Last Updated: 28-07-2025

At Sonder, we respect your business's privacy and are committed to protecting personal and organizational data in accordance with the General Data Protection Regulation (GDPR) and applicable EEA data protection laws. This Privacy Policy outlines how we collect, process, and safeguard data when your organization uses the Sonder business platform.

1. Data We Collect
We may collect the following categories of data:

Business Information
• Company name, registration details, VAT number
• Names and contact details of business representatives
• Account credentials and communication preferences

Usage & Platform Activity
• Uploaded content, ticket files, user-generated media
• Event configurations, performance analytics, dashboard interactions

Device & Technical Information
• IP address, browser type, device ID, OS version, log files
• In-app activity data and diagnostic logs

Payment & Billing Information
• Payment method, invoices, transaction records, subscription plans

2. Purpose of Data Processing
We process business data for the following purposes:
• Managing business accounts and platform access
• Delivering platform features and services
• Hosting and sharing event-related content to attendees
• Enabling ticket uploads and performance dashboards
• Responding to support requests and communicating updates
• Processing payments and sending invoices
• Ensuring compliance with Business Terms & Conditions
• Fulfilling legal obligations

3. Legal Grounds for Processing
We rely on the following lawful bases:
• Performance of contract (e.g. service delivery, account creation)
• Legal obligation (e.g. financial record-keeping)
• Legitimate interest (e.g. platform optimization, security monitoring)
• Consent (e.g. marketing communications, optional integrations)

4. Data Sharing
We do not sell business data. Sharing is limited to:

Subprocessors
Trusted providers (e.g. cloud hosting, analytics, payment processors) under strict Data Processing Agreements.

Legal Authorities
Where legally required or to respond to lawful requests from regulators or courts.

Event Co-Organizers
Only where explicitly authorized by your organization within joint-event setups.

Business Transfers
In case of merger or acquisition, provided appropriate safeguards are implemented.

A full list of subprocessors is available upon request.

5. Data Security
We maintain appropriate technical and organizational security measures, including:
• Encryption (in transit and at rest)
• Access control and authentication layers
• Activity logging and anomaly detection

While we take reasonable precautions, no system is 100% secure.

6. Data Subject Rights (GDPR)
As a business user, and where relevant as a controller of end-user data, you have the right to:
• Access, rectify, or delete personal data
• Restrict or object to certain processing activities
• Withdraw consent (where processing is based on consent)
• Lodge a complaint with a supervisory authority

Requests can be sent to: info@sonderofc.com

7. Data Retention
We retain data for as long as:
• Your business account remains active
• Required to fulfill legal, financial, or contractual obligations
• Necessary for platform operation and analytics

After termination or inactivity, data is deleted or anonymized following our retention policy.

8. Children's Data
The business platform is not intended for use by individuals under 16. We do not knowingly process such data.

9. Third-Party Integrations
If your business uses third-party tools in combination with Sonder (e.g. ticketing software, CRMs), their respective privacy policies apply. Sonder assumes no responsibility for third-party data practices.

10. International Data Transfers
At this time, all data is hosted within the EEA. If we transfer data outside the EEA in the future, we will ensure adequate safeguards such as Standard Contractual Clauses (SCCs).

11. Changes to This Policy
We may update this policy in response to legal, technical, or operational changes. Updates will be announced via the platform or email. Continued use implies acceptance of the new terms.

12. Contact
Sonder Official Vof
info@sonderofc.com
Ceintuurbaan 209/3, 1074CV Amsterdam, Netherlands

Note: Sonder is currently in a Proof of Concept (PoC) phase. Data practices outlined here reflect current operations and may evolve with the platform.