TRIVERRA B.V. PRIVACY POLICY

1. INTRODUCTION

At Triverra B.V. (“Triverra”, “we”, “us”, or “our”), we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and protect your personal data when you:

(a) Visit or use our website at www.triverra.dev (the “Website”);

(b) Register for, attend, or participate in our hackathons and events (“Events”);

(c) Interact with us through email, forms, or other communication channels;

(d) Engage with our community as a participant, sponsor, mentor, jury member, or partner.

This Privacy Policy should be read in conjunction with our Terms and Conditions and our Community Code of Conduct.

Legal Basis: Triverra B.V. is a company registered in the Netherlands and acts as a data controller under the General Data Protection Regulation (GDPR) and Dutch data protection laws.

2. INFORMATION WE COLLECT

2.1 Information you provide directly

When you register for an Event, create an account, or interact with us, we collect:

Registration and account information:

• Full name
• Email address
• Phone number (optional or required depending on Event)
• Company/organization name and role
• LinkedIn profile or other professional social media handles

Event participation information:

• Team formation preferences and experience level
• Dietary requirements and accessibility needs

Communication data:

• Messages sent through our platform or email
• Feedback, questions, and support requests
• Newsletter subscription preferences
• Responses to surveys and feedback forms

2.2 Automatically collected information

When you visit our Website or use our services, we automatically collect:

Technical data:

• IP address
• Browser type and version
• Device type and operating system
• Referring website/source
• Pages visited and time spent
• Interaction with website features

Usage analytics:

• Navigation patterns
• Feature usage statistics
• Event registration funnel data
• Click patterns and user behavior

Location data:

• General geographic location based on IP address
• Event venue location (when you attend in person)

2.3 Information collected during events

Media and recordings:

• Photographs and video recordings taken at Events
• Audio recordings of presentations and pitches
• Your image, likeness, and voice

Submission materials:

Triverra does not retain copies of your projects, code, presentations, or ideas after the Event concludes.

Performance data:

• Judging scores and feedback
• Participation activity and engagement
• Meeting attendance records
• Prize and recognition data

3. HOW WE USE YOUR INFORMATION

We use your personal information for the following purposes:

3.1 Event administration and operations

• Process registrations and manage Event attendance
• Form balanced teams based on experience and dedication levels
• Communicate Event details, schedules, and updates
• Coordinate logistics (venue access, catering, equipment)
• Facilitate team collaboration and project submissions
• Administer judging, scoring, and prize distribution
• Enable meetings between Winners and executives/mentors

3.2 Service delivery and improvement

• Provide and maintain the Website and platform features
• Troubleshoot technical issues and provide support
• Analyze usage patterns to improve user experience
• Develop new features and services
• Optimize Event formats and participant satisfaction

3.3 Communication and marketing

• Send Event confirmations and reminders
• Provide updates about upcoming Events and opportunities
• Distribute newsletters (with your consent)
• Share relevant industry news and community updates
• Notify you about changes to our services or policies

3.4 Safety, security, and compliance

• Verify participant eligibility and identity
• Enforce our Terms and Conditions and Community Code of Conduct
• Detect and prevent fraud, abuse, or security threats
• Comply with legal obligations and respond to lawful requests
• Protect the rights and safety of participants, staff, and partners

3.5 Sponsor and partner collaboration

• Share aggregated or anonymized Event metrics with sponsors
• Facilitate sponsor challenges and technology access
• Enable networking opportunities between participants and sponsors
• Report on Event outcomes and community impact
• Coordinate prize fulfillment and follow-up meetings

3.6 Documentation and promotion

• Create case studies and success stories (with consent)
• Produce Event recaps and highlight reels
• Showcase community achievements on our Website and social media
• Demonstrate Event value to potential sponsors and partners
• Archive Event history for internal records

3.7 Research and analytics

• Understand participant demographics and preferences
• Measure Event effectiveness and participant satisfaction
• Identify trends in the innovation ecosystem
• Improve team formation algorithms and matching processes

4. THIRD-PARTY SERVICES

To operate Triverra Events and provide our services, we use third-party service providers that may collect and process your data. These providers have their own privacy policies and data protection practices.

4.1 Website hosting

Vercel

Purpose: Website and application hosting, performance monitoring, page load optimization

Data Collected: Server logs, request data, CDN analytics, performance metrics, Core Web Vitals, page load times

Privacy Policy: https://vercel.com/legal/privacy-policy

Location: Global infrastructure with data centers in multiple regions

4.2 Analytics

Google Analytics

Purpose: Website traffic analysis, user behavior tracking, conversion metrics

Data Collected: Page views, session duration, user flow, demographic insights, referring websites, device information

Privacy Policy: https://policies.google.com/privacy

Opt-Out: https://tools.google.com/dlpage/gaoptout

4.3 Email and newsletter services

Brevo (formerly Sendinblue)

Purpose: Newsletter distribution, event notifications, marketing communications, transactional emails

Data Collected: Email addresses, names, subscription preferences, open rates, click-through rates, engagement metrics

Privacy Policy: https://www.brevo.com/legal/privacypolicy/

Location: European Union (France)

4.4 Event Registration and form management

Email Storage

Purpose: Event registration form submissions, participant inquiries, contact requests

Data Collected: All information submitted through Event registration forms, including name, email, company, experience level, dietary requirements, and any other form fields

Note: Registration forms submitted through our Website are received and stored in our email system. We implement appropriate security measures to protect this data, including access controls and encryption in transit.

4.5 Payment processing

Payment Gateway (when applicable)

Purpose: Process Event registration fees and payments for paid Events

Data Collected: Payment card information, billing address, transaction history

Note: We do NOT store complete payment card details on our servers. Payment processing is handled securely by our payment provider.

4.6 Communication platforms

Event Communication Tools (when used for specific Events)

Examples may include: Slack, Discord, WhatsApp groups, or similar platforms

Purpose: Team coordination, announcements, mentor support during Events

Data Collected: Varies by platform - typically includes name, profile information, messages, and activity

Privacy Policy: Specific details will be provided when these tools are used for an Event

4.7 Sponsor technology platforms

When you participate in sponsor challenges, you may use third-party platforms, APIs, or tools provided by sponsors (e.g., OutSystems, AWS, Google Cloud, Microsoft Azure, specific APIs or SDKs). Use of these platforms is subject to the sponsor's own terms and privacy policies.

Examples may include:

• Cloud computing platforms
• Low-code/no-code development tools
• APIs and software development kits
• Databases and data analytics tools
• AI/ML platforms and services

Important: Triverra is not responsible for sponsor platforms' data practices. Please review each sponsor's privacy policy before using their technologies.

5. DATA SHARING

5.1 What We Do NOT Do

We do not sell your personal data. Your information is never sold to third parties for their marketing purposes.

We do not share data for unrelated marketing. Your data is only shared as necessary to operate Events and fulfill our commitments to you.

5.2 When we share your data

We may share your personal information in the following circumstances:

5.2.1 With event sponsors and partners

What we share:

• Name, professional background, and team information (for Winners and participants in sponsor challenges)
• Aggregated and anonymized Event statistics (overall participation, demographics)

Why We Share:

• To enable sponsor challenges and judging
• To facilitate prize meetings with executives and mentors
• To demonstrate Event impact and ROI to sponsors
• To create networking opportunities

Sponsor Obligations: Sponsors are contractually required to use your data only for Event-related purposes and to comply with applicable data protection laws. However, sponsors are independent data controllers responsible for their own data practices.

5.2.2 With service providers

We share data with trusted third-party service providers (listed in Section 4) who help us operate the Website and Events. These providers are bound by contractual obligations to protect your data and use it only for specified purposes.

5.2.3 With venue partners

We share necessary information with Event venues for:

• Access control and security
• Catering and dietary accommodations
• Accessibility arrangements
• Emergency response

5.2.4 With legal and regulatory authorities

We may disclose personal data when required by law or when we believe disclosure is necessary to:

• Comply with legal obligations, court orders, or government requests
• Enforce our Terms and Conditions
• Protect the rights, safety, or property of Triverra, participants, or others
• Investigate potential fraud, security breaches, or Terms violations

5.2.5 Business transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred to the successor entity, subject to the same privacy protections.

6. DATA SECURITY

6.1 Security measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

Technical safeguards:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure authentication and access controls
• Regular security audits and vulnerability assessments
• Firewall protection and intrusion detection systems
• Secure backup and disaster recovery procedures
• Secure email systems with encryption and access controls for registration form data

Organizational safeguards:

• Access to personal data limited to authorized personnel on a need-to-know basis
• Staff training on data protection and security best practices
• Confidentiality agreements with employees and contractors
• Vendor security assessments and data processing agreements
• Regular review and deletion of outdated registration forms and participant data

6.2 Limitations

While we take data security seriously, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, and you acknowledge that you provide information at your own risk.

7. DATA RETENTION

7.1 Retention periods

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy and to comply with legal obligations.

Event Participation Data:

• Core registration and participation data: Up to 3 years after the Event
• Pictures and media: Up to 5 years
• Financial records: Retained according to Dutch legal requirements (typically 7 years)

Marketing communications:

• Newsletter subscription data: Until you unsubscribe, plus a short period for processing

Legal and compliance:

• Data required for legal, tax, or regulatory purposes: Retained as legally required

7.2 Deletion and anonymization

After retention periods expire, we will:

• Permanently delete personal data, or
• Anonymize data so it can no longer identify you

8. YOUR RIGHTS

Under the GDPR and Dutch data protection laws, you have the following rights regarding your personal data:

8.1 Right of access

You have the right to request a copy of the personal data we hold about you. This includes:

• Confirmation that we process your data
• Details about the purposes, categories, and recipients of processing
• A copy of your data in a structured, commonly used format

8.2 Right to rectification

You can request correction of inaccurate or incomplete personal data. You can also update most information directly in your account settings.

8.3 Right to erasure (“Right to be Forgotten”)

You may request deletion of your personal data when:

• The data is no longer necessary for the purposes for which it was collected
• You withdraw consent (where processing is based on consent)
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed
• Deletion is required to comply with a legal obligation

Limitations: We may retain data if legally required or necessary for legitimate interests (e.g., defending legal claims).

8.4 Right to restriction of processing

You can request that we limit processing of your personal data when:

• You contest the accuracy of the data
• Processing is unlawful, but you prefer restriction over deletion
• We no longer need the data, but you need it for legal claims
• You have objected to processing pending verification of legitimate grounds

8.5 Right to data portability

You have the right to receive your personal data in a structured, machine-readable format and to transmit it to another controller where technically feasible.

8.6 Right to object

You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests.

8.7 Right to withdraw consent

Where processing is based on your consent, you can withdraw consent at any time. This does not affect the lawfulness of processing before withdrawal.

8.8 Right to lodge a complaint

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):

Autoriteit Persoonsgegevens

Website: https://autoriteitpersoonsgegevens.nl

Email: info@autoriteitpersoonsgegevens.nl

8.9 How to exercise your rights

To exercise any of these rights, please contact us at:

Email: info@triverra.dev

Subject Line: “Data Subject Request - [Your Name]”

Please include:

• Your full name and email address
• The specific right you wish to exercise
• Details to help us locate your data
• Proof of identity (if required for security purposes)

We will respond to your request within one month, or notify you if an extension is needed.

9. COOKIES AND TRACKING TECHNOLOGIES

9.1 What are cookies?

Cookies are small text files placed on your device when you visit our Website. They help us recognize your browser, remember preferences, and analyze how you use our services.

9.2 Types of cookies we use

Strictly necessary cookies:

• Essential for Website functionality and security
• Enable core features like account login and session management
• Cannot be disabled without affecting Website functionality

Analytics and performance cookies:

• Help us understand how visitors interact with our Website
• Provide insights into page views, navigation patterns, and traffic sources
• Used by Google Analytics and Vercel Analytics

Functional cookies:

• Remember your preferences and settings
• Enable enhanced features and personalization
• Improve your user experience

Marketing and advertising cookies:

• Track your browsing activity across websites
• Used to deliver targeted advertisements
• Measure advertising campaign effectiveness
• We do not currently use third-party advertising cookies

9.3 Cookie management

Browser Controls: You can control cookies through your browser settings:

• Block all cookies
• Accept only first-party cookies
• Delete cookies after each session
• Receive notifications when cookies are set

Note: Disabling certain cookies may affect Website functionality and your user experience.

Opt-Out Links:

Google Analytics: https://tools.google.com/dlpage/gaoptout

9.4 Do not track signals

Some browsers offer “Do Not Track” (DNT) signals. Our Website does not currently respond to DNT signals, as there is no industry consensus on how to interpret them.

9.5 Cookie policy updates

We may update our use of cookies from time to time. Check this Privacy Policy for the latest information.

10. CHILDREN'S PRIVACY

10.1 Age restrictions

Triverra Events are designed for adults and professionals. Our services are NOT intended for individuals under the age of 18 (or 16 in certain jurisdictions).

10.2 No knowing collection

We do not knowingly collect personal data from children. If you are under 18 (or 16), do not:

• Register for Events
• Create an account
• Submit personal information through our Website

10.3 Parental notice

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at info@triverra.dev. We will promptly delete such information from our systems.

10.4 Special youth events

In rare cases, we may host Events specifically designed for young participants (e.g., university students under 18). For such Events:

• Special parental consent procedures will apply
• Additional safeguards will be implemented
• Age-appropriate policies will be clearly communicated

11. INTERNATIONAL DATA TRANSFERS

11.1 Data location

Triverra is based in the Netherlands, and we primarily process data within the European Economic Area (EEA). However, some of our service providers may process data outside the EEA.

11.2 Safeguards for international transfers

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

European commission standard contractual clauses (SCCs):

Legally binding data protection obligations on service providers

Adequacy decisions:

Transfers to countries recognized by the EU as providing adequate data protection

Data processing agreements:

Contractual commitments from service providers to protect your data

11.3 Service provider locations

Within the EEA:

Brevo: Headquartered in France, data stored within the European Union

Global/Multi-Region:

Vercel: Operates globally with data centers in multiple regions (including EU regions)

Google Analytics: Data processed by Google LLC (United States) under appropriate safeguards including SCCs

Email Storage:

Event registration forms are stored in our email system hosted by our email provider

11.4 Your consent

By using our Website and participating in Events, you acknowledge and consent to the international transfer of your personal data as described in this Privacy Policy, subject to the safeguards mentioned above.

12. EVENT-SPECIFIC DATA PROCESSING

12.1 Photography and media consent

Automatic Consent: By attending a Triverra Event, you consent to being photographed, filmed, and recorded unless you opt out.

How to opt out:

• Inform Event staff upon arrival
• We will provide an opt-out indicator (e.g., a lanyard or sticker)
• We will make reasonable efforts to exclude you from photos and videos

Limitations:

• We cannot guarantee you will not appear in background or group shots
• Opt-out does not apply to security footage or access control recordings

Usage of event media: We may use photos and videos for:

• Event documentation and archives
• Marketing and promotional materials
• Social media, Website, and newsletters
• Case studies and impact reports

12.2 Project submissions and intellectual property

Ownership: You retain ownership of your project (subject to third-party components and licenses).

Confidentiality Requests: If you do not want specific technical details shared beyond the Event, inform us in writing before the Event ends.

12.3 Judging and scoring data

Transparency: Judging scores and feedback may be shared with:

• Your team members
• Relevant sponsors (for their challenge categories)
• Triverra organizers for Event improvement

Jury Deliberations: Detailed jury discussions and internal evaluations are confidential and not disclosed to participants.

12.4 Winner information

Public Recognition: If you win a prize, we may publicly announce:

• Your name and team name
• Project title and brief description
• Photos or videos of you and your team
• Sponsor and prize details

Opt-Out: If you do not wish to be publicly recognized, inform us before accepting a prize. Note that some prizes may require public recognition as a condition.

12.5 Networking and meetings

Sponsor Meetings: Winners who earn meetings with executives or mentors consent to:

• Sharing contact details with the relevant sponsor
• Follow-up communication from the sponsor
• Potential discussion of collaboration or investment opportunities

No Guarantees: Meetings do not guarantee employment, investment, or business relationships. Sponsors are independent parties responsible for their own conduct.

13. CHANGES TO THIS PRIVACY POLICY

13.1 Updates

We may update this Privacy Policy from time to time to reflect:

• Changes in our data processing practices
• New legal or regulatory requirements
• Feedback from participants or authorities
• Introduction of new services or features

13.2 Notification

When we make material changes, we will:

• Update the “Effective Date” at the top of this Privacy Policy
• Post the updated Privacy Policy on our Website
• Notify you by email (if we have your email address) or through a prominent notice on the Website

13.3 Your continued use

Your continued use of our Website or participation in Events after changes are posted constitutes acceptance of the updated Privacy Policy.

13.4 Review regularly

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

14. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Triverra B.V.

Website: https://www.triverra.dev

Email: info@triverra.dev

For Data Subject Requests:

Please use the subject line: “Data Subject Request - [Your Name]”

For General Inquiries:

Please use the subject line: “Privacy Inquiry”

Response Time:

We aim to respond to all inquiries within 5 business days and to data subject requests within one month as required by GDPR.

Additional Resources

• Terms and Conditions: /terms-and-conditions
• Community Code of Conduct: /code-of-conduct
• Dutch Data Protection Authority: https://autoriteitpersoonsgegevens.nl
• GDPR Information: https://gdpr.eu