Privacy Policy

Effective date: April 8, 2026

ConfirmEvents ("we," "us," or "our") operates the confirm.events platform. This Privacy Policy explains what personal data we collect, how we use it, and your rights regarding that data. By using ConfirmEvents, you agree to the practices described in this policy.

1. Information We Collect

1.1 Account Information

When you create an account, we collect your name, email address, and a password (stored in hashed form; we never store plaintext passwords).

1.2 Organization Data

If you create or join an organization, we store the organization name and team-member records including names, email addresses, and assigned roles.

1.3 Event Data

Event organizers provide event titles, descriptions, dates, venue details, ticket tier configurations, schedules, branding settings (colors, logos), and custom registration fields.

1.4 Guest and RSVP Data

When a guest registers for an event, we collect the information submitted through the RSVP form, which may include:

First name and last name
Email address
Phone number (optional, used for SMS confirmations)
Dietary needs and accessibility requirements
Responses to organizer-defined custom fields
Plus-one information: name, email, and phone number

1.5 Check-in Data

When a guest is checked in at an event (via QR code scan or manual check-in), we record the check-in timestamp and the device identifier used to perform the scan.

1.6 Payment Data

Payments for ticketed events are processed through Stripe. We do not store credit card numbers, CVVs, or other full payment credentials on our servers. We store Stripe customer and transaction identifiers to associate payments with RSVPs.

1.7 Uploaded Files

Event organizers may upload cover images, logos, and other media. These files are stored on our servers and served to event pages.

1.8 Communications Data

When SMS or email notifications are sent through our platform (via Twilio and Resend integrations configured by the organizer), we store records of those communications including recipient addresses, message type, and delivery status.

2. How We Use Your Data

We use the data we collect to:

Provide, maintain, and improve the ConfirmEvents platform
Process event registrations, RSVPs, and payments on behalf of event organizers
Send transactional communications such as RSVP confirmations, reminders, and check-in QR codes
Enable event organizers to manage their guest lists, check-ins, and event analytics
Authenticate users and secure accounts
Respond to support requests
Comply with legal obligations

We do not sell your personal data to third parties. We do not use your data for behavioral advertising.

3. Third-Party Services

We rely on the following third-party services to operate the platform. Each service receives only the data necessary to perform its function:

Stripe— payment processing. Stripe handles card details directly; see Stripe's Privacy Policy.
Twilio— SMS delivery. Phone numbers and message content are transmitted to Twilio for delivery; see Twilio's Privacy Policy.
Resend— email delivery. Email addresses and message content are transmitted to Resend for delivery; see Resend's Privacy Policy.
Railway— application hosting and infrastructure.
Google Fonts— typography. Google may collect limited usage data when fonts are loaded; see Google's Privacy Policy.

4. Cookies and Local Storage

ConfirmEvents uses minimal cookies. We use authentication tokens stored in cookies or local storage to keep you signed in. We do not use advertising cookies, tracking pixels, or third-party analytics cookies. No cookie consent banner is required because our cookies are strictly necessary for the service to function.

5. Data Retention

We retain your account data for as long as your account is active. Event data and associated RSVP data are retained for as long as the organizing account exists or until the organizer deletes the event.

If you delete your account, we will remove your personal data from our active systems within 30 days. Some data may persist in encrypted backups for up to 90 days before being purged.

6. Data Security

We implement reasonable security measures to protect your data, including:

Passwords stored using industry-standard hashing algorithms
HTTPS encryption for all data in transit
Payment data handled exclusively by PCI-compliant Stripe infrastructure
Access controls and role-based permissions for organization data

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you
Correct inaccurate personal data
Delete your personal data (subject to any legal retention obligations)
Export your data in a portable format
Object to or restrict certain processing of your data

To exercise any of these rights, contact us at the address listed in Section 10 below.

8. Guest Data and Event Organizers

Event organizers on ConfirmEvents act as data controllers for the guest data collected through their events. ConfirmEvents acts as a data processor on behalf of the organizer. Organizers are responsible for ensuring they have the appropriate legal basis to collect guest data and for informing their guests about how their data will be used.

If you are a guest who registered for an event and have questions about how your data is used, we recommend contacting the event organizer directly. You may also contact us and we will assist where possible.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date at the top of this page and, where appropriate, notify users via email or an in-app notice. Continued use of the platform after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

ConfirmEvents
Email: privacy@confirm.events
Website: confirm.events