Privacy Policy
Last updated: 23/12/2025
1. Introduction
MacroData Events ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our team building event management platform.
We are based in Spain and comply with the General Data Protection Regulation (GDPR) and the Spanish Data Protection Law (LOPDGDD).
2. Data Controller
The data controller responsible for your personal data is:
- Company: MacroData Events
- Email: privacy@macrodataevents.com
- Address: Barcelona, Spain
3. Personal Data We Collect
3.1 Account Information
When you create an account, we collect:
- Identity data: First name, last name
- Contact data: Email address, phone number (optional)
- Date of birth (optional, for profile personalization)
- Password (stored securely using bcrypt encryption)
3.2 Company Information
For business accounts, we collect:
- Company name and domain
- Business contact information
- Tax identification number (for billing)
- Billing and fiscal addresses
3.3 Event and Voting Data
When you participate in events, we collect:
- Your votes on activities and dates
- Optional comments on activities
- Event participation status and attendance
- Timestamps of your interactions
3.4 Technical Data
We automatically collect:
- Login timestamps
- IP address (for security purposes)
- Browser type and version
4. How We Use Your Data
We use your personal data for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Account creation and management | Contract performance |
| Processing your votes and event participation | Contract performance |
| Sending event invitations and notifications | Contract performance |
| Budget tracking and billing | Contract performance |
| Security and fraud prevention | Legitimate interest |
| Platform improvement and analytics | Legitimate interest |
| Legal compliance | Legal obligation |
5. Data Sharing and Third Parties
We share your data only with:
5.1 Service Providers
- Resend: Email delivery service
- Google Places API: Venue validation
- Railway: Cloud hosting infrastructure
5.2 We Do NOT
- Sell your personal data to third parties
- Use your data for advertising purposes
- Share your data with marketing companies
- Use third-party analytics or tracking tools
6. Data Retention
We retain your personal data for as long as your account remains active or as required by applicable laws. When you delete your account, we will delete or anonymize your personal data within 30 days.
7. Your Rights Under GDPR
You have the following rights:
- Right of Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate data
- Right to Erasure: Delete your account and associated data
- Right to Data Portability: Export your data
- Right to Object: Object to certain processing activities
To exercise these rights, contact us at privacy@macrodataevents.com
8. Data Security
We implement robust security measures:
- Encryption: All data transmitted via HTTPS/TLS
- Password Security: bcrypt hashing with 12 rounds
- Access Control: Role-based access with 7 permission levels
- Rate Limiting: Protection against brute-force attacks
9. Cookies
We use only essential cookies required for the platform to function. We do not use analytics, advertising, or third-party tracking cookies.
10. Contact Us
For any questions about this Privacy Policy: