Verifying identities and preventing fraud
• Securing our platform against unauthorized access
• Enforcing our Terms of Service and other policies
• Resolving disputes and addressing complaints
• Complying with legal obligations and requests

6. AUTOMATED DECISION-MAKING AND PROFILING

6.1 AI-Powered Semantic Search

Our platform employs AI technology to analyze natural language search queries and match them with appropriate venues. This involves:

• Processing text inputs to understand search intent
• Analyzing venue attributes against search requirements
• Ranking venues based on relevance to search criteria
• Creating customized venue recommendations

6.2 Your Rights Regarding Automated Decisions

You have the right to:

• Obtain human intervention in any automated decision-making process
• Express your point of view regarding automated decisions
• Contest any decision based solely on automated processing
• Request an explanation of how an automated decision was reached

To exercise these rights, please contact us at info@eventcage.com.

7. HOW WE SHARE YOUR INFORMATION

7.1 Sharing Between Platform Users

• When clients submit inquiries, we share relevant details with venue owners
• When venues are listed, we share venue details with potential clients
• Communications between venues and clients are facilitated through our platform

7.2 Service Providers (Data Processors)

We share information with third-party service providers who process data on our behalf:

• Cloud hosting and infrastructure providers
• Communication and email service providers
• Customer relationship management systems
• Analytics and marketing service providers
• IT and system maintenance providers

All service providers are bound by data processing agreements that require appropriate security and confidentiality measures.

7.3 Legal and Regulatory Disclosures

We may disclose information:

• In response to lawful requests from public authorities
• To comply with legal obligations, court orders, or legal process
• To protect our rights, privacy, safety, or property
• In connection with the investigation of fraud, intellectual property infringement, or other unlawful activity

7.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or similar event, your information may be transferred as part of the transaction. We will notify you via email and/or prominent notice on our website of any such change in ownership and the consequent changes in the use of your personal data.

7.5 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

8. INTERNATIONAL DATA TRANSFERS

8.1 Locations of Processing

While EventCage is based in the United Kingdom, we may transfer, process, and store information about you on servers located in various countries, including outside the UK and European Economic Area (EEA).

8.2 Transfer Safeguards

When transferring data outside the UK or EEA, we implement appropriate safeguards including:

• Standard Contractual Clauses approved by the UK or EU Commission
• Adequacy decisions where applicable
• Binding Corporate Rules where applicable
• Additional supplementary measures as necessary following Schrems II

9. DATA RETENTION

We retain personal data for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

9.1 Criteria for Determining Retention

Factors we consider when determining retention periods include:

• The nature and sensitivity of the data
• The potential risk of harm from unauthorized use or disclosure
• The purposes for which we process the data
• Whether we can achieve those purposes through other means
• Legal, regulatory, and contractual requirements
• Operational requirements and business needs

9.2 Data Deletion

When personal data is no longer necessary, we securely delete or anonymize it. For data deletion requests, please contact us at info@eventcage.com.

10. DATA SECURITY

10.1 Security Measures

We implement appropriate technical and organizational measures to protect your personal data, including:

• Encryption of sensitive data both in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication requirements
• Staff training and confidentiality obligations
• Secure development practices and code reviews
• Regular backing up of data
• Disaster recovery and business continuity plans

10.2 Data Breach Procedures

In the event of a personal data breach that poses a risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority without undue delay and within 72 hours
• Inform affected users directly when there is a high risk to rights and freedoms
• Provide information about the breach and steps taken to mitigate potential adverse effects
• Document all breaches and our response actions

10.3 Limitations

While we take all reasonable steps to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

11. YOUR RIGHTS AND CHOICES

11.1 Your Data Protection Rights

Depending on your jurisdiction, you may have the following rights:

• Right to Access: Request a copy of your personal data.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure (Right to be Forgotten): Request deletion of your personal data.
• Right to Restriction of Processing: Request limitation of processing of your data.
• Right to Data Portability: Request transfer of your data to another provider.
• Right to Object: Object to processing based on legitimate interests or for direct marketing.
• Rights Related to Automated Decision-Making: Request human intervention in automated decisions.
• Right to Withdraw Consent: Withdraw consent where processing is based on consent.

11.2 How to Exercise Your Rights

You can exercise your rights by:

• Using relevant settings in your account where available
• Emailing us at info@eventcage.com
• Calling us at 0333 090 8750

We will respond to all legitimate requests within one month. Occasionally, it may take longer if your request is particularly complex or you have made several requests, in which case we will notify you of the extension.

11.3 Verification Process

To protect your information, we may require specific information from you to help us verify your identity and ensure your right to access your personal data (or to exercise your other rights).

11.4 Data Subject Access Requests (DSARs)

For formal DSARs, please include:

• Your full name and contact details
• A detailed description of the data you are requesting
• Any information that might help us locate the data
• A copy of your ID or other verification document if necessary

11.5 Complaints

You have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner's Office (ICO): https://ico.org.uk.

12. COOKIES AND TRACKING TECHNOLOGIES

12.1 Types of Cookies We Use

• Essential cookies: Required for platform functionality
• Preference cookies: Remember your settings and preferences
• Analytics cookies: Help us understand how users interact with our Services
• Marketing cookies: Track your activity across websites to deliver targeted advertising

12.2 Cookie Control

You can control cookies through:

• Our cookie banner when you first visit our site
• Your browser settings (to block or delete cookies)

13. MARKETING COMMUNICATIONS

13.1 Types of Marketing

We may send you marketing communications related to:

• New features and services
• Special offers and promotions
• Industry news and events
• Educational content and resources

13.2 Opting Out

You can opt out of marketing communications by:

• Clicking the "unsubscribe" link in any marketing email
• Updating your communication preferences in your account settings
• Contacting us directly at info@eventcage.com

13.3 AdWords and SEO

As per our venue agreements, EventCage will not use certain venue-specific keywords (as specified in individual agreements) in any paid AdWords/marketing spend to benefit EventCage's SEO rankings.

14. CHILDREN'S PRIVACY

Our Services are intended for business use and not directed to children under 18. We do not knowingly collect personal data from children under 18. If we learn we have collected personal data from a child under 18, we will delete this information promptly. If you believe we might have any information from or about a child under 18, please contact us.

15. THIRD-PARTY LINKS AND SERVICES

Our Services may contain links to third-party websites, services, social networks, or applications. We are not responsible for the privacy practices, policies, or content of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

16. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Effective Date" at the top of this page. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

For material changes to this Privacy Policy, we will provide notification via:

• Email to the primary email address specified in your account
• Prominent notice on our website
• Other means as appropriate

17. JURISDICTION-SPECIFIC PROVISIONS

17.1 UK and EEA Residents

If you are located in the UK or EEA, the legal basis for collecting and using your personal data depends on the specific context in which we collect it, as detailed in Section 4.

17.2 Other Jurisdictions

We comply with applicable data protection laws in all jurisdictions where we operate. Additional jurisdiction-specific disclosures will be added as required.