The data controller for your personal data is ByInvite.

If you have any questions about how we handle your personal data or wish to exercise your rights, you can contact us at: [email protected]

When you use our Platform, we may collect the following data:

Data you provide directly

- First and last name
- Email address
- Links to your social media profiles (e.g. Instagram, LinkedIn)
- A short personal introduction or message
- Any additional information you choose to share through our request forms

This data is collected when you submit an invitation request, an access request, or any other form on our Platform.

Data collected automatically

- IP address
- Browser type and version
- Operating system
- Pages visited and time spent
- Referring URL

This technical data is collected via server logs and, where applicable, cookies.

We use your personal data for the following purposes:

- Reviewing and assessing your invitation or access requests
- Facilitating introductions between guests and members
- Communicating with you about your account and requests
- Managing your account on the Platform
- Processing payments for coordination fees
- Improving and developing our Platform and services
- Ensuring the security and integrity of our Platform
- Complying with our legal obligations

Your data is never sold to third parties.

We process your personal data on the following legal bases:

Consent (Art. 6(1)(a) GDPR): when you submit a request form or opt in to communications from us.

Performance of a contract (Art. 6(1)(b) GDPR): when processing is necessary to provide our coordination services to you, including managing your account and processing payments.

Legitimate interest (Art. 6(1)(f) GDPR): when processing is necessary for our legitimate interests, such as improving our services, maintaining Platform security, and reviewing requests to maintain the quality of our network.

Legal obligation (Art. 6(1)(c) GDPR): when we are required by law to process your data.

ByInvite is a private, invitation-only network. As part of our curation process, requests submitted through our Platform may be reviewed manually by our team.

This review may include verifying your personal information, social media profiles, and introduction message to assess the suitability of your request for our network.

This review is carried out on the basis of our legitimate interest in maintaining the quality, safety, and curated nature of our community.

Between users: if an introduction is confirmed, certain information about you (such as your first name and introduction message) may be shared with the relevant member to facilitate hosting. Similarly, the member may share certain information with you. Your data is never made public or shared broadly.

Service providers: we use third-party service providers to operate our Platform, including:
- Tally (form collection)
- Hosting and infrastructure providers
- Payment service providers
- Email service providers

These providers only access your data to the extent necessary to perform their services and are contractually required to protect it.

Legal obligations: we may be required to disclose your personal data where the law requires us to do so, including in response to a court order or regulatory request.

Your data is never sold to third parties.

We retain your personal data only for as long as necessary for the purposes for which it was collected:

- Account data: retained for the duration of your active account, then deleted within 12 months of account closure, unless we are legally required to retain it longer.
- Declined requests: data relating to unsuccessful requests is deleted within 6 months of the decision.
- Payment data: retained in accordance with applicable accounting and tax obligations (generally up to 10 years).
- Server logs: automatically deleted after 90 days.
- Contact form data: deleted within 6 months of closing the enquiry.

We take reasonable technical and organisational measures to protect your personal data against loss, unauthorised access, disclosure, alteration, or destruction.

These measures include encryption of data in transit, access controls, and firewalls. However, no method of transmission over the Internet or electronic storage is completely secure.

You should treat your login information confidentially and close your session when you are finished.

Our Platform may use essential cookies that are necessary for the site to function properly (e.g. session management and authentication).

We do not use advertising tracking cookies. If we introduce analytics cookies in the future, we will update this policy and seek your consent where required.

You can configure your browser to refuse cookies, but this may affect the functionality of the Platform.

Your data is primarily processed on servers located in the United Kingdom and the European Economic Area (EEA).

Where data is transferred outside the UK or EEA (for example, via our service providers), we ensure that appropriate safeguards are in place, including standard contractual clauses or adequacy decisions.

Under the GDPR and applicable data protection law, you have the following rights:

- Right of access: to obtain confirmation that your data is being processed and to access it.
- Right to rectification: to have inaccurate or incomplete data corrected.
- Right to erasure: to request deletion of your data, subject to our legal obligations.
- Right to restriction: to request restriction of processing in certain circumstances.
- Right to object: to object to the processing of your data, including for direct marketing purposes.
- Right to data portability: to receive your data in a structured, machine-readable format.
- Right to withdraw consent: at any time, where processing is based on consent.

To exercise any of these rights, please contact us at: [email protected]

We will respond to your request within one month. You also have the right to lodge a complaint with a supervisory authority:

- United Kingdom: Information Commissioner's Office (ICO) — ico.org.uk
- France: Commission Nationale de l'Informatique et des Libertés (CNIL) — cnil.fr

We may update this privacy policy from time to time. Any changes will be posted on this page. If significant changes are made, we will notify you by email or through our Platform.

We encourage you to review this page regularly to stay informed about how we protect your data.

If you have any questions about this privacy policy or how we handle your personal data, please contact us:

Email: [email protected]