Privacy policy

Last Updated: March 20, 2025

Welcome to CheckThis. We provide event, guest, and CRM management tools (the “Service”). This Privacy Policy explains how we collect, process, and protect personal data on behalf of our customers (the “Data Controllers”). CheckThis acts solely as a Data Processor as defined under relevant data protection laws, including the EU General Data Protection Regulation (GDPR).

By using the Service, you (the Data Controller) agree to the practices described in this Privacy Policy. If you (or your end users) do not agree with any part of this Policy, please discontinue use of the Service.

1. Our Role as a Data Processor

CheckThis acts solely as a “Data Processor” for any personal data you upload, store, or manage within our Service. You, as the “Data Controller,” retain full responsibility for determining the lawful basis of processing, collecting proper consent from your end users or guests, and complying with all applicable data protection regulations.

2. Information We Process

2.1 Data You Provide

When you use our Service, you may upload or store personal data related to your contacts, guests, or event invitees. Examples may include:

  • Names, email addresses, and phone numbers
  • Event participation information (e.g., RSVPs, attendance)
  • Any other personal data you choose to store in the Service

As Data Processor, we only access or process this information on your instructions.

2.2 Log Data

If the Service encounters an error, we may collect certain information automatically in the form of “Log Data,” such as:

  • Your device’s Internet Protocol (IP) address
  • Device name, operating system version, and unique device identifiers
  • The configuration of the app at the time of the error
  • Time and date of usage
  • Diagnostic statistics for troubleshooting

2.3 Third-Party Services

We may use third-party services (e.g., Google Play Services) for analytics, crash reporting, or similar functionalities. These services may collect information used to identify you or your end users. Please review their privacy policies for details:

3. How We Use the Information

As a Data Processor, we use the information solely to:

  • Provide, maintain, and improve the Service
  • Facilitate event invitations, guest tracking, and CRM functions
  • Analyze usage and trends to enhance functionality
  • Respond to errors and protect the security or integrity of the Service

We do not independently use or share personal data for our own purposes.

4. Data Retention

We store the personal data you upload to the Service indefinitely, unless:

  • You delete the data manually
  • You close your account
  • You request us (in writing) to delete it

In each case, we will securely remove or anonymize personal data in accordance with our internal policies and any legal obligations.

5. Children’s Privacy

The Service is not intended for use by children under the age of 16 in the European Union. As the Data Controller, you are responsible for ensuring compliance with any applicable age restrictions and obtaining parental/guardian consent where required. If you become aware that personal data of a child under 16 has been shared through the Service without proper consent, please contact us immediately.

6. Data Security

We take reasonable measures to protect the data stored on our servers from unauthorized access, alteration, disclosure, or destruction. These measures may include encryption of data in transit (HTTPS), limited access protocols, and regular security assessments. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Your Responsibilities as Data Controller

You are responsible for:

  • Providing appropriate privacy notices and/or obtaining valid consents from end users, as required by law.
  • Ensuring that personal data you collect and store in the Service is done lawfully.
  • Handling data subject requests (access, rectification, deletion, etc.) from your end users.
  • Maintaining records of processing activities, if required by law.

8. International Transfers

The data you provide may be transferred to, and maintained on, servers located outside of your state, province, or country. If you are located in the European Economic Area (EEA), we will ensure that any international transfers comply with GDPR requirements, such as using approved contractual clauses or other safeguards.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time by posting a new version on our website. Your continued use of the Service after any modifications indicates your acceptance of the updated Privacy Policy.

10. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at: [email protected].