Privacy statement Amsterdam Business Forum app

Privacy Policy — ABF App

Last updated: 3 July 2026

This Privacy Policy explains how the ABF App (the "App"), the official mobile event application for the Amsterdam Business Forum ("ABF", "we", "us", "our"), collects, uses, shares and protects your personal data. We process personal data in accordance with the EU General Data Protection Regulation (GDPR).

1. Who we are (data controller)

The controller responsible for processing your personal data is:

  • Organisation: DenkProducties B.V.
  • Address: Hoogoorddreef 73b, 1101 BB Amsterdam, The Netherlands
  • Chamber of Commerce (KvK) no.: 34245851
  • Email: privacy@denkproducties.nl
  • Data protection contact: privacy@denkproducties.nl

2. What data we collect

We only process data that is necessary to run the event app. We do not use advertising trackers and we do not collect analytics or usage-tracking data.

2.1 Account & ticket data (provided by the event organiser)

When you are registered as an attendee, we process:

  • First and last name
  • Email address
  • Registration number and ticket code (QR code for entry)
  • Company name and job title
  • Ticket type and group/team assignment

2.2 Profile data you provide in the App

  • Profile photo (optional)
  • Dietary preferences and notes (optional). Some dietary choices may reveal information about your health or beliefs. We treat this as a special category of personal data and process it only with your consent, solely to cater for you at the event.
  • Transportation method (optional, for event logistics)

2.3 Business networking ("Business Tinder") — opt-in only

If you choose to enable networking, we additionally process:

  • A networking profile: headline, bio, what you are looking for, what you offer, interests, your industry, industries you are seeking, and an optional LinkedIn URL
  • Your swipes/likes, resulting matches, and the chat messages you exchange with your matches

You can opt out of networking at any time in the App, which hides your networking profile from other attendees.

2.4 Technical data for push notifications

  • A device push token (Firebase Cloud Messaging registration token), used only to deliver event notifications to your device.

We do not collect precise location, contacts, advertising identifiers, or browsing history.

Purpose Data used Legal basis (GDPR Art. 6/9) Provide the event app, admission (QR ticket), your schedule and event info Account & ticket data Performance of a contract (Art. 6(1)(b)) Catering to dietary needs Dietary preferences/notes Explicit consent (Art. 9(2)(a)) Business networking, matching and in-app chat Networking profile, matches, messages, photo Consent (Art. 6(1)(a)) — opt-in Send event push notifications Device push token Consent / legitimate interest in running the event (Art. 6(1)(a)/(f)) Event logistics and organisation Transportation method, group Legitimate interest (Art. 6(1)(f)) Security, fraud/abuse prevention, and legal compliance Account & technical data Legitimate interest / legal obligation (Art. 6(1)(f)/(c))

4. Who we share your data with

We do not sell your personal data. We share it only with:

  • Other attendees — but only if you enable Business Networking. In that case your networking profile (name, photo, company, job title and the profile fields you fill in) is visible to other attendees, and your chat messages are visible to the attendees you match with.
  • Service providers (processors) who process data on our behalf under a data processing agreement:
    • Supabase — database, authentication and storage hosting for the App's data. The App's data is hosted within the European Union (region eu-west-1, Ireland).
    • Google Firebase (Firebase Cloud Messaging) — delivery of push notifications. Google may process the device push token outside the EU (e.g. the United States) under appropriate safeguards such as the EU–US Data Privacy Framework and/or Standard Contractual Clauses.

We may also disclose data where required by law or to protect our legal rights.

5. International data transfers

Your core App data (account, ticket, dietary, networking and chat data) is stored on servers located within the European Union (Ireland). Where personal data is nevertheless transferred outside the European Economic Area — in practice only the device push token processed by Google Firebase — we rely on an adequacy decision or on appropriate safeguards (Standard Contractual Clauses) to ensure your data receives an equivalent level of protection.

6. How long we keep your data

  • Event-related data (account, ticket, dietary, networking, chat) is retained in the app for the duration of the event and is deleted or anonymised within 3 months after the event, unless a longer period is required by law.
  • Device push tokens are deleted when they become invalid or when you uninstall the App.

7. How we protect your data

Data is transmitted over encrypted (HTTPS/TLS) connections and access to the backend is restricted with authentication and row-level security controls so that attendees can only access data they are permitted to see. Data stored on your device is kept in the App's local storage.

8. Your rights

Under the GDPR you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Erase your data ("right to be forgotten")
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time (this does not affect processing before withdrawal)

To exercise these rights, contact us at the email address in Section 1. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, autoriteitpersoonsgegevens.nl).

9. Children

The App is intended for business event attendees and is not directed at children under 16. We do not knowingly collect data from children.

10. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the latest version. Material changes will be communicated in the App or by email where appropriate.

11. Contact

For any questions about this Privacy Policy or your personal data, contact: DenkProducties B.V. — privacy@denkproducties.nl.