Privacy Policy

SOURems Event Management System

Effective Date: 16 January 2026

1. Introduction

SOURems is an AI-powered end-to-end event management system operated by FOT Labs ("we", "us", or "our"). We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

By accessing or using SOURems, you consent to the data practices described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our services.

2. Definitions

For the purposes of this Privacy Policy:

"Organisers" refers to businesses, companies, or individuals who use SOURems to create, manage, and run events.

"Attendees" refers to individuals who register for, attend, or participate in events powered by SOURems.

"Personal Data" means any information that can be used to identify an individual, directly or indirectly.

"Platform" refers to the SOURems website, applications, and all related services.

3. Information We Collect

3.1 Information Collected from Organisers

When Organisers register for an account and use our services, we collect the following information:

• Full name and designation
• Company or organisation name
• Email address
• Phone number
• Billing and payment information
• Business address
• Event-related data such as event details, schedules, and operational records

3.2 Information Collected from Attendees

When Attendees register for events through our Platform, we collect:

• Full name
• Email address
• Company or organisation name
• Contact number
• Payment details required for ticket purchases

Organisers may collect additional information from Attendees through customisable registration forms. Such additional fields are configured at the discretion of the Organiser. Attendees should review the registration form carefully and contact the Organiser directly for questions regarding additional data collected.

3.3 Automatically Collected Information

When you use our Platform, we may automatically collect certain information, including:

• Device information (browser type, operating system)
• IP address and general location data
• Usage data (pages visited, features used, time spent)
• Cookies and similar tracking technologies

4. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide and maintain our Platform and related event management services.
• Account Management: To create and manage Organiser accounts, process subscriptions, and handle billing.
• Communication: To send transactional emails, event confirmations, reminders, and marketing communications (where consent is provided).
• Analytics and Reporting: To provide insights to Organisers regarding event performance and engagement.
• AI-Powered Reports: To generate intelligent event reports using non-sensitive, aggregated data. Personal identifying information is not used for AI processing.
• Platform Improvement: To analyse usage patterns and improve our features and user experience.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.
• Security: To detect, prevent, and address technical issues, fraud, and security threats.

5. Data Sharing and Disclosure

We do not sell your Personal Data. We may share your information in the following circumstances:

5.1 With Organisers

Attendee data collected during event registration is shared with the respective Organiser. Organisers are responsible for ensuring their collection and processing of Attendee data complies with applicable laws.

5.2 Third-Party Service Providers

We engage trusted third-party service providers to help operate our Platform, including:

• Payment processors to handle payment transactions securely. Payment card details are processed directly by our payment provider and are not stored on our servers.
• Email service providers to deliver transactional and marketing communications.
• Cloud hosting providers to store and process data securely.

These providers are contractually obligated to protect your data and may only use it for the purposes specified by us.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, such as a court or government agency.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different privacy policy.

6. Data Storage and Security

6.1 Storage Location

All data collected through SOURems is stored in secure hosting facilities located in Malaysia and Singapore. Our hosting infrastructure adheres to industry-standard security protocols.

6.2 Security Measures

We implement appropriate technical, security, and organisational measures to protect Personal Data against unauthorised or unlawful processing, accidental loss, destruction, damage, theft, or disclosure. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments
• Access controls limiting data access to authorised personnel only
• Secure software development practices
• Regular data backups

While we strive to protect your Personal Data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.

7. Data Retention

We retain Personal Data for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Event Data: Attendee and event-related data is retained for three (3) months following the conclusion of an event.
• Organiser Account Data: Data is retained for the duration of the account relationship and for three (3) months following account termination.
• Billing Records: Retained as required by applicable tax and accounting regulations.

Upon expiration of the retention period, Personal Data will be securely deleted or anonymised.

8. International Data Transfers

SOURems primarily serves clients in Southeast Asia. When we transfer Personal Data across borders, we ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) where applicable.

9. Your Rights

Under the Malaysia Personal Data Protection Act 2010 (PDPA) and other applicable laws, you have the following rights regarding your Personal Data:

• Right of Access: You may request access to your Personal Data held by us.
• Right of Correction: You may request correction of inaccurate or incomplete Personal Data.
• Right to Withdraw Consent: You may withdraw your consent to the processing of your Personal Data at any time.
• Right to Limit Processing: You may request that we limit the processing of your Personal Data in certain circumstances.
• Right to Data Portability: Where technically feasible, you may request a copy of your Personal Data in a structured, commonly used format.

To exercise any of these rights, please contact us using the details provided in Section 12. We will respond to your request within a reasonable timeframe as required by applicable law.

Note for Attendees: For information concerning the protection of your privacy when responding to event registrations, please contact the Organiser of the event directly.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Platform. Cookies help us remember your preferences, authenticate users, analyse usage patterns, and deliver relevant communications.

You can control cookie settings through your browser preferences. However, disabling certain cookies may affect the functionality of our Platform.

11. Third-Party Links

Our Platform may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

FOT Labs
Email: contact-us@fotlabs.xyz

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date. Your continued use of our services after such changes constitutes your acceptance of the updated Privacy Policy.

14. Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will promptly notify affected parties and relevant regulatory authorities as required by applicable law.