Privacy Policy

The Evento platform (“Platform”) is licensed for use and operation by ClubZap (“Licensee”). Users should refer directly to the ClubZap website (https://clubzap.com/privacy-statement/) for information regarding its applicable privacy practices, data handling procedures, and related policies. Users should also refer to the BallincolligGAA (“Client”) website or to any terms and policies provided by BallincolligGAA, in order to understand its respective privacy practices and data protection policies.

Evento understands that your privacy is important and that you care about how your personal data is used. We respect and value the privacy of all of our Licensees (“Licensee(s)”), their clients (“Client(s)”), and their end users (“End-User(s)”). We collect and use personal data only as described in this Privacy Policy and only in ways that are consistent with our legal obligations and the rights of individuals under the General Data Protection Regulation (“GDPR”). We keep personal information private and we do not sell or rent personal data to any third party. This Privacy Policy may be updated from time to time to reflect changes in technology, legislation, or our data usage practices.

Who are we?

Square1 Software Ltd., trading as “Evento,” located at 151 Thomas Street, Dublin, D08 PY5E, Ireland, is the operator of the Evento Platform. References to “we,” “us,” or “our” refer to Square1 Software Ltd. References to the “Platform” refer to the Evento Platform, references to the "Client" are to BallincolligGAA, and references to the “Licensee” are to ClubZap.

Evento provides an online registration and event management platform to the Licensee, who uses the Platform to deliver services to the Client. Clients contract the use of the Evento Platform, via our Licensees, to facilitate online event registration, payment processing, and the management of events for their End-Users. Clients may, at their sole discretion, grant administrative access to their employees or authorised third parties to view or manage End-User registration data stored within the Platform.

Data protection roles and responsibilities

For the purposes of applicable data protection legislation, including GDPR:

Client (Data Controller)
The Client determines the purposes and means of collecting and processing personal data from End-Users, including attendees, participants, and organisers using the Platform. The Client is responsible for ensuring that all such processing activities comply with the GDPR and any other applicable data protection laws.

Licensee (Data Processor)
The Licensee processes personal data on behalf of the Client in connection with the creation, management and administration of events, registrations, payment processing, ticketing and related activities carried out through the Licensee-branded version of the Platform.

Platform (Sub-Processor)
The Platform supplies the underlying event management technology used by the Licensee to deliver services to the Client. As a Sub-Processor, the Platform processes personal data only as necessary to support event creation, registration, payment processing, and related functionality. The Platform does not determine the purposes or means of processing personal data.

What does this notice cover?

This Privacy Policy explains how we collect, use, store, and process personal data. It also explains your rights under the GDPR.

What is personal data?

Personal data is defined under GDPR as any information relating to an identifiable natural person who can be identified directly or indirectly. This includes obvious information such as your name and contact details, as well as technical identifiers such as IP addresses, device IDs, and online identifiers.

What personal information do we collect?

Personal information you provide us

This includes any information you freely provide when registering on the Platform, completing forms, contacting us, or interacting with the Platform. Such information may include (but is not limited to):

• First and last name
• Email address
• Telephone number
• Postal address

Due to the dynamic nature of the Platform, Clients may, at their sole discretion, request additional personal information during event registration. We may receive personal data directly from End-Users, Clients, or authorised third parties.

Personal information we automatically collect

We automatically collect certain technical and usage information when you visit or use the Platform, including:

• IP address
• Network provider
• Browser type and version
• Operating system and device information
• Location and time zone
• Entry and exit URLs
• Pages visited and interactions
• Page load times
• Error logs and system crash data
• Duration of visits

How do we process your personal information?

We use personal data to:

• Provide access to and functionality of the Platform
• Process registrations and payments
• Prevent fraudulent transactions
• Communicate with Clients and End-Users
• Allow End-Users to register for and participate in Client events
• Enable Clients to manage their events and event-related communications

Personal data collected through the Platform is also made available to Clients for the purpose of managing and administering the events for which you register.

How do we store your personal information?

Platform storage

Personal data is stored on secure servers operated by Evento or our service providers. Data may only be transferred outside the EEA where permitted under GDPR, using mechanisms such as:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by the European Commission
• The EU–US Data Privacy Framework or equivalent safeguards

We implement appropriate technical and organisational security measures to protect personal data. However, transmitting information over the internet is not entirely secure, and any transmission is at your own risk.

Where access to the Platform requires a password, you are responsible for maintaining its confidentiality.

We retain personal data only for as long as necessary to provide services or comply with legal obligations.

Third-party data processors

We use third-party service providers to process data on our behalf, including hosting, communications, and payment services. These providers may include:

• Linode LLC
• Stripe Inc.
• Amazon Web Services (AWS)
• Mailgun Technologies
• Help Scout
• Laravel Holdings Inc.

Each provider processes data subject to GDPR-compliant contracts, including SCCs or equivalent safeguards.

Your rights under GDPR

You have the following rights:

• Right to be informed
• Right of access
• Right to rectification
• Right to erasure (“right to be forgotten”)
• Right to restrict processing
• Right to object
• Right to data portability
• Rights related to automated decision-making and profiling

You may exercise your rights by contacting us using the details provided below.

Cookies

We use cookies to enable essential Platform functionality. These include session cookies, CSRF protection cookies, Stripe fraud-prevention cookies, and Google reCAPTCHA functionality cookies.

Strictly Necessary Cookies

Strictly necessary cookies are essential in order to enable you to move around the site and use its features and services. These cookies allow the site to perform smoothly for you, the user, and without them we may not be able to provide certain services or features.

Links to external websites

The Platform may contain links to external websites. We are not responsible for the content or privacy practices of other websites. Users should review the privacy policies of external sites before submitting any personal data.

How do you contact us?

If you have questions or requests concerning this Privacy Policy, please contact us at: [email protected]