This Privacy Policy explains how Nex Day collects, uses, stores, and protects personal data in connection with its website, ticketing services, and events. Nex Day is committed to processing personal data lawfully, fairly, and transparently in accordance with the EU General Data Protection Regulation (GDPR).
• Website: https://nex.day.
• Ticketing Partner: Fienta.
• Data controller: Nex Day Foundation / Nex Day MTÜ, info@nex.day
We collect the following categories of personal data:
• Event and ticketing data: name, job title, organisation, email, phone number, billing details, participation choices.
• Website data: IP address, browser/device data, cookies, analytics.
• Optional user-provided data: comments, uploaded media, dietary or accessibility needs.
Personal data is gathered :
• Directly during ticket purchase (via Fienta) or invoice registration.
• From the designated contact in group bookings (who must ensure information is accurate and lawfully provided).
• Through website interactions (cookies, forms, comments, embedded content).
We process personal data in order to:
• Manage ticket sales, event registration, and communications.
• Provide event participation (workshops, labs, networking, logistics).
• Send event updates or, with consent, marketing and sponsor communications.
• Maintain website functionality and security (cookies, spam prevention).
• Fulfill legal and accounting obligations.
• We use cookies for functionality, analytics, and user convenience.
• Embedded content from third-party sites (e.g. videos, social media) may behave as if the user visited those sites directly.
• Visitors who leave comments or upload media should avoid including sensitive personal data (e.g. location metadata).
• Ticketing and registration data is processed via Fienta under GDPR-compliant terms.
• Sponsor data sharing occurs only with explicit participant consent.
• Service providers (IT, spam detection, analytics) may process data under confidentiality agreements.
• Nex Day does not sell personal data.
• Ticketing and invoicing data: retained up to 7 years (legal requirement).
• Marketing and communication data: retained until consent is withdrawn or up to 3 years of inactivity.
• Website comments: retained indefinitely unless deleted by the user or upon request.
Under GDPR, participants may:
• Request access to their data.
• Request correction or deletion.
• Withdraw consent for marketing or sponsor sharing.
• Restrict or object to processing.
• Request a copy of their data (portability).
Requests can be made by contacting Nex Day at info@nex.day.
• Nex Day applies safeguards including secure storage, encryption where appropriate, and access limits.
• Data is normally processed in the EU/EEA. If transferred outside, adequate safeguards (e.g. EU Standard Contractual Clauses) apply.
• Nex Day may update this policy at any time. The latest version will always be published at https://nex.day.
• Complaints may be directed to Nex Day or the Estonian Data Protection Inspectorate (AKI).