Privacy Policy
Deves Conference Platform
Last updated: March 30, 2026
1. Introduction
Awisoft s.r.o. ("we", "us", "our"), a company registered in Slovakia, operates the Deves mobile application and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, store, and protect your personal data when you use the Service.
We are committed to protecting your privacy in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable Slovak data protection legislation.
3. Data We Collect
3.1 Account Information
When you create an account, we collect:
- Name — your display name
- Email address — used for authentication and communication
- Profile photo — if provided via Google or Apple sign-in
- Organization / Company — optional, for attendee directory
- Phone number — optional, for networking purposes
- Position / Role — optional, for attendee directory
You may sign in using Email/Password, Google Sign-In, or Apple Sign-In. When using third-party sign-in, we receive only the information listed above — we do not access your contacts, calendars, or other account data.
3.2 Usage Data
- Favorited sessions and exhibitors — stored to build your personal agenda
- Session registrations — name, email, company submitted when registering for capacity-limited sessions
- Meeting requests — requests you send or receive for networking meetings
- Notification preferences — your device language and push notification token
3.3 Device Information
- Push notification token (FCM) — used to deliver notifications to your device
- Device language — used to send notifications in your preferred language
- Crash reports — anonymous crash data via Firebase Crashlytics to improve app stability
3.5 Anonymous Usage Statistics (Opt-In)
If — and only if — you grant consent, the app sends Firebase Analytics events that record:
- Screen views — which screens you open in the app (e.g. home, program, map).
- Tab switches on My Schedule — whether you opened the Agenda tab or the Favorites tab.
No personal identifiers are attached to these events. We use them in aggregate to understand which screens are most useful and prioritise UX improvements. Consent is asked for on the first launch via a dialog. You can revoke it at any time from your Profile → Anonymous statistics; collection stops immediately, and any pending events are not transmitted. The legal basis is consent (GDPR Art. 6(1)(a)).
3.4 Guest Usage (Without Account)
You can use the app without creating an account. In guest mode:
- Favorited sessions — stored locally on your device only, not synced to any server
- Crash reports — anonymous crash data is collected via Firebase Crashlytics to improve app stability
- Push notification topic — your device subscribes to the event's broadcast notification topic to receive announcements and emergency alerts
No account information or personal identifiers are collected from guest users. Crash data and notification tokens are processed under legitimate interest (see Section 4).
4. How We Use Your Data
| Purpose | Legal Basis (GDPR) |
|---|
| Provide and maintain the Service (authentication, agenda, networking) | Performance of contract (Art. 6(1)(b)) |
| Send push notifications (program reminders, meeting updates, announcements) | Legitimate interest (Art. 6(1)(f)) |
| Session registration and QR ticket issuance | Performance of contract (Art. 6(1)(b)) |
| Display your profile in the attendee directory | Legitimate interest (Art. 6(1)(f)) — enabled by default; you can opt out via visibility settings during registration or in profile settings |
| Crash reporting and app improvement | Legitimate interest (Art. 6(1)(f)) |
| Emergency notifications | Vital interest / legitimate interest (Art. 6(1)(d)/(f)) |
5. Data Sharing
We do not sell your personal data. We share data only with:
- Firebase (Google Cloud) — authentication, database, push notifications, crash reporting. Data is processed in the EU/EEA region. See Firebase Privacy.
- Google ML Kit — used in the companion scanner app for on-device QR code recognition. Camera frames are processed entirely on-device and are never transmitted to Google servers.
- Event organizers — session registration data (name, email, company) is visible to event administrators for check-in and capacity management purposes.
- Other attendees — your name, organization, and position are visible in the attendee directory if you have enabled directory visibility in your profile settings. Email and phone are only shown if you explicitly enable them.
We do not share data with advertisers or third-party marketing services.
6. Data Retention
- Account data — retained for the duration of your account. Deleted when you delete your account.
- Event-specific data (registrations, meetings, favorites) — retained for up to 12 months after the event concludes, then deleted.
- Crash reports — retained for 90 days.
- Push notification tokens — removed immediately upon sign-out or account deletion.
7. Your Rights
Under the GDPR, you have the right to:
- Access — request a copy of your personal data
- Rectification — correct inaccurate data via your profile settings
- Erasure — delete your account and all associated data from the app
- Restriction — request limitation of processing
- Portability — receive your data in a structured format
- Objection — object to processing based on legitimate interest
- Withdraw consent — at any time, without affecting prior processing
To exercise your rights, contact us at devos@awisoft.sk or use the "Delete Account" option in the app.
8. Data Security
We implement appropriate technical and organizational measures to protect your data, including:
- Encryption in transit (TLS/HTTPS) and at rest (Firebase server-side encryption)
- Role-based access control for administrative functions
- Firestore security rules restricting data access to authorized users
- No client-side storage of sensitive data beyond authentication tokens
9. Children's Privacy
The Service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via the app or email. The "Last updated" date at the top indicates when the policy was last revised.
11. Contact
For questions or concerns about this Privacy Policy or your personal data:
Awisoft s.r.o.
Email: devos@awisoft.sk
You also have the right to lodge a complaint with the Slovak Data Protection Authority (dataprotection.gov.sk).