Event Privacy Policy and Terms of Service

Tractus Events – Event Privacy Policy & Terms of Service

Last Updated: December 20, 2024

1. Introduction

Welcome to Tractus Events (“we,” “us,” or “our”). We provide an online platform for delivering webinars, conferences, and other events. Sometimes, we act purely on behalf of our clients to host their events. Other times, we host our own events or marketing activities.

This document (the “Policy”) serves as both our Privacy Policy and our Terms of Service, describing:

  1. How we collect, use, and share personal data, and
  2. The terms under which you (“you,” “user,” or “participant”) may access our services (collectively, the “Service”).

By accessing or using our Service, you agree to the terms in this Policy. If you do not agree, you should not use the Service.

2. When We Are a Data Processor vs. Data Controller

  1. Data Processor (On Behalf of Clients)
    • If the event is owned by one of our clients and we are merely providing the platform, our client is the “data controller,” and we act as a “data processor.” We process personal data strictly under our client’s instructions.
  2. Data Controller (Our Own Events)
    • When we host events for our own purposes (e.g., our own marketing webinars or conferences), we are the “data controller” and decide how and why personal data is collected.

Regardless of our role, we uphold the privacy standards set forth in this Policy.

3. Scenarios Covered in This Policy

We host different types of events. This Policy applies to each scenario:

  1. Public Webinar (No Login Required)
    • The webinar is freely accessible once you provide basic info (e.g., name, email) in a “capture gate.” You may see a consent checkbox if marketing communications apply.
  2. Public Webinar (Pre-Registration Required)
    • You (or our client) collect your information in a registration form to receive a webinar link. In some cases, you’ll receive a unique link or confirmation email.
  3. Private Event (Login Required)
    • These events require you to register (or purchase a ticket) beforehand. We or our client will provide you with login credentials to access the event content.
    • Registration info may come directly from you (if you sign up on our system) or from our client (if you sign up on their portal).

4. Data We Collect

We may collect different categories of personal data when you sign up for or attend an event through our platform. Please note that the exact fields collected—and whether they are mandatory or optional—may vary depending on the event, our client’s requirements, or our own requirements for our own events.

  1. Name & Email Address

    • Typically mandatory for all events or webinars to authenticate your access and send necessary event-related emails.
    • Purpose: Provide event access, send transactional emails (reminders, updates), and (if you opt in) marketing communications.

  2. Additional Event-Related Information (e.g., Title, Organization, Ticket Type, Coupon Code)

    • Mandatory vs. Optional:
      • For some events, these fields may be required to verify eligibility (e.g., professional credentials for CE credits) or manage ticketed access.
      • In other events, these fields may be optional or omitted entirely, depending on the client’s or our own data collection preferences.
    • Purpose:
      • Facilitating event logistics (such as ticket upgrades, meal preferences, sponsor interactions).
      • Providing tailored experiences or content based on your role, organization, or ticket type.

  3. Local Storage or Unique IDs

    • We may store a random ID in your browser’s local storage to track webinar watch times (e.g., for continuing education credits) or other analytics.
    • Legal Basis:
      • Often legitimate interest or contractual necessity if it’s strictly needed to deliver the service or issue certificates.

  4. IP Address (If Collected)

    • Generally collected for security, troubleshooting, or fraud prevention.
    • We strive to minimize storing IP addresses unless necessary.

Mandatory vs. Optional Fields

Where certain fields are marked as “mandatory,” it means we (or our client) require that information to provide the requested service (for example, to issue a CE certificate or grant ticket access). If you do not provide a required field, you may not be able to register or gain access to some or all parts of the event.

Where certain fields are marked as “optional,” providing that information is entirely at your discretion. Choosing not to provide optional data should not prevent you from accessing the core event functionality, though it may limit any personalized features or event add-ons.

Non-Personal / Aggregate Data

  • We may collect de-identified or aggregate data about site usage and viewing behaviors to improve our Service. This data does not identify you personally.

5. How We Use Your Data

  1. Event / Webinar Access
    • Verify your registration or gate submission so you can view the content.
  2. Transactional Communications
    • Send essential emails regarding the event, such as session reminders, agenda updates, or sponsor highlights.
  3. Marketing Communications
    • If you opt in (e.g., via CASL-compliant checkbox), we may send marketing materials related to future events or offers. You can unsubscribe anytime.
  4. Analytics & Engagement
    • Track viewing times, drop-off points, and general attendance trends to improve user experience and, where relevant, award CE credits.
  5. Security & Fraud Prevention
    • Monitor and safeguard against unauthorized access or malicious activity.

6. Sharing Your Data

  1. With Our Clients
    • If we host the event on behalf of a client, we share user data (registration info, attendance logs, etc.) with that client. They may use it according to their own privacy policies.
  2. Service Providers / Subprocessors
    • We may share data with trusted service providers (e.g., hosting, emailing) who process it on our behalf under confidentiality obligations.
  3. Legal Compliance
    • We may disclose data if required by law, court order, or regulatory request.

7. Data Retention & Security

  • Retention: We keep personal data only as long as needed for the event’s purpose or as required by our client agreements or legal obligations (e.g., record-keeping for CE credits). After that, we securely delete or anonymize the data.
  • Security: We use safeguards like encrypted transmission (HTTPS), secure data centers (e.g., Microsoft Azure in Canada), and access controls to protect your data.

8. International Data Transfers

Our primary data storage is in Canada. If you are located outside Canada, your personal data will be transferred and processed in Canada, which may have different data protection laws than your country of residence.

  • If we are acting for an EU client: We may rely on Standard Contractual Clauses (SCCs) or other recognized transfer mechanisms to safeguard EU personal data.

9. Your Rights (GDPR & Other Laws)

Depending on your jurisdiction, you may have rights under GDPR, PIPEDA, or other local privacy laws:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate data.
  • Erasure (“Right to be Forgotten”): Request deletion under certain conditions.
  • Restriction: Temporarily halt processing if the accuracy or legality is contested.
  • Objection: Object to processing based on legitimate interests.
  • Data Portability: Receive your personal data in a structured, machine-readable format.

To exercise these rights, contact us at [privacy@tractus.ca]. We may verify your identity before processing requests.

10. Children’s Privacy

Our events are generally not aimed at children under 18. We do not knowingly collect personal data from minors without parental consent. If you believe we have inadvertently collected such data, please let us know so we can delete it.

11. Terms of Service

11.1 Acceptance of Terms

By accessing our Service—whether through a public or private event—you agree to this Policy (which includes our Terms of Service). If you do not agree, you must discontinue use.

11.2 User Accounts & Registration

  • Public Webinar (No Login): You must provide your name/email at our capture gate to proceed.
  • Public Webinar (Pre-Registration): You or our client’s system collects your info, and we send an access link or confirmation.
  • Private Event (Login Required): You must log in with credentials (created by us or provided by the client). You are responsible for maintaining the confidentiality of your login details.

11.3 Permissible Use

  • You agree not to engage in unauthorized sharing of credentials, malicious activities (uploading malware, harassing users), or violating any law while using the Service.
  • We (or our client) reserve the right to revoke your access if you breach these Terms or engage in prohibited conduct.

11.4 Intellectual Property

  • All event content (videos, slides, etc.) is protected by intellectual property laws. Unless explicitly authorized, you may not reproduce, distribute, or create derivatives.

11.5 Transactional vs. Marketing Emails

  • Transactional: We may send emails strictly related to your event (reminders, agenda updates). These are considered part of the Service.
  • Marketing: Only sent if you have consented. You can opt out at any time.

11.6 Disclaimer of Warranties

  • The Service is provided “AS IS.” We make no warranties, express or implied, about its accuracy, reliability, or availability.

11.7 Limitation of Liability

  • To the extent permitted by law, we are not liable for indirect or consequential damages arising from your use or inability to use the Service.

11.8 Indemnification

  • You agree to indemnify us and our clients from any claims or damages resulting from your breach of these Terms or misuse of the Service.

11.9 Termination

  • We may suspend or terminate your access if you violate these Terms or if instructed by the hosting client (e.g., non-payment or policy breach).

11.10 Governing Law & Dispute Resolution

  • This Policy is governed by the laws of Ontario, Canada.
  • Any disputes shall be resolved in Ontario, Canada, unless otherwise required by law.

12. Changes to This Policy

We may revise this Policy over time. The “Last Updated” date at the top indicates the most recent revision. Your continued use of the Service after we post any changes signifies your acceptance of the updated Policy.

13. Contact Us

If you have questions or concerns about this Policy, or wish to exercise any rights you may have under applicable law, please contact:

Privacy Officer
Tractus Events
Email: privacy@tractus.ca

Quick Reference: Which Parts Apply to Me?

  • Public Webinar (No Login): You’ll see a quick gate asking for your name/email (and possibly a consent checkbox).
  • Public Webinar (Pre-Registration): You’ll fill out a form (ours or the client’s) and receive a link or confirmation email.
  • Private Event (Login): You’ll be given or create account credentials (username/password) to access the event.

In all cases, your data is collected under this blanket Policy, which explains your rights and how we handle personal data—whether we’re acting as a data processor for a client or as the data controller for our own events.

END OF POLICY