Privacy Policy

Last updated: May 3, 2026

Overview

EventPulse ("we", "us", "our") is a Cyprus-based event discovery and ticketing platform. This Privacy Policy explains what data we collect, how we use it, and the choices you have. By using EventPulse you agree to this policy.

What we collect

• Account data: email, display name, optional avatar, preferred city, language preference.
• Event activity: events you save, tickets you purchase, scans you perform as an organizer, and engagement metrics (views, taps, conversion).
• Payments: processed securely by Stripe. We never store your full card number on our servers; Stripe handles PCI-compliant tokenization. For organizers, Stripe Connect handles payouts.
• Device data: push notification tokens, app version, device model and OS, anonymized crash reports.
• Location: only when you opt in to "Near Me" features. Coarse city-level location is inferred from event search filters.

How we use your data

• Show you events relevant to your city + interests.
• Process ticket purchases and issue QR-coded tickets.
• Send transactional emails (purchase confirmation, event reminders).
• Send push notifications about events you saved or organizers you follow — only with your permission.
• Improve the product through anonymized analytics and crash logs.
• Comply with legal obligations (tax reporting for paid events, anti-fraud checks via Stripe).

Who we share data with

• Stripe — payment processing and Connect payouts.
• Supabase — database hosting (EU region).
• Event organizers — when you buy a ticket, the organizer of that event sees your name, email, and tier purchased so they can verify entry and contact you about event updates.
• We never sell your data. No third-party advertisers or data brokers.

Your rights (GDPR)

As a Cyprus / EU resident you have the right to:

• Access the data we hold about you
• Correct inaccurate data
• Delete your account and all associated data
• Export your data in a portable format
• Object to processing for marketing purposes

Contact us at info@eventapulse.com to exercise any of these rights. We respond within 30 days.

Data retention

• Account data is kept while your account is active and for 90 days after deletion (to handle disputes / refunds).
• Ticket purchase records are retained for 7 years per Cyprus tax law.
• Anonymized analytics are retained indefinitely.

Security

We use TLS for all network traffic, hash passwords with bcrypt, and store payment data only via Stripe's PCI-DSS environment. Database access is restricted by Row-Level Security policies.

Children

EventPulse is not intended for users under 16. We do not knowingly collect data from children. If you believe a child has created an account, contact us at info@eventapulse.com.

Changes to this policy

We may update this policy as our product evolves. Material changes will be announced in-app and via email at least 14 days before they take effect.

Contact

EventPulse Ltd · Nicosia, Cyprus
Email: info@eventapulse.com
For GDPR / Data Protection Officer requests, use the same address above and put "DPO request" in the subject line.

← Back to EventaPulse