1) Who is responsible (data controller)

COM/VERGE is operated by the RIVED team (“we”, “us”). For any questions about personal data, contact us at comverge@rived.community.

2) What data we collect

We collect the information you enter into our forms. Depending on what you register for, this may include:

• Creator registration: name, email, studio/brand, city, links, practice description, optional podcast interest, optional suggested topics.
• Expert registration: name, email, optional organization, field of expertise, city, optional proposed topic, optional preferred format, bio and links.
• Event host registration: organization name, type (e.g., venue/NGO/school), city & country, event type, estimated audience size, contact name, email.
• Participant registration: name, email, city & country, selected interests.
• Volunteer / sponsor interest: name, email, city & country, skills/contribution idea, optional availability, motivation.
• Sponsorship inquiry: name, company, email, optional phone, message.

Technical data: like most websites, our servers may receive basic technical metadata (e.g., IP address, browser info, timestamps) for security and reliability.

3) How we use your data

• To process your request: register you for a role, review your submission, and contact you.
• To run the summit: curate programming, coordinate contributors, plan logistics, and manage community updates.
• To send communications: confirmations and updates about COM/VERGE (you can opt out anytime).
• To improve reliability: prevent abuse, troubleshoot issues, and keep our systems secure.

4) Legal bases (GDPR)

Where the GDPR applies, we rely on:

• Consent (e.g., newsletters or optional communications you choose).
• Legitimate interests (e.g., operating and securing our services, responding to inquiries).
• Steps prior to a contract (e.g., sponsorship discussions you initiate).
• Legal obligations (when applicable, e.g., accounting or compliance requirements).

You can withdraw consent at any time. Withdrawal does not affect processing that occurred before withdrawal.

5) Who we share data with

We share your data only when needed to operate COM/VERGE, and only with trusted service providers under appropriate safeguards. This may include:

• Hosting and infrastructure providers (to run the website and API).
• Database providers (to store submissions securely).
• Email providers (to send confirmations and respond to you).

We do not sell personal data. We do not use advertising trackers or sell access to mailing lists.

6) How long we keep data

We keep personal data only for as long as needed for the purposes above—typically for the duration of the COM/VERGE summit cycle and reasonable follow‑up. We may keep some information longer if required by law or to handle disputes, enforce agreements, or maintain security.

You can request deletion at any time. If we cannot delete certain records immediately (e.g., due to legal obligations), we’ll restrict processing and explain why.

7) How we protect data

• Encryption in transit (HTTPS) between your browser and our servers.
• Access controls and least‑privilege access for team members and providers.
• Rate‑limiting and monitoring to reduce abuse and protect availability.
• Operational safeguards (backups, logging, and incident response practices).

No method of transmission or storage is 100% secure, but we take reasonable and appropriate measures to protect your information.

8) Your rights

Depending on your location, you may have rights to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Delete your data (with some exceptions).
• Restrict or object to processing in certain cases.
• Portability of data where applicable.
• File a complaint with your local data protection authority (GDPR).

9) Contact