Controller and contact

Unless a different organizer is clearly identified for a specific event, the controller for the data described here is the organizer operating this meetntalk instance. The provider and contact details published on the imprint page form part of this notice.

Data we process

• Account and authentication data: email address, display name, password hash, account status, consent version, session data, and account-security timestamps.
• Profile data: biography text, profile image, and other information you choose to add to your profile.
• Event participation data: event registrations and related organizer-side attendance information.
• Uploads and communications: files you upload and messages created when you contact support or trigger privacy-request actions.
• Technical data needed to operate the service: essential session cookies and limited technical metadata used to keep the service secure and functional.

Why we process your data and our legal bases

• To provide the service including account creation, login, event registration, and profile management under Article 6(1)(b) GDPR.
• To keep the platform secure and reliable including abuse prevention, troubleshooting, and service administration under Article 6(1)(f) GDPR.
• To comply with legal obligations such as handling privacy requests and responding to legally required disclosures under Article 6(1)(c) GDPR.
• To process information you choose to provide such as optional profile text or files you upload as part of your use of the service under Article 6(1)(b) GDPR and, where applicable, Article 6(1)(a) GDPR.

Who receives your data

Your data is only shared where needed to operate the platform. Typical recipients are the organizer's administrators, hosting and storage providers, and email service providers used for operational messages.

This MVP currently uses Brevo to send transactional emails such as activation links and manual privacy-request notifications.

International transfers

We try to use providers in the EU or EEA where practical. If a service provider processes data outside the EU or EEA, we rely on a permitted transfer mechanism such as an adequacy decision or the European Commission's standard contractual clauses.

How long we keep data

• Account data is generally kept while your account remains active.
• Event participation and related administrative records may be kept for as long as needed to run the community, document attendance, or meet legal obligations.
• Uploads are kept until you remove or replace them, or until the related account is deleted, subject to ordinary backup retention.
• Technical and security records are usually kept for shorter periods unless they are needed to investigate abuse or comply with law.

Your rights

Under the GDPR, you may have the right to request access, rectification, erasure, restriction of processing, data portability, and to object to certain processing. Where processing is based on consent, you may withdraw that consent for the future.

You also have the right to lodge a complaint with a supervisory authority, including in the EU member state of your habitual residence, place of work, or the place of the alleged infringement.

How to exercise your rights

You can request a copy of your data or request deletion from your profile page. In this MVP, those actions create a manual support request and are not fulfilled automatically.

If you need correction, access, deletion, or another privacy action, contact the organizer using the support channel listed below.

Automated decision-making

This service does not use automated decision-making or profiling that produces legal or similarly significant effects on you.

Changes to this policy

We may update this policy when the service, legal requirements, or operational setup changes. The version shown at the top indicates the current text in use.