Konecto

Privacy policy

Last updated: 7 May 2026 · Version 1.0

1. Who we are

Konecto is a SaaS platform that provides event management tools — page builder, ticketing, attendee CRM, analytics — for organisers. "We", "Konecto", and "the platform" refer to the same entity.

2. What we collect

From organisers (dashboard users)

Email, name, password (hashed with Argon2id), subdomain, brand colours, login IP addresses (salted-and-hashed), action timestamps. We never store passwords in plaintext.

From attendees

Email, name, ticket purchase history, opt-in preferences, anonymous device identifiers for analytics (rotated daily, not linked to personal info).

Payment data

We never see card numbers. Pok processes the payment and tells us only that the booking succeeded. The card data lives with the bank, not with us.

3. Why we collect it

  • To run the event page, send tickets, and provide receipts.
  • To let organisers send updates to people who opted in.
  • To produce analytics for the organiser about their event.
  • To operate the platform safely (audit logs, rate limits, fraud prevention).

4. Who we share data with

  • Pok — payment partner.
  • Resend — email delivery (tickets, receipts, updates).
  • Cloud infrastructure — hosting, CDN, object storage.
  • Gemini Flash (Google) — when you opt in to AI page generation.

We do not sell or rent your data.

5. Your GDPR rights

  • Access — see what we have on you.
  • Rectification — fix anything wrong.
  • Erasure — delete your account and associated data.
  • Portability — export your data as JSON or CSV.
  • Objection — opt out of marketing emails any time.
  • Withdraw consent — for AI page generation, analytics aggregation, etc.

Email [email protected] for any of the above. We respond within 30 days.

6. Cookies

Strictly-necessary cookies for sessions (HttpOnly + Secure). First-party analytics cookies for organiser dashboards (visitor + session IDs, no third-party trackers). No advertising cookies.

7. Data retention

  • Active accounts: kept while active.
  • Closed accounts: anonymised after 30 days, deleted after 12 months.
  • Audit logs: kept 24 months for security forensics.
  • Email events: kept 12 months for deliverability analysis.

8. Contact

Privacy questions: [email protected]. Support: [email protected].