1. About this policy
1.1 Who we are
We are Swapcard (“we’, “our”, “us”), a group company, that provides an event engagement platform and this privacy policy (the “Policy”) explains how we use your personal information every step of the way.
Depending on the situation, Swapcard can play two roles with your information:
- As a data processor: When you join an event, we manage event-specific information (such as your event profile or session participation) based on instructions from the event organizer. In such case, the event organizer is the data controller and is responsible for deciding what we do with your information.
- As a data controller: For your account information (such as your profile and messages), we make the decisions about how and why your information is processed.
1.2 What this Policy covers
In this Policy, you will find how we collect, use, share, delete and protect your personal information when your use our website (www.swapcard.com), our engagement platform, its associated mobile applications (the “Platform”) and/or any of our related services. This Policy applies to all users of our website and our Platform—including those browsing or interacting in guest mode (herein, “you”, “your”).
1.3 Where this Policy applies
This Policy applies to you no matter where you are in the world. We are committed to respecting privacy laws and regulations everywhere we operate.
2. Information we collect
We collect information about you in different ways:
- Directly from you, when you sign up, fill out your profile or interact with our Platform or indirectly and automatically through your use of our Platform and services;
- From event organizers, if you are registered or enrolled in an event; and
- From trusted third-parties.
2.1 Information you provide
When you use our Platform, you will or may be asked to provide information such as:
- Identification: name, profile picture or title;
- Contact: email, address, phone, fax, and social links;
- Professional: job title and company, industry, bio, interests, and professional goals;
- Profile: networking preferences, posts, comments, meeting notes, and notification preferences;
- Communication: preferred language and notification settings, unsubscribe requests, if you opt out;
- Event information: scheduling, agenda, sessions, meetings and any custom field information;
- Feedback: surveys, polls, and session scores, only if you choose to reply;
- Registration: registration details, ticket/order numbers, and payment information;
- Recommendations: if the feature is activated by the event organizer, suggestions for people, sessions, or items;
- Cookies and trackers: optional cookies, if you agree.
Most of the information listed above is optional. Required fields information will be marked by an asterisk (*) and may vary from event to event.
When you use our Platform, we may also automatically collect or generate the following information:
- Device information: device type, operating system and unique identifiers;
- Browser information: browser type, version and technical data;
- Usage information: the features used, interactions, bookmarks, views, searches, connection requests acceptance or rejection, impressions, access time, recommendations reactions, and the pages visited;
- Location information: country, time zone and IP address;
- Connection information: network information and connection quality;
- Performance information: the error reports and loading times;
- Digital information: credentials, necessary cookies and trackers and logs.
2.2 Information we receive from event organizers
If you are joining an event, the event organizer might share some information with us, such as:
- Identification information: your full name, profile picture and title;
- Contact information: your email address and phone numbers;
- Professional information: your job title, company and industry;
- Registration information: your registration form details, ticket type and registration group;
- Custom field information:, with specific fields set by the event organizer and tailored to each event type and as provided by you.
For any personal information we receive from event organizers, the event organizer is solely responsible for ensuring that you have been properly informed and that all required consents and authorizations for processing your information have been obtained in accordance with applicable privacy laws.
2.3 Third-parties information
Sometimes, we may receive information about you from third-parties through our Platform.
- If you connect third-party services to our Platform:
- Social media profiles: If you link your account (such as LinkedIn), we may receive your public profile information.
- Calendar: If you synchronize your private calendar (such as iCal or Google Calendar) with our Platform, we can receive information relating to calendar conflicts and availability to help you schedule meetings.
- Digital wallet: If you use a wallet service (such as Google or Apple Wallet) to register for events in our Platform, we may receive QR code details.
- If event organizers use integrated tools:
- Registration and ticketing information: If the event organizer uses an external system, we may receive your registration details directly from them.
- CRM and automation tools: We may receive information from the event organizer’s CRM or marketing tools if they connect them to our Platform.
- From public sources: Sometimes we may also obtain information about you from public third-party sources such as social media platforms or websites.
- From other users: We might receive information about you if another user adds you to a meeting, sends you a connection request, or includes you in their address book.
3. Why we use your information
3.1 Legal basis for using your information
We only use your information when there is a valid legal basis in accordance with applicable privacy laws. It means we process your information based on the following:
- To deliver our product and services (contract performance): We need your information to register you for events, run the Platform and provide support – just like we promise in our terms with organizers (i.e. the contract between the event organizer and us) and our terms of use (i.e. the contract between you and us);
- When you give permission (consent): Only to provide you with optional features as you choose (e.g. analytics or AI);
- To keep our Platform running smoothly (legitimate business interest): We improve our Platform and analyze its usage to keep it secure and develop new features.
- To meet legal requirements (legal compliance): When we are required by applicable laws and regulations to retain certain records or share information with authorities.
3.2 Purposes for using your information
When we use your information, it is for the following purposes:
- For our Platform to operate;
- To enhance our Platform;
- To communicate with you; and
- To keep our Platform secure and compliant. §
3.2.1 Essential Platform operations
We need your information to:
- Set up and manage your account and profiles;
- Give you access to events and Platform features;
- Process payments and registrations;
- Support your participation in events (like networking and meeting scheduling);
- Help you connect with others and communicate; and
- Provide you with assistance and support.
3.2.2 Platform Enhancement
We also use your information to:
- Improve user experience;
- Build and test new features;
- Analyze our Platform’s performance;
- Train and improve our technology for better recommendations (see section 5 for more information); and
- Fix bugs and troubleshoot technical issues.
3.2.3 Communicating with you
We further use your information to:
- Send important service notifications concerning our Platform;
- Keep you up to date with essential information about your events and account;
- Respond to your questions and requests; and
- Share marketing updates but only if you have agreed.
3.2.4 Security and compliance
We finally use your information to:
- Protect our Platform against fraud and abuse and overall maintain our Platform’s security;
- Verify your identity if needed;
- Meet our legal obligations; and
- Resolve disputes.
4. How we use cookies and trackers
Like most online platforms, Swapcard uses cookies and similar tracking technologies to make our website and Platform work better for you.
A cookie is a small text file saved on your device when you visit our website or use our Platform, that helps remember your preferences and device.
We mainly use:
- Essential cookies: These are necessary for the Platform to function—such as keeping you logged in or remembering your language preferences.
- Non-essential cookies: These cookies help us improve our services and personalize your experience. They allow us to analyze how people use Swapcard, remember your preferences (like notification settings), and show you relevant content based on your interests. You can choose to accept or decline these cookies.
You are always in control of the non-essential cookies we collect—when you first visit Swapcard, you can accept or reject non-essential cookies, and you can update your preferences at any time through your cookie settings. You can also manage cookies through your browser settings, but this might affect how our website or Platform works.
To learn more on the cookies we use, you can:
- Access the list of cookies used by our website and relating cookies policy directly from the cookie banner by clicking on “Show details”;
- Access the list of the cookies used by our Platform directly within the Platform’s cookie banner.
5. How we use artificial intelligence
If activated by event organizers in the Platform, we use artificial intelligence (AI) to personalize your journey on our Platform to:
- make your event experience more personal, relevant, and valuable;
- help you connect with the right people and content—effortlessly;
- save you time and boost your event engagement.
In our Platform, AI is used for:
- Smart Networking (AI-powered matchmaking): We help you find the most relevant connections at each event, making your networking more meaningful and productive.
- Smart meetings suggestions: Our technology makes it easier to schedule meaningful meetings.
- Content Discovery: AI highlights exhibitors and items that match your interests or suggests related content based on what you are currently viewing—so you never miss out on opportunities.
- Translation services: When enabled, we may use AI-powered translation to help you interact, communicate, or access content in your preferred language.
- Chatbot: on our website, you can contact “Swapie”, our AI-powered chatbot that combines automated responses with human support options.
Our AI considers several factors, each with different levels of influence, when making recommendations such as the profile details you provided and your activity on the Platform. Additionally, event-specific information like the topics, roles, and preferences you provide for each event helps shape your personalized recommendations.
The content of your private messages and any sensitive data that you may share via custom fields if set by event organizers are never used by our AI.
As a user, you can always:
- Remove or hide specific recommendations that are irrelevant;
- Control what information is used for recommendations through your profile settings.
6. How we share your information
We share your information with other Swapcard entities, event organizers and exhibitors, other users, and our third-party service providers. We may also share your information when required by law or court order, or in connection with business transfers (such as a merger or acquisition). Please note that some of these recipients may be located or operate outside of the European Economic Area (EEA) or the European Union (EU).
6.1 With whom we share your information
6.1.1 With Swapcard entities
To help support our services globally, we may share your information in between Swapcard companies, which handle your information under the same strict privacy commitments and only use it as needed to provide, improve, or support our Platform and related services.
Here is a list of our entities and how we guarantee the same level of protection for your information:
6.2 With event organizers
When you register for or participate in an event, some of your information of your event profile and registration is always shared with the event organizer as it is essential for organizing, managing and delivering the event experience. Also, when you interact with other users on the Platform, event organizers can see certain information about these interactions:
- Detailed information (individual level):
- Your connections: who you connect with and how (through direct requests, meetings, or badge scans);
- Your meetings: your meeting requests, schedules, and whether they were confirmed or canceled;
- Your event activity: which sessions you register for, pages you visit, and content you interact with;
- Your engagement: what you bookmark and which event features you use;
- General statistics only (group level): we share aggregated numbers for:
- Messages: total number of messages and discussions, without showing individual conversations;
- Platform usage: how people use different features and how much time they spend on the Platform;
- Video Calls: total calls made and their average length, without details of specific conversations
We never share the content of your private messages or individual call details with event organizers. Event organizers are responsible for using your information in line with privacy laws and their own policies.
6.3 With event exhibitors
Engaging with event exhibitors is a key part of the event experience on our Platform. Depending on how you interact with exhibitors, different information may be shared with them:
- Visiting an exhibitor’s page or booth: Exhibitors may see your name, job title, organization, and the fact that you visited their page. Your visit may also be counted in their analytics, helping them understand engagement levels.
- Bookmarking an exhibitor or their products: The exhibitor can see your public profile details. This lets them know who is interested in what they offer.
- Attending a session sponsored by an exhibitor: When you register for or attend a session sponsored by an exhibitor, your name and participation may be included in the session report that the exhibitor receives.
- Scanning an exhibitor’s QR code (on-site): When you scan a QR code at an exhibitor’s booth, your contact details (such as name, job title, company, and possibly email or phone, if provided) are shared directly with that exhibitor. This helps facilitate follow-up and meaningful business connections.
The exact information shared may depend on your profile settings, the event organizer’s configuration, and your consent where required. Exhibitors use this data to identify potential leads, tailor their outreach, and improve your event experience.
6.4 With other users
Connecting and networking are central to our Platform. Here is how your information is shared with others when you interact:
- When you connect with another user: Your full profile details become visible to them by default. This includes your name, professional details (such as job title, company, and biography), contact information (your email address and phone number, if provided), profile picture, areas of interest, and any custom fields set by the event organizer.
- When you interact via chat (without connecting): Only your public profile information—such as your name, job title, company, and profile picture—is visible to those you engage with. Your contact details remain private unless you establish a connection.
- When you send a meeting request: The recipient can view your public profile information but cannot access your contact details, your full profile beyond what is public or your previous conversations and interaction history.
Rest assured, your private conversations, payment details, and personal device information are never shared with other users.
6.4.1 With third-party providers
Depending on the features you use, and event organizers’ set up the event, trusted third-party providers may also collect the following information about you via our Platform, without us accessing it:
- Video sessions: your participation and technical data for live streams or recorded sessions.
- Email and communications: if emails are sent via integrated services, your email address and communication data.
- Analytics: if activated, information about your usage and engagement with the event.
- Translation: if translation features are enabled, content to be translated is shared with translation services including event fields and interface elements.
- Payments: your transaction and billing information if you make purchases.
- CRM/marketing tools: your contact and engagement data.
- Calendar and wallet synchronization: if enabled, scheduling or transaction information.
- Authentication services: if single sign-on or multifactor authentication is required, your login data.
- Interactive maps: If enabled, location or interaction data within event venues.
These partners may have access to your information only as needed to provide their specific services (as our processors or sub-processors) and always under strict privacy agreements.
In any case, we only share what is necessary for the event and never sell your data.
Here is a list of our processors, their location and how we guarantee an adequate level of protection for your information:
We may also use the following optional processors if event organizers have integrated them to our Platform:
6.4.2 With authorities
We take your privacy seriously but must comply with the law. If required by valid legal requests –such as a court order, subpoena, or government investigation– we may have to disclose certain information to authorities. We always review such requests carefully and only share what is strictly necessary.
6.5 How we transfer your information internationally
Our Platform is global, which means your information may be transferred to and processed in other countries where we, event organizers or our trusted partners operate. When we share your information with our group companies or trusted partners, they are bound by strict privacy agreements and we always ensure your information receives a high standard of protection, no matter where it goes.
- Within the European Economic Area (EEA): Your information is stored and processed in secure data centers in the EEA.
- Outside the EEA: If we need to transfer your information to countries outside the EEA, we use recognized legal safeguards—such as Standard Contractual Clauses (SCC), adequacy decisions, or other approved mechanisms—to keep your data safe and comply with privacy laws.
7. How we retain your information
We only keep your information for as long as we really need it, as follows:
- Account information, including your private messages, is kept while your account is active and for up to 3 years after your last activity.
- Event information is kept for the duration of the event and as instructed by event organizers.
- Some information, like financial records and compliance documentation, is kept for as long as required by law or for the time needed to resolve any disputes.
When the retention period is over, or you ask us to delete your account, your personal information is safely deleted or anonymized.
8. How we keep your information safe
Protecting your personal information is a priority for us. We use a combination of industry-leading technical and organizational measures to keep your information secure:
- Encryption: Your data is encrypted both when it is stored and when sent, so only authorized people can access it.
- Strict access controls: Only trained staff who need your data to do their job can access it, and they use strong passwords and secure logins.
- Continuous monitoring: We regularly monitor our Platform for threats and unusual activity to catch potential issues early.
- Regular security training: Our team receives ongoing privacy and security training to stay up-to-date with best practices.
- Incident response: We have processes in place to respond quickly in case of any security incident.
- Backups and recovery: Your data is regularly backed up and stored securely so it can be restored in case of emergency.
- Data minimization and deletion process: We only collect what is needed to provide our services, and we follow strict rules for deleting data when it is no longer needed.
- Careful third-party selection: Any partners or service providers who help us process your information must meet our high security standards.
We continually update our security practices to stay ahead of evolving threats and to make sure your data is always protected. To learn more, you can have a look at our detailed list of security measures here and visit our security center and data pledge pages.
9. How to exercise your rights
You have the right to:
- Access your data: You can ask us for a copy of the personal information we hold about you.
- Correct inaccuracies: You can update or correct your information at any time directly from your account in the Platform.
- Request deletion: You can ask us to delete your information, which will result in deletion of your Platform account.
- Restrict processing: You can ask us to limit how we use your information.
- Data portability: You can request your information in a portable format.
- Object to processing: You can object to certain uses of your information, including marketing.
- Withdraw consent: You can withdraw consent for any process that relies on it at any time.
- Lodge a complaint: You can contact us or your local privacy authority if you are concerned about how your data is handled.
Depending on where you live, you may have additional rights granted by local or regional laws.
To exercise any of your rights, email support@swapcard.com explaining your request.
10. About minors' information
Our Platform is not intended for children under 13 years old. We do not knowingly collect information from minors. If an event organizer selects to collect and process minors’ information, it is solely liable for how information is being processed, for proper information of minors and for obtaining all the required authorizations from minors’ representatives (parents or guardians). If we otherwise become aware that a child under 13 has registered, we will promptly delete their information and may contact their representatives if needed.
11. How we update this policy
We review and update our privacy policy regularly. If there are significant changes, we will notify you (by email or in-app notice) before updates take effect. You can always review current and past versions on our website here. Continuing to use our Platform after an update means you accept the new policy.
12. How to contact us
If you have any question regarding this Policy or how we process your information, you can contact us at:
- Email: privacy@swapcard.com
- Address: DPO, Swapcard, Spaces Bonne Nouvelle, 17-21 Rue Saint Fiacre, 75002 Paris, France
13. What law and jurisdiction apply
This Policy is governed by French law and GDPR, as well as other applicable privacy laws where users are located.
If there is any conflict or inconsistency between this Policy and an event organizer’s terms or privacy policy, this Policy will take precedence and apply.
Any disputes will be subject to the exclusive jurisdiction of the courts of France, unless otherwise required by local law.