The Doers Company
Legal

Privacy Policy

Effective date: March 4, 2026 — Last updated: March 4, 2026

1. Introduction

THE DOERS COMPANY LTD (“we”, “us”, or “the Company”) is a company registered in the Republic of Cyprus. We operate the website thedoerscompany.com, the Doers Events brand (live events and summits), Doers Labs (our technology division), and Doers United (our community networking platform and iOS application).

This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you interact with any of our services. It applies to all visitors, event attendees, community members, and app users.

We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the Processing of Personal Data (Protection of the Individual) Law of 2018 (Law 125(I)/2018) of the Republic of Cyprus.

2. What Data We Collect

Account & Profile Data

  • Full name, email address, phone number
  • Job title, company name, industry
  • Profile photo, biography, and networking preferences (Doers United)
  • Social media profiles and website URLs you choose to share

Event Registration Data

  • Event selections, ticket type, and session interests
  • Dietary preferences and accessibility requirements
  • Travel and accommodation details (when provided)
  • Payment and billing information (processed by third-party payment providers)

Community & App Data

  • Connections made and messages exchanged within Doers United
  • Feature usage, content shared, and community participation
  • Matchmaking preferences and goals for AI-powered networking

Technical Data

  • IP address, browser type, operating system, and device information
  • App version and mobile device identifiers (Doers United)
  • Approximate location data (for event-related services, with your permission)
  • Cookies, analytics identifiers, and usage logs

3. How We Use Your Data

We process your personal data only when we have a valid legal basis under Article 6 of the GDPR. Below are the purposes and their corresponding legal bases:

Performance of a Contract (Art. 6(1)(b))

Processing event registrations and delivering event services; creating and maintaining your Doers United account; facilitating networking connections and matchmaking; processing payments and issuing invoices.

Legitimate Interest (Art. 6(1)(f))

AI-powered matchmaking and networking suggestions (SuperDoer AI); analytics to improve our events, platform, and user experience; preventing fraud and ensuring the security of our services; communicating service updates and operational notices.

Consent (Art. 6(1)(a))

Sending marketing emails, newsletters, and event invitations; push notifications via the Doers United app; placing non-essential cookies and tracking technologies; sharing your profile with event sponsors for networking purposes.

Legal Obligation (Art. 6(1)(c))

Maintaining tax and accounting records as required by Cyprus law; complying with regulatory requests and legal proceedings.

4. Cookies & Tracking Technologies

Our website and app use cookies and similar technologies to enhance your experience, analyse usage, and support our marketing efforts. We use three categories of cookies:

  • Essential cookies — required for the website and app to function (authentication, session management, security). These cannot be disabled.
  • Analytics cookies — help us understand how visitors interact with our services (e.g., page views, session duration). We use these to improve our products.
  • Marketing cookies — used to deliver relevant advertisements and track the effectiveness of our campaigns. These are only placed with your consent.

You can manage your cookie preferences through your browser settings or via the cookie consent banner displayed on our website. The Doers United app uses similar analytics technologies, which you can control through your device settings.

5. Data Sharing & Third Parties

We do not sell your personal data. We may share your data with the following categories of recipients, only to the extent necessary:

  • Event sponsors and partners — with your explicit consent, for networking and matchmaking purposes at our events.
  • Technology providers — cloud hosting, email delivery, analytics, and customer support tools that help us operate our services.
  • Payment processors — to securely handle transactions for event tickets and subscriptions. We do not store your full payment details.
  • Legal and regulatory authorities — when required by law, court order, or to protect our legal rights.

All third-party processors are bound by data processing agreements that ensure your data is handled in compliance with the GDPR.

6. International Data Transfers

Some of our technology providers and partners are located outside the European Economic Area (EEA). When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, including:

  • Adequacy decisions by the European Commission, confirming that the recipient country provides an adequate level of data protection.
  • Standard Contractual Clauses (SCCs) approved by the European Commission, which contractually bind the data recipient to protect your data.

You may request further information about the safeguards in place by contacting us at the address listed below.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Specific retention periods are as follows:

  • Account data — retained for the duration of your active account. Upon account closure, your data is deleted within 30 days, unless retention is required by law.
  • Event registration data — retained for up to 3 years following the event for operational and follow-up purposes.
  • Marketing data — retained until you withdraw your consent or unsubscribe.
  • Analytics and technical data — retained for up to 26 months.
  • Legal and financial records — retained as required by applicable Cyprus and EU law.

8. Your Rights Under GDPR

Under the GDPR and Cyprus data protection law, you have the following rights in relation to your personal data. You can exercise any of these rights by contacting us at privacy@thedoerscompany.com.

Right of Access (Art. 15)

You can request a copy of the personal data we hold about you, along with information about how it is being processed.

Right to Rectification (Art. 16)

You can request that we correct any inaccurate or incomplete personal data we hold about you.

Right to Erasure (Art. 17)

You can request the deletion of your personal data when it is no longer necessary for the purpose it was collected, or when you withdraw your consent.

Right to Restriction of Processing (Art. 18)

You can request that we limit the processing of your data in certain circumstances, such as when you contest its accuracy.

Right to Data Portability (Art. 20)

You can request to receive the personal data you provided to us in a structured, commonly used, and machine-readable format.

Right to Object (Art. 21)

You can object to the processing of your personal data when it is based on legitimate interests, including profiling and direct marketing.

Right to Withdraw Consent (Art. 7(3))

Where processing is based on your consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

Right to Lodge a Complaint

If you believe that we have not handled your personal data properly, you have the right to lodge a complaint with the Office of the Commissioner for the Protection of Personal Data of the Republic of Cyprus at www.dataprotection.gov.cy.

We will respond to all legitimate requests within one month. In complex cases, we may extend this by a further two months, and we will inform you if this is necessary.

9. Children's Privacy

Our services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child under 16, we will take steps to delete it promptly.

If you believe that a child has provided us with personal data, please contact us at privacy@thedoerscompany.com so we can take appropriate action.

10. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Access controls and role-based authentication for internal systems
  • Regular security assessments and monitoring
  • Incident response procedures for data breaches

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, but we are committed to safeguarding your information to the highest standard.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the “Last updated” date at the top of this page.

For significant changes, we will notify you via email or through a notice in the Doers United app. We encourage you to review this page periodically to stay informed about how we protect your data.

12. Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how your data is being handled, please contact us:

THE DOERS COMPANY LTD

Limassol, Cyprus

Email: privacy@thedoerscompany.com

Supervisory Authority

Office of the Commissioner for the Protection of Personal Data
Republic of Cyprus
www.dataprotection.gov.cy