Purpose
Eventify has completed Transfer Impact Assessments (TIAs) for relevant data transfers, following GDPR requirements and the updated 2021 Standard Contractual Clauses (SCCs) for EU and non-EU transfers. Eventify’s TIAs include legal evaluations from internal and reputable external advisors. Therefore, full TIAs aren’t shared publicly. This factsheet provides sufficient information to confirm Eventify's positive TIA results, supporting customer obligations regarding supplier oversight.
General Information
Service Provider Affiliates
Entity Name : Eventify EU & UK ( Teknowledge Software Limited )
Registered Office : International House, 12 Constance Street, London, United Kingdom, E16 2DQ
Role: Operation & Support
-----------------
Entity Name : Eventify Australia ( Teks Mobile Australia Pty Limited )
Registered Office : 12 Boyle Street, NSW 2322 , Australia
Role: Operation & Support
-----------------
Entity Name : Eventify India ( Teknowledge Software )
Registered Office : 54/1 Rafi Ahmed Kidwai Road. Kolkata 700016
Role: Support
-----------------
Scope of Processing
Eventify processes the following data types and categories as directed by the customer:
Data Transfers
Eventify utilizes cloud hosting services across multiple regions, allowing customers to select data storage regions. Eventify Support and Operations Teams may access customer data solely for support purposes, following stringent access control measures, including MFA and IP whitelisting. Data access is logged, justified, and time-bound.
Eventify works with selected sub-processors, each aligned with strict security and compliance standards, to enhance service delivery.
Regulatory Framework
Eventify evaluated the following laws for data transfer compliance per Clause 14 of the SCCs:
Some foreign regulations may permit governmental data access requests, which Eventify addresses through robust technical measures to secure customer data and structured legal procedures to challenge access demands.
Transfer Mechanisms
Eventify adheres to the EU Commission’s adequacy decisions and the updated SCCs for international transfers. Along with legal and operational safeguards, these practices ensure GDPR-aligned protection across all transfer destinations.
Previous Access Requests
To date, Eventify has not received any data access requests from government authorities. Eventify’s Transparency Report is accessible for customer review.
Government Access Procedure
If Eventify receives a disclosure request, it follows an ISO 27701-certified protocol to challenge the request or redirect it to the customer, ensuring the utmost protection for customer data.
Supplementary Measures
Eventify’s Information Security Addendum outlines ISO 27001-2022 compliant security practices. These include encryption (AES-256 for data at rest and TLS 1.2+ for data in transit), multi-layered access controls, and regular SOC 2 Type II audits. Detailed security reports are available under NDA.
Summary
Eventify’s data practices and protections meet GDPR and SCC requirements. Following Schrems II, Eventify ensures that all security measures, legal standards, and access protocols apply uniformly to all data transfers, securing customer data globally.