Request a demo
inwink, event-intelligence software
Request a demo

inwink compliance with GDPR

The European regulation ‘’General Data Protection Regulation’’ (GDPR) came into effect on 25th May 2018.

inwink is a BtoB event-management solution available in SaaS mode, developed and published by Infinite Square SAS. Business customers use the inwink platform to collect and process registration and attendance data pertaining to their events.

The inwink platform enables a company or an organization using inwink, as Data Controller, to manage personal information about its participants by means of the platform user interface.

As Data Processor, Infinite Square is not allowed to manage personal information processed by the inwink platform unless it receives explicit and documented instruction from the Data Controller (the inwink customer).

The Data Protection Officer at Infinite Square can be contacted at regarding any question or request for creation, update, or deletion of data.

It is the responsibility of business customers using inwink to generate forms which collect data, to ensure that the legal notices related to the collection of personal information be put into place.  

The inwink platform is hosted in Microsoft Cloud datacenters located in Europe (Dublin and Amsterdam), in order to guarantee that the data collected remain physically within the European territory. This hosting infrastructure is certified under the ISO/IEC 27018 – Cloud Privacy requirement.

Data collected by the inwink platform are encrypted by means of the SQL Database Transparent Encryption functionality.

A strict system of logs at the application level has been put into effect by design into the inwink architecture in order to detect and track any intrusion attempt.

inwink is built on a PaaS architecture which implements current state-of-the-art practices in terms of application-layer security.

Physical destruction of the entire set of data pertaining to a customer (hot data and backup data) is conducted right away upon request from the customer.

The cookie policy in the front-end component of the inwink platform implements a strict classification rule of essential versus non-essential.

It is the responsibility of the company or organization using the inwink platform to:

  • Insert the appropriate legal notices into all forms collecting data, and to disclose the workflows of data collection and processing which are specific this business customer
  • Create a form to collect the requests from registrants and participants to access their personal information, in particular to implement the right to be forgotten
  • Create specific pages to enable registrants and participants, once they have been properly identified, to access and modify their personal information
  • To retrieve upon request the entire set of data collected pertaining to a participant or registrant to an event, or to delete the data physically and permanently