Privacy Policy

Last Updated: May 5th, 2020

1. Who we are.

1.1 Services.

We are an event, appointment and registration platform. Through our platform and tools, we enable organizers to provide you with easily accessible tools to facilitate events/appointments. Our services include AppointmentThing.com, AddEvent.com, CalendarX.com, and TimezoneAPI.io. AppointmentThing.com including all the subdomains, country level domains and variants, domains of our Users (organizers) that point to AppointmentThing's servers (collectively our site), all AppointmentThing's desktop and mobile applications, and all of the services offered through them or otherwise by us. We refer to all of these as our "Services".

1.2 Who is who.

When this Privacy Policy uses the term "Organizer" we mean appointment facilitators using the Services to create events/appointments for consumers using our Services (a) to consume information about or attend, appointments ("Consumers"), or (b) for any other reason. Organizers, Consumers and third parties using our Services are all referred to in these Terms collectively as "Users", "you" or "your".

AddEvent, Inc. is a Delaware corporation. Its principal place of business is at 400 Concar Drive, San Mateo, CA 94402, Reg. No. 47-5092344 ("AddEvent," "us," "we" or "our"). If you are resident in the EEA or Switzerland, AddEvent, Inc. is the responsible party with respect to Personal Data (as described below) collected through the Services. AddEvent's representative for European data protection law purposes is AddEvent, Inc. with its principal place of business at 400 Concar Drive, San Mateo, CA 94402, USA.

If you have any questions or concerns at any time, please contact us at the address above or by contacting us at privacy@appointmentthing.com.

2. Our privacy statement.

2.1 Application.

This Privacy Policy walks you through data that can be used to identify a person ("Personal Data") which is collected from Users on / or through the Services. We take the privacy of your Personal Data seriously. Please read this Privacy Policy as it includes important information.

"Non-Personal Data" as used in this Privacy Policy is, therefore, any information that does not relate to a person and/or cannot be used to identify a person. When you interact with the Services, we may collect Non-Personal Data. The limitations and requirements in this Privacy Policy on our collection, use, disclosure, transfer and storage/retention of Personal Data do not apply to Non-Personal Data.

3. Personal data we collect.

When you use or interact with us through the Services, we may collect Personal Data. Sometimes it will be on our own behalf and other times it will be on behalf of an Organizer using our Services to run an event. This is an important distinction for EU data protection law purposes and it is explained in more detail in Section 16 below.

3.1 All users.

Information you provide to us: For all Users, we collect Personal Data when you provide such information to the Services yourself. An example may include when you sign up for an account, contact us with inquiries, participate in one of our surveys or browse/use certain parts of the Services. The Personal Data we may collect includes without limitation your name, business information, address, email address and other information that enables Users to be personally identified.

Information we automatically collect: We automatically collect certain technical data that is available to us through the browser you access the Services ("Automatic Data") with. Automatic Data includes without limitation, a unique identifier related to the device/browser you use, IP address, statistics on your activities on the Services, information about how you ended up on the Services and data collected through Cookies, Pixel Tags and other similar technologies.

When you register for the Services, we may connect other Non-Personal Data (e.g. Non-Personal Data collected from third parties) with your Personal Data. In such an event, we will treat any combined data as your Personal Data until it cannot be associated with you / used to identify you.

3.2 Organizers.

As an Organizer, we will collect additional Personal Data from you.

Information you provide to us: If you subscribe to any of our paid services, we may collect your payment information (e.g., your credit card number, expiration date, bank account information, billing address, etc.), some of which may constitute Personal Data, to secure certain payments.

Information we obtain from other sources: We may also collect or receive Personal Data from third party sources, such as third party websites, your bank, our payment processing partners and credit reporting agencies.

3.3 Consumers.

As a Consumer, we will collect additional Personal Data from you, in some events for our own purpose and in other events on behalf of an Organizer (see Section 16 below for more information).

Information you provide if you register for an appointment: Organizers can set up appointment registration forms to collect virtually any information from Consumers. AddEvent does not control an Organizer's registration process nor the Personal Data that they collect. Personal Data collected on behalf of Organizers is provided to the Organizer of the event in accordance with "How we disclose and transfer your personal data: Organizers" below.

Information obtained from other sources: We may also collect or receive Personal Data from third party sources, such as Organizers, other Consumers, social media or other third party integrations, your credit card issuing bank, our payment processing partners or other third parties.

4. How We Use Your Personal Data.

The Personal Data we collect is done consistently with this Privacy Policy. We may use the Personal Data as follows:

4.1 Specific Reason.

If you provide Personal Data for a certain purpose we may use it for that purpose. For instance, if you have contacted us by email, we will use the Personal Data you have provided to answer your question or resolve your issue and we will respond to the email address.

4.2 Access and use.

If you provide Personal Data to get access or use the Services, we will use your Personal Data to provide you with the functionality requested. For instance, if you supply Personal Data to use certain portions of the Services, we will use that information to grant you access to use such Services.

4.3 Internal business purposes.

We may use your Personal Data for internal business purposes, including without limitation, to help us improve the content and functionality of the Services. We do that to better understand our Users, to improve the Services, to protect against/identify/address wrongdoing, to enforce our Terms of Service, to manage your account and provide you with customer service, and to generally manage the Services and our business.

4.4 Marketing communications.

We may use your Personal Data to contact you in the future for marketing purposes, including without limitation, to inform you about services or new functionality we believe might be of interest to you.

4.5 Organizer emails.

We allow Organizers to use our email tools to contact Consumers that have engaged in their events (current and past events), so you may receive emails from our system that originate from Organizers, send by us on their behalf. If you have registered for an event on the Services, your email address can be available to that Organizer. The Organizer and not AddEvent is responsible for sending these emails.

4.6 Other purposes.

If we intend to use any Personal Data in any manner that is not consistent with this Privacy Policy, you will be informed and we will obtain your consent prior to us using it.

4.7 Aggregated personal data.

In an ongoing effort to understand and serve our Users better, we often conduct research on our customer demographics, interests and behavior based on Personal Data and other information that we have collected. This research is typically conducted on an aggregate basis only that does not identify you. Once Personal Data is in an aggregated form, for purposes of this Privacy Policy, it becomes Non-Personal Data.

5. How we disclose and transfer your personal data.

5.1 No sale.

We are not in the business of selling your Personal Data. We consider this vital information to be a part of our relationship with you. Therefore, we will not sell your Personal Data to third parties, including third party advertisers. There are, however, certain circumstances in which we may disclose, transfer or share your Personal Data with certain third parties without further notice to you.

5.2 Business transfers.

As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets. You acknowledge and agree that any successor to or acquirer of AddEvent (or its assets) will continue to have the right to use your Personal Data and other information in accordance with the terms of this Privacy Policy.

5.3 Parent companies, subsidiaries, and affiliates.

We may also share your Personal Data with our parent companies, subsidiaries and/or affiliates for purposes consistent with this Privacy Policy. Our parent companies, subsidiaries, and affiliates will be bound to maintain that Personal Data in accordance with this Privacy Policy.

5.4 Agents, consultants and service providers.

We may share your Personal Data with our contractors and service providers who process Personal Data on behalf of AddEvent to perform certain business-related functions. These companies include our marketing agencies, database service providers, backup and disaster recovery service providers, email service providers and others. When we engage another company to perform such functions, we may provide them with information, including Personal Data, in connection with their performance of such functions.

5.5 Organizers.

When you register for an event through the event page, or through a page on the Services, we provide the Personal Data entered (if available) on the Organizers of the event. In some instances, an Organizer may appoint a third party, which may or may not be affiliated with the Organizer, to create an event on its behalf (we call these third parties ("Third Party Organizers"). For example, and without limitation, a concert venue (the Organizer, in this case) may allow third-party promoters or production companies (the Third Party Organizers) to create events that will be hosted at the Organizer's venue using its AddEvent account. In that case, we may provide your Personal Data to the Third Party Organizers on behalf of the Organizers. We are not responsible for the actions of these Organizers, or their Third Party Organizers, with respect to your Personal Data. It is important that you review the applicable policies of the Organizers, and if applicable and available, their appointed Third Party Organizers, of an event (and the related fundraising page, if applicable) before providing Personal Data or other information in connection with that event.

5.6 Third-party connections - information from Sign-On Services like Facebook, LinkedIn, and Google.

You can sign in to your AddEvent account using third-party services like Facebook, LinkedIn or Google, in which case we may collect, use, disclose, transfer and store/retain information relating to your account with such third party services in accordance with this Privacy Policy. For example, if you connect with your Google account, we store your Google App ID, and initially transfer your name and email to your AddEvent account. Name and email can be changed at any time.

5.7 Legal requirements.

We may disclose your Personal Data if required to do so by law in order to (for example) respond to a subpoena or request from law enforcement, a court or a government agency (including in response to public authorities to meet national security or law enforcement requirements), or in the good faith belief that such action is necessary to (a) comply with a legal obligation, (b) protect or defend our rights, interests or property or that of third parties, (c) prevent or investigate possible wrongdoing in connection with the Services, (d) act in urgent circumstances to protect the personal safety of Users of the Services or the public, or (e) protect against legal liability.

6. How we store your personal data.

We may store Personal Data itself or such information may be stored by third parties to whom we have transferred it in accordance with this Privacy Policy. We take what we believe to be reasonable steps to protect the Personal Data collected via the Services from loss, misuse, unauthorized use, access, inadvertent disclosure, alteration, and destruction. However, no network, server, database or Internet or email transmission is ever fully secure or error-free. Therefore, you should take special care in deciding what information you send to us electronically. Please keep this in mind when disclosing any Personal Data.

7. How you can access, update, correct or delete your personal data.

You can request access to some of your Personal Data being stored by us. You can also ask us to correct, update or delete any inaccurate Personal Data that we process about them.

If you are a registered User, you can exercise these rights by logging in and visiting the Account page. Both registered and unregistered Users may also exercise these rights by contacting us directly by email or at the address specified below.

If a Consumer initiates a data deletion request, AddEvent is authorized to delete or anonymize Personal Data of the requesting Consumer from the Services even if that means removing its availability to the Organizer through the Services. However, if you are a Consumer, you understand that even if you AddEvent deletes or anonymizes your Personal Data upon your request or pursuant to this Policy, your Personal Data may still be available in the Organizer's own databases if transmitted to the Organizer prior to AddEvent receiving or taking action on any deletion or anonymization activity.

We will consider and respond to all requests in accordance with applicable law.

8. How long we retain your personal data.

We may retain your Personal Data as long as you are registered to use the Services. You may close your account by contacting us. However, we may retain Personal Data for an additional period as is permitted or required under applicable laws. Even if we delete your Personal Data it may persist on backup or archival media for an additional period of time for legal, tax or regulatory reasons or for legitimate and lawful business purposes.

9. Cookies.

Please refer to our Cookie Policy for more information about our use of cookies and other similar tracking technologies.

10. Your choices.

You have several choices available when it comes to your Personal Data:

10.1 Limit the Personal Data you provide.

You can browse the Services without providing any Personal Data (other than Automatic Data to the extent, it is considered Personal Data under applicable laws) or with limiting the Personal Data you provide. If you choose not to provide any Personal Data or limit the Personal Data you provide, you may not be able to use certain functionality of the Services. For instance, in order to register for an event as a Consumer, an email address will be required by the Organizer.

10.2 Opt-out from electronic communications.


(a) Marketing Communications.
Where it is in accordance with your marketing preferences, AddEvent may send you electronic communications promoting the Services, to the extent you have registered for the Services. You can also "opt out" of receiving these electronic communications by clicking on the "Unsubscribe" link at the bottom of any such electronic communication.

(b) Organizer initiated communications.
Organizers may use our email tools to send electronic communications to those on their events lists, including Consumers who have registered for their events on the Services in the past. Although these electronic communications are sent through our system, AddEvent does not determine the content or the recipients of these electronic communications. Organizers are required to use our email tools only in accordance with all applicable laws. AddEvent provides a “Change registration” or "Unsubscribe" link on each of these emails, which allows recipients to "opt out" of electronic communications from the particular Organizer.

(c) Transactional or responsive communications.
Certain electronic communications from AddEvent are responsive to your requests. For instance, if you are a Consumer, we will email you a registration confirmation on behalf of the Organizer. As a further example, if you email our customer support, we will return your email. Notwithstanding any unsubscribe election that you have made, you will still receive these transactional or responsive emails. You can stop receiving these types of emails only by having your account deleted. We only recommend that you do this if you plan to no longer use the Services and will have no need to receive further communications from us or through our system.

(d) Retention.
It may take up to 72 hours for us to process an unsubscribe request. Even after you opt out of all electronic communications, we will retain your Personal Data in accordance with this Privacy Policy, however, we will no longer use it to contact you. However, Organizers who have received your Personal Data in accordance with this Privacy Policy may still use that Personal Data to contact you in accordance with their own privacy policies, but they may not use our system to do so.

10.3 Do not track.

We do not participate in any "Do Not Track" frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your Personal Data.

11. Exclusions.

11.1 Personal Data provided to others.

This Privacy Policy does not apply to any Personal Data that you provide to another User or visitor through the Services or through any other means, including to Organizers on event pages or information posted by you to any public areas of the Services.

11.2 Third party links.

This Privacy Policy applies only to the Services. The Services may contain links to other websites not operated or controlled by us (the "Third Party Sites"). The policies and procedures we described here do not apply to the Third Party Sites. The links from the Services do not imply that we endorse or have reviewed the Third Party Sites. We suggest contacting those sites directly for information on their privacy policies.

12. Children - children's online privacy protection act

We do not knowingly collect Personal Data from children under the age of thirteen (13). If you are under the age of thirteen (13), please do not submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data through the Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to us through the Services, please contact us and we will endeavor to delete that information from our databases.

13. International privacy laws.

Be aware that you are sending information (including Personal Data) to Ireland where our primary servers and data storage is located. That information may then be transferred to the United States or back out of the United States to other countries outside of your country of residence. These countries (including the United States) may not necessarily have data protection laws as comprehensive or protective as those in your country of residence; however, our collection, storage and use of your Personal Data will at all times continue to be governed by this Privacy Policy.

14. Changes to this Privacy Policy.

The Services and our business may change from time to time. As a result, at times it may be necessary for us to make changes to this Privacy Policy. We reserve the right, in our sole discretion, to update or modify this Privacy Policy at any time (collectively, "Modifications"). Modifications to this Privacy Policy will be posted to the Site with a change to the "Updated" date at the top of this Privacy Policy. In certain circumstances, AddEvent may, but need not, provide you with additional notice of such Modifications, such as via email or with in-service notifications. Modifications will be effective thirty (30) days following the "Updated" date or such other date as communicated in any other notice to you.

Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was updated on the date indicated above. Your continued use of the Services following the effectiveness of any Modifications to this Privacy Policy constitutes acceptance of those Modifications. If any Modification to this Privacy Policy is not acceptable to you, you should cease accessing, browsing and otherwise be using the Services.

15. Dispute resolution.

If you have a complaint about AddEvent's privacy practices you should write to us at:

AddEvent, Inc., Attn: Privacy Officer, 400 Concar Drive, San Mateo, CA 94402, USA, or by email. We will take reasonable steps to work with you to attempt to resolve your complaint.

16. EEA, Switzerland, and UK only

The EU General Data Protection Regulation (GDPR)
In May 2018, a new data privacy law known as the EU General Data Protection Regulation (or the "GDPR") becomes effective. The GDPR requires AddEvent and Organizers using the Service to provide Users with more information about the processing of their Personal Data.

Here is what you need to know:

Legal grounds for processing your Personal Data
The GDPR requires us to tell you about the legal ground we're relying on to process any Personal Data about you. The legal grounds for us processing your Personal Data for the purposes set out in Section 4 above will typically be because:

  • you provided your consent;
  • it is necessary for our contractual relationship;
  • the processing is necessary for us to comply with our legal or regulatory obligations; and/or
  • the processing is in our legitimate interest as an event organizing platform (for example, to protect the security and integrity of our systems and to provide you with customer service, etc.).

Transfers of Personal Data
As AddEvent is a global company, we may need to transfer your Personal Data outside of the country from which it was originally provided. This may be intra-group or to third parties that we work with who may be located in jurisdictions outside the EEA, Switzerland and the UK which have no data protection laws or laws that are less strict compared with those in Europe.

Whenever we transfer Personal Data outside of the EEA, Switzerland or the UK, we take legally required steps to make sure that appropriate safeguards are in place to protect your Personal Data.

Personal Data retention
We retain your Personal Data for as long as necessary to provide you with our Services, or for other important purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements.

If you have an account with us, we will typically retain your Personal Data for a period of 90 days after you have requested that your account is closed or if it's been inactive for 5 years.

Your rights
Data protection law provides you with rights in respect of Personal Data that we hold about you, including the right to request a copy of the Personal Data, request that we rectify, restrict or delete your Personal Data, object to profiling and unsubscribe from marketing communications.

For the most part, you can you can exercise these rights by logging in and visiting the Account page or changing the "cookie settings" in your browser (see our Cookie Statement for more information). If you can't find what you're looking for in the Account page, please contact us using the contact information set out in Section 15 above. Please note that requests to exercise data protection rights will be assessed by us on a case-by-case basis. There may be circumstances where we are not legally required to comply with your request because of the laws in your jurisdiction or because of exemptions provided for in data protection legislation.

If you have a complaint about how we handle your Personal Data, please get in touch with us as set forth in Section 15 to explain. If you are not happy with how we have attempted to resolve your complaint, you may contact the relevant data protection authority.

AddEvent as a data controller and a data processor
EU data protection law makes a distinction between organizations that process Personal Data for their own purposes (known as "data controllers") and organizations that process personal data on behalf of other organizations (known as "data processors"). If you have a question or complaint about how your Personal Data is handled, these should always be directed to the relevant data controller since they are the ones with primary responsibility for your Personal Data.

AddEvent may act as either a data controller or a data processor in respect of your Personal Data, depending on the circumstances.

For example, if you create an account with us to organize your events, AddEvent will be a data controller in respect of the Personal Data that you provide as part of your account. We will also be a data controller of the Personal Data that we have obtained about the use of the Applications or AddEvent Properties, which could relate to Organizers or Consumers. We use this to conduct research and analysis to help better understand and serve Users of the Services as well as to improve our platform.

However, if you register for an event as a Consumer, we will process your Personal Data to help administer that event on behalf of the Organizer (for example, sending confirmation emails etc.) and to help the Organizer target, and understand the success of, their event and event planning (for example, providing event reports, using analytics to gain insights into the effectiveness of various channels, etc.). In these circumstances, AddEvent merely provides the "tools" for Organizers; AddEvent does not decide what Personal Data to request on registration forms, nor is it responsible for the continued accuracy any Personal Data provided. Any questions that you may have relating to your Personal Data and your rights under data protection law should, therefore, be directed to the Organizer as the data controller, not to AddEvent.

17. California Residents Only.

If you are a California resident, we provide additional information about our information practices and you may have certain rights with respect to your information. For more information, please see the State-Specific Supplemental Privacy Notices here.