1. Information collected
- Account details such as name, email address, phone number, and password credentials in protected form.
- Vendor and business details, including trading name, address, brands, products, emergency contacts, and stand representatives.
- Booking, stand-selection, payment-status, receipt, support, and event-access records.
- Technical and security information such as browser, device, IP address, session, audit, and error logs.
2. How information is used
- Create and secure vendor accounts.
- Process registrations, reservations, stand allocations, payments, receipts, vendor passes, and check-in.
- Send operational, security, payment, and event communications.
- Prevent fraud, duplicate bookings, abuse, and unauthorised access.
- Produce event reports, reconcile payments, resolve disputes, and meet legal or regulatory obligations.
3. Legal and operational basis
Information is processed because it is necessary to provide the requested vendor service, administer the event, protect legitimate operational and security interests, comply with legal duties, and act on consent where consent is the appropriate basis.
4. Sharing of information
- Authorised KNUST SRC and event personnel who require access for event operations.
- Payment, SMS, email, hosting, database, security, analytics, and technical service providers acting under appropriate controls.
- KNUST security, public authorities, regulators, courts, or law-enforcement bodies where disclosure is required or legally justified.
- Information is not sold as a commercial mailing list.
5. Payments
Payment providers process payment credentials under their own security and privacy controls. VendSpace should retain transaction references, amounts, payer details, status, and reconciliation records, but should not store sensitive card authentication data that belongs with the payment provider.
6. Retention
Information is retained only as long as reasonably necessary for event administration, accounting, audit, security, dispute resolution, legal compliance, and future event records. Data that is no longer required should be deleted, anonymised, or securely archived according to the applicable retention process.
7. Security
- Access controls, authentication, audit logging, encrypted connections, and managed infrastructure are used to reduce risk.
- No online system is completely risk-free; users must protect passwords and report suspicious account activity promptly.
- Access is limited to authorised persons with an operational need.
8. Your choices and rights
- Request access to or correction of inaccurate personal information.
- Request deletion or restriction where legally and operationally applicable.
- Withdraw optional consent without affecting processing already lawfully completed.
- Object to inappropriate use and raise a privacy concern through the official contact channel.
9. Cookies and sessions
VendSpace may use essential cookies or similar storage to maintain signed-in sessions, secure the platform, remember necessary choices, and measure reliable platform operation. Essential cookies may be required for registration and booking functions.
10. Policy updates
This policy may be updated when platform features, providers, event requirements, or laws change. The current version and update date will be published on this page.
Review the frequently asked questions or contact the event support team before completing a booking.