Privacy Policy

Last updated: April 15, 2026

ConfStudio ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit www.confstudio.com, use the ConfStudio admin portal, or interact with a conference app built on our platform.

1. Information We Collect

a. Information You Provide

Category	Examples
Account Information	Name, email address, password, organization name
Event Content	Session titles, speaker bios, schedules, logos, images
Payment Information	Billing address; payment processing is handled by our PCI-compliant payment provider — we do not store full card numbers
Communications	Messages you send us via email or support requests

b. Information Collected Automatically

Usage Data: Pages visited, features used, timestamps, and interaction patterns.
Device Data: Browser type, operating system, device identifiers, and IP address.
Cookies: We use essential cookies to operate the Service and analytics cookies to understand usage. See Section 6 below.

c. Attendee Data

When attendees use a conference app, the app may collect device identifiers (for push notifications), bookmarked sessions, and schedule preferences. We process this data on behalf of the event organizer (who is the data controller under GDPR).

2. How We Use Your Information

To create, operate, and maintain your account and conference apps.
To process transactions and send related communications (receipts, confirmations).
To send push notifications on your behalf to attendees.
To respond to support requests and improve the Service.
To monitor usage patterns and prevent fraud or abuse.
To comply with legal obligations.

3. How We Share Your Information

We do not sell your personal information. We may share data with:

Service Providers: Cloud hosting (AWS), email delivery, analytics, and payment processing providers that help us operate the Platform.
Event Organizers: Attendee interaction data (e.g., session bookmarks) is shared with the organizing entity that created the conference app.
Legal Requirements: When required by law, subpoena, or to protect our rights.
Business Transfers: In connection with a merger, acquisition, or asset sale.

4. Data Retention

We retain your account data for as long as your account is active. Event data is retained for up to 12 months after the event date, after which it is automatically anonymized. You may request earlier deletion by emailing start@confstudio.com.

5. Data Security

We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews. No method of transmission over the Internet is 100% secure, but we strive to protect your data using commercially reasonable means.

6. Cookies

We use the following types of cookies:

Type	Purpose	Duration
Essential	Authentication, session management	Session
Analytics	Page views, feature usage (Google Analytics)	Up to 2 years
Preferences	Language, theme settings	1 year

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

Access and receive a copy of your personal data.
Correct inaccurate personal data.
Request deletion of your personal data.
Object to or restrict processing of your data.
Data portability (receive your data in a structured format).
Withdraw consent where processing is based on consent.

To exercise any of these rights, contact us at start@confstudio.com. We will respond within 30 days.

8. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion, and the right to opt-out of the sale of personal information. We do not sell personal information.

9. International Data Transfers

Our servers are located in the United States. If you access the Service from outside the US, your data will be transferred to and processed in the US. We use standard contractual clauses and other appropriate safeguards for international transfers where required.

10. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such data, please contact us and we will promptly delete it.

11. Third-Party Links

The Service may contain links to third-party websites. We are not responsible for the privacy practices of those sites. We encourage you to review their privacy policies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the Platform. The "Last updated" date at the top reflects the latest revision.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

ConfStudio
Email: start@confstudio.com
Phone: +(415) 340 1985