Privacy Policy

1. Information We Collect

1.1 Personal Information You Provide

Account Information: Name, email address, password
Profile Information: Display name, profile picture
Event Information: Event details you create, including location, description, images
Communication: Messages you send to us or other users

1.2 Payment Information

When you purchase tickets or receive payouts as an organizer, payment information is collected and processed by our payment partner, Stripe. EventMaps does not directly store your full credit card details.

We may receive from Stripe: Last 4 digits of your card, card type, billing address, transaction history, and payout details for organizers.

1.3 Information Collected Automatically

Device Information: IP address, browser type, device identifiers
Usage Data: Pages visited, features used, time spent on Service
Location Data: Approximate location based on IP address and precise location if you grant permission
Cookies: See our Cookie Policy for details

2. How We Use Your Information

2.1 Primary Purposes

Service Provision: To provide and maintain our Service
Account Management: To manage your account and authenticate users
Event Management: To display, organize, and facilitate event discovery
Payment Processing: To process ticket purchases, refunds, and organizer payouts
Communication: To send service-related notifications and respond to inquiries

2.2 Payment-Related Communications

We may send you transactional emails related to payments, including:

Purchase confirmations and ticket receipts
Refund notifications
Payout confirmations for organizers
Event change notifications affecting your tickets

2.3 Legal Basis for Processing (GDPR)

Contractual Necessity: To provide the Service you've requested, including processing payments
Legitimate Interest: To improve our Service, ensure security, and prevent fraud
Consent: For optional features like precise location tracking
Legal Obligation: To comply with applicable laws, including tax and financial regulations

3. Information Sharing

We Do Not Sell Your Data:

We never sell your personal information to third parties or use it for marketing purposes without your consent.

3.1 Third-Party Services We Use

Stripe: Payment processing, fraud prevention, and financial services — Privacy Policy
Firebase (Google): Authentication and user management — Privacy Policy
MongoDB Atlas: Database hosting and management — Privacy Policy
Cloudinary: Image storage and processing — Privacy Policy
Mapbox: Map services and location features — Privacy Policy
Vercel: Web hosting and content delivery — Privacy Policy

3.2 When We Share Information

Event information you create is publicly visible to other users
With Stripe to process payments and prevent fraud
With service providers who assist in operating our Service
When required by law or to protect rights and safety
In connection with business transfers (mergers, acquisitions)

4. Your Rights Under GDPR

Right to Access

Request a copy of your personal data we hold

Right to Rectification

Correct inaccurate or incomplete data

Right to Erasure

Request deletion of your personal data ("right to be forgotten")

Data Portability

Receive your data in a structured, machine-readable format

How to Exercise Your Rights

Contact us at support@eventmaps.io with your request. We will respond within 30 days and may ask for identity verification.

5. Data Retention

Account DataUntil deletion + 7 days

Event DataDeleted 3 months after event time

Transaction Records7 years (legal/tax requirement)

Usage Data24 months (anonymized)

Support Communications3 years

Note: We retain transaction records for 7 years to comply with Spanish tax law and EU financial regulations. This includes purchase history, refunds, and payout records.

6. Security Measures

We implement industry-standard security measures including:

Encryption of data in transit (TLS/SSL) and at rest
Regular security assessments and updates
Access controls and authentication requirements
Secure backup and recovery procedures
PCI-DSS compliant payment processing through Stripe

7. International Data Transfers

Your data may be transferred to and processed in countries outside the EU, including the United States (for services like Stripe, MongoDB, and Cloudinary). We ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the European Commission
Data Processing Agreements with all third-party providers
Verification that providers maintain adequate security measures

8. Children's Privacy

Our Service is not intended for children under 13 (or under 16 for account creation). We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete it immediately. If you believe a child has provided us with personal data, please contact us at support@eventmaps.io.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will:

Post the updated Privacy Policy on this page
Update the "Last Updated" date at the top
For significant changes, notify you by email or through a notice on our Service

10. Contact Information

Contact EventMaps

EventMaps - Operated by Umit Hayim
Email: support@eventmaps.io

Data Protection Authority

Spain: Agencia Española de Protección de Datos (AEPD)
EU: Contact your local supervisory authority

1. Information We Collect

1.1 Personal Information You Provide

Account Information: Name, email address, password
Profile Information: Display name, profile picture
Event Information: Event details you create, including location, description, images
Communication: Messages you send to us or other users

1.2 Payment Information

We may receive from Stripe: Last 4 digits of your card, card type, billing address, transaction history, and payout details for organizers.

1.3 Information Collected Automatically

Device Information: IP address, browser type, device identifiers
Usage Data: Pages visited, features used, time spent on Service
Location Data: Approximate location based on IP address and precise location if you grant permission
Cookies: See our Cookie Policy for details

2. How We Use Your Information

2.1 Primary Purposes

Service Provision: To provide and maintain our Service
Account Management: To manage your account and authenticate users
Event Management: To display, organize, and facilitate event discovery
Payment Processing: To process ticket purchases, refunds, and organizer payouts
Communication: To send service-related notifications and respond to inquiries

2.2 Payment-Related Communications

We may send you transactional emails related to payments, including:

Purchase confirmations and ticket receipts
Refund notifications
Payout confirmations for organizers
Event change notifications affecting your tickets

2.3 Legal Basis for Processing (GDPR)

Contractual Necessity: To provide the Service you've requested, including processing payments
Legitimate Interest: To improve our Service, ensure security, and prevent fraud
Consent: For optional features like precise location tracking
Legal Obligation: To comply with applicable laws, including tax and financial regulations

3. Information Sharing

We Do Not Sell Your Data:

We never sell your personal information to third parties or use it for marketing purposes without your consent.

3.1 Third-Party Services We Use

Stripe: Payment processing, fraud prevention, and financial services — Privacy Policy
Firebase (Google): Authentication and user management — Privacy Policy
MongoDB Atlas: Database hosting and management — Privacy Policy
Cloudinary: Image storage and processing — Privacy Policy
Mapbox: Map services and location features — Privacy Policy
Vercel: Web hosting and content delivery — Privacy Policy

3.2 When We Share Information

Event information you create is publicly visible to other users
With Stripe to process payments and prevent fraud
With service providers who assist in operating our Service
When required by law or to protect rights and safety
In connection with business transfers (mergers, acquisitions)

4. Your Rights Under GDPR

Right to Access

Request a copy of your personal data we hold

Right to Rectification

Correct inaccurate or incomplete data

Right to Erasure

Request deletion of your personal data ("right to be forgotten")

Data Portability

Receive your data in a structured, machine-readable format

How to Exercise Your Rights

Contact us at support@eventmaps.io with your request. We will respond within 30 days and may ask for identity verification.

5. Data Retention

Account DataUntil deletion + 7 days

Event DataDeleted 3 months after event time

Transaction Records7 years (legal/tax requirement)

Usage Data24 months (anonymized)

Support Communications3 years

Note: We retain transaction records for 7 years to comply with Spanish tax law and EU financial regulations. This includes purchase history, refunds, and payout records.

6. Security Measures

We implement industry-standard security measures including:

Encryption of data in transit (TLS/SSL) and at rest
Regular security assessments and updates
Access controls and authentication requirements
Secure backup and recovery procedures
PCI-DSS compliant payment processing through Stripe

7. International Data Transfers

Standard Contractual Clauses (SCCs) approved by the European Commission
Data Processing Agreements with all third-party providers
Verification that providers maintain adequate security measures

8. Children's Privacy

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will:

Post the updated Privacy Policy on this page
Update the "Last Updated" date at the top
For significant changes, notify you by email or through a notice on our Service

10. Contact Information

Contact EventMaps

EventMaps - Operated by Umit Hayim
Email: support@eventmaps.io

Data Protection Authority

Spain: Agencia Española de Protección de Datos (AEPD)
EU: Contact your local supervisory authority

Your GDPR Rights

1. Information We Collect

1.1 Personal Information You Provide

1.2 Payment Information

1.3 Information Collected Automatically

2. How We Use Your Information

2.1 Primary Purposes

2.2 Payment-Related Communications

2.3 Legal Basis for Processing (GDPR)

3. Information Sharing

3.1 Third-Party Services We Use

3.2 When We Share Information

4. Your Rights Under GDPR

Right to Access

Right to Rectification

Right to Erasure

Data Portability

How to Exercise Your Rights

5. Data Retention

6. Security Measures

7. International Data Transfers

8. Children's Privacy

9. Changes to This Policy

10. Contact Information

Contact EventMaps

Data Protection Authority

Privacy Policy

Your GDPR Rights

1. Information We Collect

1.1 Personal Information You Provide

1.2 Payment Information

1.3 Information Collected Automatically

2. How We Use Your Information

2.1 Primary Purposes

2.2 Payment-Related Communications

2.3 Legal Basis for Processing (GDPR)

3. Information Sharing

3.1 Third-Party Services We Use

3.2 When We Share Information

4. Your Rights Under GDPR

Right to Access

Right to Rectification

Right to Erasure

Data Portability

How to Exercise Your Rights

5. Data Retention

6. Security Measures

7. International Data Transfers

8. Children's Privacy

9. Changes to This Policy

10. Contact Information

Contact EventMaps

Data Protection Authority