Summary (plain English): We collect only what we need to run your event experience. We never sell your data. You can request deletion of your data at any time by emailing team@eventifyed.com.
1. Who we are
Eventifyed ("we", "us", "our") is an event ticketing platform operated by Eventifyed Ltd. Our registered contact address is available on request at team@eventifyed.com.
2. What data we collect
We collect the following categories of personal data:
- Account data — name, email address, and profile information provided through Kinde (our identity provider).
- Ticket purchase data — name, email, tickets purchased, quantity, and payment reference. We do not store card numbers; payments are handled by Stripe.
- Event data — events you create, attendees, seat maps, and analytics associated with your events.
- Communications — emails we send you (confirmations, reminders, feedback requests) and any replies.
- Usage data — pages visited, actions taken in the dashboard, and standard server logs (IP address, browser, timestamps).
- Cookies — session cookies for authentication and optional analytics cookies (see Section 7).
3. How we use your data
- To create and manage your account and tickets.
- To process payments via Stripe and issue ticket PDFs/QR codes.
- To send transactional emails (booking confirmation, ticket transfer, event reminders).
- To send post-event feedback requests (you can opt out any time).
- To provide customer support.
- To detect fraud, enforce our terms, and keep the platform secure.
- To improve the platform through aggregated, anonymised analytics.
4. Legal basis (GDPR)
If you are in the European Economic Area (EEA), our legal bases are:
- Contract — to fulfil your ticket purchase or event creation.
- Legitimate interests — fraud prevention, platform security, and product improvement.
- Consent — for optional marketing emails and non-essential cookies.
- Legal obligation — to comply with applicable law (e.g. tax records).
5. Data sharing
We share your data only with trusted third-party processors:
- Stripe — payment processing (their privacy policy).
- Kinde — authentication (their privacy policy).
- MailerSend — transactional email delivery.
- Cloudinary — image and QR code storage.
- MongoDB Atlas — cloud database hosting (EU region).
We do not sell, rent, or trade your personal data to any third party for marketing purposes.
6. Data retention
We keep your data for as long as your account is active or as needed to provide services. Ticket purchase records are retained for 7 years for legal/tax reasons. You may request deletion of your account and non-financial data at any time (see Section 9).
7. Cookies
We use the following cookies:
- Session cookies (essential) — required for login and authentication. Cannot be disabled.
- returnTo cookie — stores your intended destination after login. Expires in 10 minutes.
- Analytics cookies (optional) — only set if you consent via the cookie banner. We use anonymised, aggregated data only.
You can withdraw cookie consent at any time by clearing your browser cookies or clicking "Cookie Settings" in the footer.
8. Your rights (GDPR)
If you are in the EEA or UK, you have the right to:
- Access — request a copy of all personal data we hold about you.
- Rectification — correct inaccurate data.
- Erasure ("right to be forgotten") — request deletion of your data, subject to legal retention requirements.
- Restriction — ask us to limit processing in certain circumstances.
- Portability — receive your data in a machine-readable format.
- Object — object to processing based on legitimate interests.
- Withdraw consent — where processing is based on consent, withdraw it at any time.
To exercise any right, email team@eventifyed.com. We will respond within 30 days. Logged-in users can also request deletion directly from their account settings.
9. Data deletion requests
Logged-in users may submit a deletion request from the Account page (Settings → Delete My Data). This will:
- Remove your profile, events you created, and personal details from our database.
- Anonymise ticket purchase records required for financial/legal retention.
- Cancel any active Stripe subscription.
Processing typically takes up to 7 business days. You will receive a confirmation email when complete.
10. Security
We implement industry-standard security measures: HTTPS/TLS in transit, encrypted storage, access controls, and regular security reviews. Payment data is never stored on our servers — it is processed exclusively by Stripe.
11. International transfers
Our infrastructure is primarily EU-based. Where data is transferred outside the EEA (e.g. to US-based processors), we ensure appropriate safeguards are in place (Standard Contractual Clauses or equivalent).
12. Children
Eventifyed is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us data, contact us and we will delete it promptly.
13. Changes to this policy
We may update this policy from time to time. We will notify you of material changes by email or a notice in the dashboard. Continued use of the platform after changes constitutes acceptance.
14. Contact
For any privacy questions or to exercise your rights, contact us at team@eventifyed.com.
If you are not satisfied with our response, you have the right to lodge a complaint with the Data Protection Commission (Ireland) at dataprotection.ie.