Privacy Policy

1. Who We Are

2. What Data We Collect

We collect the following categories of personal data:

2.1 Information You Provide

• Name and email
• Profile data (title, background, location, goals, interests)
• Profile picture
• Event registrations and goals
• Contact preferences
• LinkedIn info (if manually added)
• Requests sent to support

2.2 Information Generated Through Use

• Event interaction data (browsing, attending, saving)
• Connection history
• Recommendation history
• Consent preferences
• Event interaction tracking data (if consented)

2.3 Technical Data

• IP address (anonymized)
• Browser and device type
• Google Analytics: IP-anonymized web analytics (controlled by cookie consent)
• Event Interaction Data: If opted in: Unidentifiable event interactions and engagement data. If opted out: Anonymous click tracking and event engagement metrics

2.4 Payment Data

When you make payments through our platform:

• Payment information (credit card details, bank account info) is processed directly by Stripe and is not stored on our servers
• We receive confirmation of successful payments and basic transaction details from Stripe
• We do not have access to your full payment method details
• Stripe handles all payment data in compliance with PCI DSS standards

We do not request or collect any sensitive personal data. Users may voluntarily provide such data in free-text fields, but this is not required or processed for any core feature.

3. Why We Collect Your Data

We process your data to:

• Deliver our networking and event discovery services
• Generate personalized recommendations via AI
• Help you build a relevant professional profile
• Track your event participation and preferences
• Enable meaningful connections with other users
• Improve the platform through analytics
• Send relevant service updates and support

We also process anonymized usage data to understand trends, prevent abuse, and enhance performance.

4. Legal Basis for Processing

We rely on the following legal bases:

• Contractual necessity: To provide the services you sign up for
• Legitimate interest: To improve the platform, ensure security, and support your networking goals
• Consent: For marketing communications and AI-powered personalization
• Legal obligation: To comply with applicable data protection and accounting laws

You can withdraw consent or object to processing at any time.

5. Consent Management

We provide granular control over your data collection preferences:

5.1 Granular Control

• Users can opt out of cookies but still grant analytics consent when logged in
• Analytics consent overrides cookie dissent for authenticated users

5.2 Consent Hierarchy

• Not authenticated users: Analytics controlled by cookie consent
• Authenticated users: Analytics controlled by separate analytics consent
• Override rights: Analytics consent can override cookie consent for logged-in users

5.3 Withdrawal Rights

Users can change their analytics consent at any time through their account settings or by contacting us at amalia@crewcial.io.

6. Third-Party Services

We share data only with the following trusted third parties:

We do not share your data with social media platforms, advertisers, or any unrelated third parties.

7. How Long We Keep Your Data

You can request early deletion at any time (see Section 8).

8. How We Protect Your Data

We take the following steps to secure your information:

• Encryption of data in transit and at rest
• Access restricted to authorized personnel
• Regular platform and security updates
• Secure login infrastructure and monitoring
• Minimal data sharing and strong processor agreements

9. Your Rights

You have the following rights under GDPR:

• Right to access – get a copy of your personal data
• Right to rectification – correct inaccurate or incomplete data
• Right to erasure – request full deletion of your account and data
• Right to restrict processing – limit how we use your data
• Right to object – especially regarding data used under "legitimate interest"
• Right to data portability – receive your data in a portable format
• Right to withdraw consent – opt out of marketing or AI features

To exercise any of these rights, email us at amalia@crewcial.io. We'll respond within 30 days.

10. AI-Powered Features

We use OpenAI services to:

• Recommend relevant events based on your profile and preferences
• Score events for relevance based on your profile and preferences
• Help you generate a profile if requested

These features are optional. AI-generated content is provided "as is" and may not always be accurate or complete.

11. Cookies and Tracking

We use cookies and tracking technologies with a focus on data minimization and anonymous tracking by default:

11.1 Cookie Categories

• Essential cookies – required for login/session functionality
• Analytics cookies – Google Analytics (IP-anonymized, GDPR compliant)
• Analytics consent – separate from cookie consent for logged-in users

11.2 Data Minimization Principles

• Anonymous by default: Event interactions are tracked anonymously unless user grants explicit analytics consent
• No personal data: Analytics data is not connected to individual user accounts unless explicitly consented
• Minimal collection: We only collect data necessary for improving recommendations and platform analytics

We do not use cookies for advertising, retargeting, or user-level tracking. You can control cookies via your browser or through our consent management system.

12. Children's Privacy

crewcial is not intended for users under 18 years of age. We do not knowingly collect data from minors. If you believe a child has used the platform, contact us immediately and we will delete the data.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes to our service. You will be notified of significant changes via email or platform notifications.

Previous versions are archived and available on request.

14. Contact

For privacy-related questions or to exercise your rights, contact: