Privacy Policy

This Privacy Policy explains what information Convova (“we”) collects, how we use it, and the choices you have, when you use Convova (the “Service”).

• Account information that you provide, such as your name, email address, and optional profile details (title, organization, bio, avatar, and social or web links).
• Event participation data, such as the tickets you hold, your check-in records, the sessions you save or like, and the connections you make with other attendees.
• Content you submit, including, if you are an organizer, the attendee information you invite or import and the event content you publish.
• Technical information, such as basic server logs and a session cookie that keeps you signed in.

We use this information to operate and provide the Service, including to authenticate you and keep you signed in; deliver your passes and enable check-in; power scheduling and networking features; send transactional messages such as invitations, password resets, and announcements; maintain security; and improve the Service.

When you participate in an event, the organizers and staff of that event can see the information necessary to run it — for example, your profile details, your tickets, and your check-in status. This sharing is a core part of how events operate on the Service.

Networking is driven by your actions. When you connect with another attendee — for example, by scanning their badge — you share your profile information with that person. Aggregate signals, such as the number of likes on a session, may be visible to others, but who liked a session is not.

We rely on trusted third parties to operate the Service, such as cloud hosting, our database provider, and an email-delivery provider. These providers process information on our behalf and are bound by appropriate confidentiality and security obligations.

We retain your information for as long as your account or the relevant event is active, and as needed to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. When information is no longer needed, we delete or anonymize it.

We use reasonable technical and organizational measures to protect your information, including hashed passwords, encrypted transport, and an httpOnly session cookie. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.

We use a single, strictly necessary authentication cookie to keep you signed in. We do not use cookies for advertising or third-party tracking.

You can review and update your profile, and change your email address or password, from your account settings. You may request deletion of your account by contacting us. Depending on where you live, you may have additional rights regarding your personal information; contact us to exercise them.

The Service is not directed to children, and we do not knowingly collect personal information from children under the age required by your jurisdiction. If you believe a child has provided us information, please contact us.

We may update this Privacy Policy from time to time. When we do, we will revise the date above, and, if the changes are material, take reasonable steps to notify you.

Questions about this policy? Email us at [email protected].