Comprehensive Legal Policies – Emeetconfex.com

Comprehensive Privacy Policy & Terms of Use

1. Introduction & Global Compliance Mandate
2. Detailed Categories of Data Collection
3. Lawful Basis for Processing (GDPR/CCPA)
4. Data Sharing & Third-Party Disclosures
5. California Consumer Privacy Rights (CPRA)
6. Data Subject Rights & Procedures
7. Virtual Event Security & Integrity
8. Terms of Use & Code of Conduct
9. Financial, Cancellation & Refund Policies
10. Force Majeure & Limitation of Liability
Appendices: Cookie Policy, DPA, and Breach Protocol

Last Updated: December 17, 2025
Version: 1.0 (Full Compliance Revision)

1. Introduction and Scope

This Privacy Policy (“Policy”) is a legally binding agreement between you (“User,” “you,” or “your”) and Emeetconfex.com (“Company,” “we,” “us,” or “our”). This document governs the processing of Personal Information (PII) collected through our virtual and hybrid event platform, website, mobile applications, and any related support services (collectively, the “Services”).

Emeetconfex operates at the critical intersection of personal data processing and complex commercial contracts. This operational profile necessitates a unified and rigorously compliant legal framework. The global nature of hosting conferences and events means that Emeetconfex must navigate multiple international legal jurisdictions, including, but not limited to, the European Union (EU) and the State of California, regardless of the company’s primary establishment location. The compliance requirement is triggered even if the platform interacts with or processes data from a single EU citizen.

1.1 Global Regulatory Standards

The policies drafted herein demonstrably satisfy the strictest requirements set forth by leading international data protection statutes, specifically the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and the Children’s Online Privacy Protection Act (COPPA).

2. Detailed Categories of Data Collection

We collect various categories of information, which may include PII, to provide and improve the Services. Our collection adheres to the principle of data minimization, meaning we only collect data strictly necessary for specified purposes.

2.1 Identifiers and Contact Data

We collect full names, professional titles, organizational affiliations, email addresses, postal addresses, telephone numbers, unique user IDs, and unique access codes. This information is essential for verifying identity and granting access to secure event environments.

2.2 Professional and Demographic Data

To enhance the networking experience, we collect data regarding job functions, industry sectors, company size, conference attendance history, and specific session attendance records. This allows Event Hosts to tailor content and facilitates relevant professional connections.

2.3 Technical and Usage Data

Our servers automatically log IP addresses, device identifiers, browser types, operating systems, and session durations. We track pages viewed, referral URLs, and interactions with platform features such as polling, Q&A, and chat activity. This data is utilized for platform optimization and security monitoring.

2.4 User-Generated Event Content

Data submitted within the virtual event environment, including chat messages, Q&A submissions, poll responses, and audio/visual contributions during recorded sessions, is stored as part of the event record. Attendees should be aware that session recordings may capture their likeness and voice if they participate on-screen.

3. Lawful Basis for Processing (GDPR Compliance)

For individuals residing in the EU/EEA, every data processing activity is underpinned by a defined lawful basis:

Contractual Necessity: Processing required to perform the service—processing payments, providing login credentials, and granting event access.
Legitimate Interest: Necessary for platform security, fraud prevention, and internal analytics. This also covers networking facilitation, such as displaying an attendee’s name on a digital badge, as expected in professional conference environments.
Explicit Consent: Required for non-essential marketing and, crucially, for sharing PII with sponsors and exhibitors. This must be a positive opt-in.
Legal Obligation: Necessary for compliance with tax reporting or regulatory investigations.

4. Data Sharing and Third-Party Practices

4.1 Sharing with Sponsors and Exhibitors

Emeetconfex may share attendee PII with event sponsors, partners, and exhibitors only when the attendee has provided explicit, non-mandatory consent during registration. This sharing is often the basis for “lead generation” in professional events. Once PII is transferred to an exhibitor, Emeetconfex is no longer the Data Controller for that information; the sponsor becomes responsible for its subsequent use and security.

4.2 Corporate Transactions (Business Transfer Clause)

In the event that Emeetconfex is involved in a merger, acquisition, asset sale, or business reorganization, user PII may be transferred as a business asset. We ensure that the transferee is bound by obligations that maintain the protection of the transferred data consistent with this Policy.

5. California Consumer Privacy Rights (CCPA/CPRA)

California residents are granted expansive rights concerning their data. Emeetconfex discloses all categories of personal information collected and shared.

Right to Opt-Out: You have the absolute right to direct us not to sell or share your personal information. To exercise this, use the link provided: Do Not Sell or Share My Personal Information. This request will be honored for a minimum of 12 months.

6. Data Subject Rights (DSR)

Users worldwide have the right to control their personal data. Emeetconfex provides mechanisms to exercise:

Right of Access: Request a full copy of all personal data we hold.
Right to Rectification: Request correction of inaccurate information.
Right to Erasure: The “Right to be Forgotten”—requesting permanent deletion of your profile.
Right to Data Portability: Receiving your data in a structured, machine-readable format.

7. Virtual Event Security and Integrity

To prevent unauthorized access (e.g., “Zoom-bombing”), we implement:

Access Control: One-time passwords (OTP) or unique access links for all sensitive rooms.
Waiting Rooms: Moderators screen participants before entry.
Role-Based Permissions: Default restrictions on screen-sharing and file transfers for general attendees.

8. Terms of Use & Acceptable Conduct

By using the Services, you agree to adhere to our Code of Conduct. Prohibited behavior includes harassment, hate speech, expletives, or unauthorized commercial promotion. Emeetconfex reserves the right to remove any participant without warning or refund for violating these terms.

9. Financial, Cancellation, and Refund Policy

All registration fees must be paid in full prior to event access. The following tiered refund policy applies:

Days Prior to Event	Refund/Credit Eligibility
46+ Days	100% Cash Refund (minus admin fee)
22 to 45 Days	50% Future Event Credit
8 to 21 Days	40% Future Event Credit
0 to 7 Days	No Refund or Credit; Total Forfeiture

10. Force Majeure and Liability

Emeetconfex shall not be liable for failure to perform due to events beyond our reasonable control, including acts of God, pandemics, major software failures, or catastrophic internet service provision outages. Under no circumstances shall Company liability exceed the amount of fees paid by the User for the specific event in question.

Appendix A: Cookie & Tracking Inventory

We utilize strictly necessary cookies for security, functional cookies for language preferences, and performance cookies for analytics. Users can manage these via our Cookie Settings portal. We honor Global Privacy Control (GPC) signals.

Appendix B: Sponsor Data Processing Agreement

All sponsors receiving lead lists from Emeetconfex must contractually agree to:

Use PII only for the event-related purpose.
Maintain AES-256 encryption for data at rest.
Delete PII immediately upon an attendee’s request to Emeetconfex.

Appendix C: Breach Response Protocol

In the event of a breach, our SIEM tools trigger an isolation protocol within 4 hours. We notify the lead Supervisory Authority within 72 hours for all high-risk GDPR breaches and provide direct notification to affected individuals via their registered email.

Governance: Haryana, India | Jurisdiction: Binding Arbitration Required.