Privacy Policy

Last updated: 19 May 2026

1. Introduction

FX2 INFORMATION SERVICES LIMITED ("we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use the Events Manager platform ("Service").

We are the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR).

Data Controller: FX2 INFORMATION SERVICES LIMITED
Company Registration: 06274889 (England & Wales)
ICO Registration: ZA752545
Contact: info@fx2events.com

2. Data We Collect

2.1 Account Data

When you register for an account, we collect:

Full name
Email address
Phone number (optional)
Password (stored encrypted using bcrypt hashing)

2.2 Business Data

When you use the Service, you may enter:

Client and supplier information (names, addresses, contact details, VAT/fiscal codes)
Event details (dates, venues, fees)
Financial data (invoices, transactions, payments)
Employee data (for UNIEMENS/INPS compliance)
Contracts and document uploads

2.3 Technical Data

IP address
Browser type and version
Login timestamps
Usage patterns (pages visited, features used)

3. How We Use Your Data

We process your personal data for the following purposes:

Service delivery: To provide and maintain the Events Manager platform
Authentication: To verify your identity and manage your account
Communication: To send you verification emails, password resets, and service notifications
Legal compliance: To comply with applicable laws (e.g., INPS/UNIEMENS reporting, tax regulations)
Security: To detect and prevent fraud, abuse, and security incidents
Improvement: To analyse usage patterns and improve the Service

4. Legal Basis for Processing (GDPR Article 6)

Contract performance: Processing necessary to provide the Service you subscribed to
Legitimate interests: Security, fraud prevention, service improvement
Legal obligation: Tax compliance, employment law (UNIEMENS)
Consent: Marketing communications (where applicable)

5. Data Storage and Security

Your data is stored on secure servers. We implement appropriate technical and organisational measures including:

Encrypted passwords (bcrypt hashing with salt)
HTTPS/TLS encryption in transit
JWT-based authentication tokens
Rate limiting and anti-spam protection
Regular automated backups
Role-based access control (Creator, Admin, User)

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. After account deletion:

Account data is deleted within 30 days
Financial records may be retained for up to 10 years as required by law
Backups containing your data are automatically pruned

7. Your Rights (GDPR Articles 15-22)

Under the GDPR, you have the following rights:

Right of access: Request a copy of your personal data
Right to rectification: Correct inaccurate data via your Profile settings
Right to erasure: Request deletion of your account and data
Right to data portability: Export your data in CSV format
Right to restrict processing: Limit how we use your data
Right to object: Object to processing based on legitimate interests
Right to withdraw consent: Withdraw consent at any time via your settings

To exercise these rights, contact us at info@fx2events.com or use the data export/deletion features in your Profile.

8. Data Sharing

We do not sell your personal data. We may share data with:

Service providers: Hosting (Railway), email delivery (SMTP provider) — bound by data processing agreements
Legal authorities: When required by law or to protect our rights
INPS/tax authorities: Employment and tax data as required by Italian/UK law

9. International Transfers

Your data may be processed in countries outside the UK/EU. Where this occurs, we ensure appropriate safeguards are in place (Standard Contractual Clauses, adequacy decisions).

10. Cookies

We use cookies for authentication and preference storage. See our Cookie Policy for full details.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email.

12. Contact & Complaints

For privacy-related enquiries: info@fx2events.com

You have the right to lodge a complaint with a supervisory authority:

UK: Information Commissioner's Office (ICO) — ico.org.uk
Italy: Garante per la protezione dei dati personali — garanteprivacy.it