GDPR Compliance

Chain Events is fully compliant with GDPR regulations. Understand your data rights and how we protect your information.
GDPR Compliant Since 2024
Table of Contents

What is GDPR

Data Subject Rights

Legal Basis

Data Processing

Data Security

Data Sharing

Data Retention

Contact Us

Introduction to GDPR

The General Data Protection Regulation (GDPR) is a European Union regulation that strengthens and unifies data protection. Chain Events is fully committed to GDPR compliance and applies its principles globally to protect all user data.

✓ GDPR Compliant: Chain Events fully complies with GDPR requirements for data protection, privacy, and user rights.

What is GDPR?

GDPR (General Data Protection Regulation) is an EU regulation that came into effect on May 25, 2018. It applies to all organizations processing personal data of EU residents, regardless of where the organization is located.

Key Principles
• Lawfulness, fairness, transparency
• Purpose limitation
• Data minimization
• Accuracy and integrity
Core Rights
• Right to access data
• Right to rectification
• Right to erasure
• Right to data portability

Your Data Subject Rights

Right of Access
Right to Rectification
Right to Erasure (Right to be Forgotten)
Right to Data Portability
Right to Restrict Processing
Right to Object
Rights Related to Automated Decision-Making

Legal Basis for Data Processing

Chain Events only processes personal data when we have a valid legal basis under GDPR:

Consent

You explicitly consent to processing (e.g., marketing emails, analytics)

Contract Performance

Processing necessary to provide services (account management, event publishing)

Legal Obligation

Processing required by law (tax records, fraud prevention)

Legitimate Interests

Processing for business purposes (analytics, security, service improvement)

Data Security Measures

Chain Events implements comprehensive security measures to protect personal data:

Encryption

AES-256 encryption for data at rest and TLS 1.3 for data in transit

Access Control

Multi-factor authentication and role-based access controls

Monitoring

24/7 security monitoring and incident response protocols

Data Processing Agreement (DPA)

Chain Events has a standard Data Processing Agreement (DPA) available for customers. The DPA outlines:

Details of data processing activities

Security measures and safeguards

Sub-processor information and approval process

Data subject rights support procedures

Data breach notification procedures

Data transfer mechanisms (Standard Contractual Clauses)

To request a copy of our DPA, please contact legal@chain-events.org

International Data Transfers

Chain Events may transfer data outside the European Economic Area (EEA) only when:

The recipient country has adequate protection (EU adequacy decision)

Standard Contractual Clauses (SCCs) are in place

Binding Corporate Rules are established

You have explicitly consented

Subprocessors: We use subprocessors only when necessary and with proper safeguards in place. A current list is available upon request.

Data Breach Notification

In the event of a data breach, Chain Events will:

Immediate Actions
• Assess the breach within 72 hours
• Notify affected data subjects
• Notify relevant authorities
Our Commitment
• Transparent communication
• Provide remediation steps
• Implement corrective measures

Data Protection Officer

Chain Events has appointed a Data Protection Officer (DPO) who oversees GDPR compliance and handles data subject requests:

Email:

dpo@chain-events.org

Privacy Inquiries:

privacy@chain-events.org
Response Time: We respond to all data subject requests within 30 days.

Your Data Rights Are Protected

Chain Events is committed to GDPR compliance and protecting your data rights.
Submit Data Request Privacy Policy

GDPR Compliant • Data Protected • Your Rights Respected