TitanCon 2017 logo

TitanCon 2018 Data Policy

This page summarises TitanCon's approach to personal data collection and management. When you purchase or accept a TitanCon membership, you agree to TitanCon's collection and use of your personal data as described here.

Membership Data

We will only collect membership data which we require for the effective running of the convention. This includes member names, email addresses, and postal addresses. Information which is useful but not essential will be collected on an opt-in basis only: this includes telephone numbers and badge names.

Access Information

Members may choose to provide TitanCon with information about their access needs, so that the convention can make suitable plans and accommodations. The provision of this information is optional at the member's discretion.

We will hold access information separately from our main membership database, accessible to named team members only, and and share it with other staff on a "need to know" basis.

Financial Data

We will collect and retain relevant information on financial transactions (e.g. amount spent on a membership and where/when purchased). We will use an independent payment processing service (Stripe) to process credit and debit card payments. We will not directly hold or store credit or debit card data.

Data Storage and Retention

Permanent data stores will be located in the EU or Canada. We will use Grenadine for membership sales and membership data management. Grenadine is based in Canada which has a trusted data relationship with the EU.

Data Sharing

Data will be shared within the TitanCon team to support the running of the convention. As far as reasonably possible, data subsets will be shared so that departments and staff only have access to the data that they need to perform their roles.

Where staff are based outside the EU, your data may be shared with them to the degree necessary to allow them to perform their roles.

TitanCon will not share member data with other conventions or events without explicit case by case consent.

Selected member data may be shared with service providers to the extent necessary to enable the service to be performed. For example: if TitanCon wished to use an external print-and-fulfilment service to send out a printed convention publication, we would need to provide a list of member names and postal addresses to the service provider.