CTWPrivacy Policy← Back to Home

Privacy Policy

Last Updated: December 16, 2025 | Effective Date: December 16, 2025

1. Introduction

Welcome to Coworking Tech Week ("CTW," "we," "us," or "our"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.coworkingtechweek.com (the "Site") and participate in our virtual conference events.

CTW is organized by Coworkies Labs and TwoFifty. By accessing or using our Site, you agree to this Privacy Policy. If you do not agree with the terms of this policy, please do not access the Site.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you:

  • Subscribe to our newsletter: Email address
  • Submit suggestions: Suggestion content, suggestion type (talk/product/other), and optionally your email address for follow-up
  • Request product demos: Name, email address, company name (optional), phone number (optional), and message
  • Register for the event: Name, email address, company/organization, job title, and professional interests
  • Contact us: Name, email address, and message content
  • Access admin features: Email address for authentication

2.2 Information Collected Automatically

When you visit our Site, we automatically collect certain information:

  • Device Information: Browser type, operating system, device type
  • Usage Data: Pages visited, time spent on pages, click patterns, referring URLs
  • IP Address: We hash IP addresses for rate limiting and abuse prevention; we do not store raw IP addresses
  • Analytics Data: Aggregated data about site usage through Google Analytics 4 and Google Tag Manager
  • Click Tracking: When you click external links to exhibitor websites, we log the product clicked, click location, timestamp, and destination URL (with hashed IP for privacy)

2.3 Information from Third Parties

We may receive information from:

  • Authentication providers: When you sign in via magic link, we receive your email address from Supabase Auth
  • Analytics providers: Aggregated and anonymized usage statistics from Google Analytics

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Event Operations

  • Process event registrations and manage attendee access
  • Facilitate connections between attendees and exhibitors
  • Process and respond to demo requests
  • Improve the event experience based on feedback and suggestions

3.2 Communications

  • Send event updates, schedule changes, and important announcements
  • Respond to inquiries and support requests
  • Send newsletter updates (only if you subscribed)
  • Follow up on suggestions you submitted (only if you provided your email)

3.3 Analytics and Improvement

  • Understand how visitors use our Site to improve functionality
  • Measure the effectiveness of our content and exhibitor showcases
  • Generate aggregated, anonymized statistics about event engagement
  • Prevent abuse and ensure platform security

3.4 Legal Compliance

  • Comply with applicable laws and regulations
  • Enforce our terms of service
  • Protect our rights, privacy, safety, or property

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your personal data based on:

  • Consent: When you subscribe to our newsletter, submit suggestions with your email, or accept cookies
  • Contract: When processing is necessary to provide services you requested (event registration, demo requests)
  • Legitimate Interests: For analytics, security, and improving our services, where these interests do not override your rights
  • Legal Obligation: When we must comply with applicable laws

5. How We Share Your Information

We do not sell your personal information. We may share your information with:

5.1 Service Providers

  • Supabase: Database hosting and authentication (EU data centers available)
  • Vercel: Website hosting and deployment
  • Google Analytics: Website analytics (anonymized data)
  • Resend: Email delivery for newsletters
  • Cloudinary: Image hosting and optimization

5.2 Exhibitors (With Your Consent)

When you submit a demo request for a specific product, we share your contact information (name, email, company, phone, message) with that exhibitor so they can follow up with you. This sharing only occurs when you explicitly request a demo.

5.3 Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy:

  • Newsletter subscriptions: Until you unsubscribe
  • Event registrations: For 2 years after the event for follow-up and historical records
  • Demo requests: For 1 year after submission, or until the request is completed
  • Suggestions: For 2 years to inform future event planning
  • Analytics data: Aggregated data retained indefinitely; individual session data for 14 months (Google Analytics default)
  • Click tracking: For 2 years for trend analysis

After the retention period, we securely delete or anonymize your data.

7. Your Rights

Depending on your location, you may have the following rights:

7.1 For All Users

  • Unsubscribe: Opt out of marketing emails at any time via the unsubscribe link
  • Access: Request a copy of your personal data we hold
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data

7.2 For EEA/UK Residents (GDPR)

  • Right to be Forgotten: Request erasure of your personal data
  • Data Portability: Receive your data in a structured, machine-readable format
  • Restrict Processing: Request limitation of how we use your data
  • Object to Processing: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Lodge a Complaint: File a complaint with your local data protection authority

7.3 For California Residents (CCPA)

  • Right to Know: Request disclosure of personal information collected, used, and shared
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt out of the sale of personal information (note: we do not sell personal information)
  • Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise any of these rights, please contact us at privacy@coworkingtechweek.com. We will respond within 30 days.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: All data transmitted via HTTPS/TLS encryption
  • Access Controls: Strict access controls limiting who can view personal data
  • Authentication: Secure authentication via magic links (passwordless)
  • Database Security: Row-level security policies on all database tables
  • IP Hashing: IP addresses are hashed before storage for privacy
  • Rate Limiting: Protection against abuse and automated attacks
  • Regular Audits: Periodic security reviews of our systems

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. Our service providers operate in various locations including the United States and European Union.

For transfers from the EEA/UK, we rely on:

  • Standard Contractual Clauses approved by the European Commission
  • Service providers' certification under recognized frameworks
  • Adequacy decisions where applicable

10. Children's Privacy

Our Site is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@coworkingtechweek.com, and we will delete such information.

11. Third-Party Links

Our Site contains links to exhibitor websites and other third-party sites. We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policies of any third-party sites you visit. When you click an external link, we add UTM parameters for analytics purposes, but we do not control what happens on the destination site.

12. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. For significant changes, we may also send you an email notification if you have subscribed to our communications.

We encourage you to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Coworking Tech Week

Organized by Coworkies Labs & TwoFifty

Email: privacy@coworkingtechweek.com

Website: www.coworkingtechweek.com

For EEA residents, you may also contact your local data protection authority if you have concerns about how we handle your personal data.