Privacy Policy

Last updated: 14 July 2026

Who we are

WELLNESSINDUSTRY.IO is an events platform operated by Hololife Summit OÜ, a company registered in Estonia(“we”, “us”). We are the controller of the personal data described here. Registered address: Tööstuse 43-100, 10411 Tallinn, Estonia. For privacy questions or to exercise your rights, contact .

Data we process

  • Ticket buyers & attendees — name, email, organisation and job title, billing address, VAT ID, and order/ticket details. Payment card data is handled by Stripe and never reaches us.
  • Exhibitors & companies — company details, contact person name/email/phone, VAT ID, logos, and (where a participation form is used) a drawn signature confirming agreement.
  • Speakers & applicants — name, contact details, biography, photos, and social links. For confirmed speakers who travel, we may process travel data (date of birth, flight and hotel details, and an emergency contact) solely to arrange their participation.
  • Account holders — email, name, password (hashed), role, and optional two-factor authentication data.
  • Event photos & content — photographs taken at events (which may show attendees), speaker session recordings, transcripts, and related content.
  • Usage & marketing data — analytics and advertising data on our public pages, processed only with your cookie consent (see Cookies).

Why we process it and our lawful basis

  • To sell tickets, manage registrations, run events, and issue invoices — performance of a contract (Art. 6(1)(b)).
  • To manage exhibitor, speaker, and other applications, and to communicate about events — contract and our legitimate interest (Art. 6(1)(f)) in operating the events.
  • To meet accounting and tax obligations — legal obligation (Art. 6(1)(c)).
  • For analytics, advertising cookies, and marketing communications — your consent (Art. 6(1)(a)), which you may withdraw at any time.

Who we share it with

We use vetted processors under data-processing agreements, and share data only as needed to run the platform:

ProcessorPurposeDataRegion
StripeTicket and package payments (hosted checkout)Buyer email, purchase amounts, ticket labels (card data goes to Stripe directly, never to us)EU/US
Brevo (Sendinblue)Transactional email (confirmations, invitations, notifications)Recipient email and name, message content, calendar (.ics) attachmentsEU (France)
Google Tag ManagerTag management / analytics (consent-gated)Page views, interaction events, cookiesGlobal (EU and US)
Meta (Facebook) Pixel & Conversions APIAdvertising measurement (consent-gated)Browser events, cookies, hashed email, purchase valueGlobal (incl. EU–US transfers)
Azure OpenAITranscription, summaries, and photo moderation for event contentSpeaker audio, transcripts, speaker bios, event photo URLsEU (Sweden)
AssemblyAISession transcriptionSession audioEU (Ireland)
Google GeminiResearch / article generation from session contentSession transcriptsGlobal; EU Vertex AI
DeepLLive session translationTranscript textMulti-region; EU

Our databases, file storage, and processing infrastructure are self-hosted. We may also disclose data to an event’s organiser where you register for that organiser’s event, and to authorities where legally required.

Cookies & analytics

Essential cookies keep you signed in and remember your privacy choice. Analytics and advertising tags (Google Tag Manager, Meta Pixel) load only after you accept non-essential cookies in our banner. You can change your choice at any time. See the Cookie Policy for details.

International transfers

Some processors (e.g. Stripe, Meta, Google, OpenAI) are located outside the EEA. Such transfers rely on an adequacy decision (e.g. the EU-US Data Privacy Framework) or Standard Contractual Clauses.

Retention

We keep order, ticket, and invoice data for as long as required by accounting and tax law, account data while your account is active, and application/marketing data until it is no longer needed or you object. We delete or anonymise data on request, subject to legal retention obligations.

Your rights

You have the right to access, rectification, erasure, restriction, portability, objection, and withdrawal of consent. To exercise them, contact . You may also lodge a complaint with the Estonian or your local data protection authority.