Privacy Policy

1. Introduction

DavosFlow ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our event management platform and mobile application.

2. Information We Collect

Personal Information

When you register or use our services, we may collect:

• Name (first and last name)
• Email address
• Phone number
• Company and job title
• Profile photo
• Event attendance and check-in data

Information from Third-Party Services

When you choose to sign in using Google or other OAuth providers, we receive:

• Your basic profile information (name, email, profile picture)
• Your email address for account identification

We only request the minimum permissions necessary to create and manage your account. We do not access your contacts, calendar, or other Google services without explicit authorization.

Automatically Collected Information

We automatically collect certain information when you use our platform:

• Device information (type, operating system)
• IP address
• Browser type
• Usage data and analytics

3. How We Use Your Information

We use the information we collect to:

• Create and manage your account
• Facilitate event registration and check-in
• Send event-related communications and updates
• Generate QR codes for event access
• Improve our services and user experience
• Ensure platform security and prevent fraud
• Comply with legal obligations

4. Information Sharing

We may share your information with:

• Event Organizers: Your registration and attendance information is shared with event administrators for the events you attend
• Service Providers: Third-party vendors who assist in operating our platform (hosting, analytics, email delivery)
• Legal Requirements: When required by law or to protect our rights

We do not sell your personal information to third parties.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (HTTPS/TLS)
• Secure password hashing
• Two-factor authentication (MFA) option
• Regular security audits
• Access controls and authentication

6. Your Rights and Choices

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data
• Portability: Receive your data in a portable format
• Withdraw Consent: Unlink OAuth providers from your account

To exercise these rights, please contact us or use the settings in your profile.

7. Third-Party OAuth Services

When you use Google Sign-In or other OAuth providers:

• We only access basic profile information you authorize
• You can revoke access at any time through your Google Account settings or our profile settings
• We store OAuth tokens securely and only use them to maintain your session
• We do not post to your social accounts or access information beyond what's needed for authentication

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. After account deletion, we may retain certain information as required by law or for legitimate business purposes.

9. Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@stromback.com