1. Introduction

Trippus Event Solutions AB (“Trippus”, “we”, “our”, “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal information when you use the Trippus Check-in app for iOS. The app is designed to support event organizers and staff by enabling secure on-site printing of name badges.

We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Information We Collect

When using the app, we may process the following types of data:

• Event attendee information (e.g., name, company, role, email, phone number) provided by the event organizer.

• Account and authentication data for authorized event staff (e.g., login credentials).

• Device and technical information (e.g., IP address, operating system, app version, usage logs) to ensure system security and troubleshooting.

We do not collect sensitive personal data unless explicitly provided by the event organizer for badge printing purposes.

‍

3. How We Use the Information‍

We process personal data only for purposes related to the provision of the Check-in service:

• To check attendees in at events.

• To generate and print attendee badges on-site.

• To authenticate authorized users (event staff).

• To ensure the security, availability, and integrity of our systems.

• To provide support and resolve incidents.

• To comply with legal obligations.

4. Legal Basis for Processing

We process personal data on the following legal bases under GDPR:

• Contractual necessity: To deliver the Check-in service as agreed with the event organizer.

• Legitimate interest: To maintain security and prevent misuse of the app.

• Legal obligation: To comply with applicable laws and regulations.

5. Data Retention

We retain personal data only as long as necessary to fulfill the purposes described above or as required by law. Event-related data is typically deleted or anonymized after the event has concluded, unless otherwise agreed with the event organizer. Backup retention follows Trippus’ IT security policies (standard retention: 30 days).

6. Data Security

We apply strict technical and organizational measures to protect personal data, including:

• Encrypted communication between app and servers.

• Role-based access control with Multi-Factor Authentication (MFA).

• Hosting in ISO 27001–certified data centers located in Sweden.

• Continuous monitoring and vulnerability management through our Security Operations Center (SOC).

• Regular backups stored in separate physical locations.

7. Sharing of Data‍

We do not sell or share personal data with third parties for marketing purposes. Data may be shared with:

• Event organizer: as the data controller, they control attendee information.

• Authorized subprocessors: IT and hosting partners bound by Data Processing Agreements (DPA).

• Authorities: if required by law.

Any transfers outside the EU/EEA are made only under lawful safeguards (e.g., Standard Contractual Clauses).

8. Data Controller & Data Processor

• For attendee data, the event organizer is the Data Controller, and Trippus acts as the Data Processor.

• For account and technical data, Trippus may act as the Data Controller.

9. Your Rights

Under GDPR, you have the right to:

• Access your personal data.

• Request correction or deletion.

• Restrict or object to processing.

• Data portability.

Requests can be made by contacting: info@trippus.com.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in legal, technical, or business requirements. Updates will be published in the app and on our website.

‍

11. Contact

For any questions regarding this Privacy Policy or our data protection practices, please contact:

Trippus Event Solutions AB
Kungsgatan 62, SE-753 41 Uppsala, Sweden
Email: info@trippus.com

‍

Effective date: September 1, 2025
‍Company: Trippus Event Solutions AB
‍Address: Kungsgatan 62, SE-753 41 Uppsala, Sweden
‍Contact: info@trippus.com