Effective date: April 18, 2026
This Privacy Policy explains how Vantage Events ("Vantage," "we," "us," or "our") collects, uses, discloses, retains, and protects information in connection with the Vantage Events platform, websites, mobile experiences, APIs, and related services (collectively, the "Service"). By using the Service, you acknowledge that you have read and understood this Policy. If you do not agree, do not use the Service.
This Policy should be read together with our Terms of Service and, where applicable, a Data Processing Addendum (available upon request at privacy@vantageevents.app).
Vantage acts in different privacy roles depending on the data:
If you are an Attendee and have questions about how your data is used for a specific event, contact the Organizer first.
4.1 Account Information (Organizers). Name, email, phone (optional), organization name, role, time zone, billing details, and account preferences. Authentication credentials are hashed and salted; we do not receive plain-text passwords.
4.2 Event and Attendee Data. Event details (title, description, schedule, capacity), registration form responses, ticket types and prices, check-in records, attendance status, custom fields, and any content Organizers upload. Organizers control what fields are collected from Attendees.
4.3 Payment Information. Payment card data is collected, processed, and stored by Stripe, Inc. as an independent controller in accordance with the Stripe Privacy Policy. We receive limited transactional metadata (charge identifiers, last four digits, billing ZIP, brand, amount, currency, status). We do not store full payment card numbers or CVV values.
4.4 Communications Content. Email, SMS, survey, and chat messages sent or received through the Service, including drafts generated by AI features.
4.5 Voice and Audio. When you use voice features (including the chat assistant on our marketing sites or in-app voice capture), audio is transmitted to third-party speech recognition providers (see Section 8). Audio is retained only as long as necessary to produce a transcript, then deleted from our systems. Transcripts may be retained for service quality and debugging.
4.6 AI Inputs and Outputs. Prompts you submit to AI features and the text, suggestions, or predictions returned. You should not submit sensitive personal data, credentials, health information, or confidential third-party information to AI features.
4.7 Device and Usage Data. IP address, user-agent, device identifiers, operating system, referring pages, pages viewed, clicks, error and diagnostic logs, approximate geolocation derived from IP, and session duration.
4.8 Cookies and Similar Technologies. See Section 13.
4.9 Information From Third Parties. If you sign up through a partner, authorize a CRM or social integration (e.g., Stripe Connect, GoHighLevel, HubSpot, Zapier, webhooks), or interact with advertising, we may receive data from those sources.
4.10 Inferences. We may derive insights from the above (for example, attendance forecasts or event pacing signals) to deliver the analytics features of the Service.
We use information to:
Where the GDPR or UK GDPR applies, we rely on the following legal bases: (a) performance of a contract with you; (b) our legitimate interests in operating, securing, and improving the Service, provided those interests are not overridden by your rights; (c) compliance with legal obligations; and (d) your consent where required (which you may withdraw at any time without affecting prior lawful processing).
We use AI and machine-learning systems to provide features such as drafting messages, surfacing insights, forecasting attendance, and powering our conversational assistants.
We do not sell personal information, and we do not share personal information for cross-context behavioral advertising as those terms are defined under the California Consumer Privacy Act as amended ("CCPA"). We share information only as follows:
An up-to-date list of material subprocessors is available upon request at privacy@vantageevents.app. We conduct reasonable diligence on subprocessors and require appropriate data-protection terms.
We operate primarily in the United States, and the Service uses cloud infrastructure that may process data in the United States and other jurisdictions. When personal data is transferred from the European Economic Area, United Kingdom, or Switzerland to a country that has not received an adequacy decision, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, or another lawful transfer mechanism. Copies are available upon request.
We retain personal data for as long as reasonably necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Typical retention periods:
We maintain administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit (TLS 1.2+), encryption at rest, role-based access controls, least-privilege staff access, multi-factor authentication for administrative systems, audit logging, network segmentation, vulnerability monitoring, and regular backups.
No information system is completely secure. You are responsible for maintaining the confidentiality of your account credentials, promptly reporting suspected unauthorized access, and configuring access permissions within your organization appropriately. We cannot guarantee that unauthorized third parties will never defeat security measures.
If we confirm a personal data breach affecting your data, we will notify affected Organizers without undue delay and consistent with applicable law. Where Vantage acts as a processor, Organizers (as controllers) are responsible for notifying Attendees, regulators, and any other required parties; we will cooperate reasonably to support those obligations.
We use cookies, local storage, and similar technologies to operate the Service, remember preferences, keep you signed in, measure performance, and understand how the Service is used. We do not use third-party advertising cookies. You can control cookies through your browser settings; disabling cookies may affect functionality. We honor Global Privacy Control ("GPC") signals as an opt-out request for California residents to the extent required by law.
When Organizers send email or SMS through the Service, the Organizer is responsible for obtaining any required consent (including consent compliant with the Telephone Consumer Protection Act ("TCPA"), CAN-SPAM, CASL, and other applicable laws), for honoring opt-out requests (including STOP and HELP keywords), and for message content. Message and data rates may apply for SMS recipients. Vantage may suspend or terminate messaging features for suspected non-compliance. Transactional and service messages required to operate your account (billing, security, essential notices) cannot be opted out of while your account remains active.
Subject to verification and applicable law, you may have rights to: (a) access the personal data we hold about you; (b) correct inaccurate data; (c) delete personal data; (d) receive a portable copy; (e) restrict or object to processing; (f) opt out of sale, sharing, or targeted advertising (we do not engage in these); (g) limit use of sensitive personal information; (h) withdraw consent; and (i) not be subject to solely automated decisions producing legal or similarly significant effects.
To exercise rights, email privacy@vantageevents.app. We may ask for information to verify your identity. If you are an Attendee, direct your request to the Organizer; we will forward requests we cannot fulfill directly. We will respond within the timeframes required by applicable law (typically 30 days for GDPR, 45 days with a 45-day extension for CCPA).
You have the right to lodge a complaint with a supervisory authority (EU/UK) or the California Privacy Protection Agency.
In the preceding 12 months, we have collected the following categories of personal information for the business and commercial purposes described in Sections 4 and 5: identifiers; commercial information (transactions); internet or network activity; approximate geolocation; audio/electronic information; professional or employment information (as provided); and inferences. We retain each category for the period described in Section 10.
We do not "sell" or "share" personal information as those terms are defined under CCPA, and we have not sold or shared personal information of California residents in the preceding 12 months. We do not knowingly sell or share the personal information of anyone under 16.
California residents have the rights listed in Section 15 and the right to non-discrimination for exercising them. You may designate an authorized agent to act on your behalf. Contact privacy@vantageevents.app.
We do not intentionally collect sensitive personal information (as defined under CCPA/CPRA, GDPR special-category data, or similar statutes). Organizers should not configure registration forms to collect categories such as health, immigration status, biometric, precise geolocation, union membership, religion, or sexual orientation unless strictly necessary, with a lawful basis and appropriate consent.
The Service is not directed to children under 13 in the United States (COPPA) or under 16 in the EEA/UK. We do not knowingly collect personal information from such individuals. If you believe a child has provided us information, contact us and we will delete it.
The Service may link to, or interoperate with, third-party sites, services, and integrations. Their processing of personal information is governed by their own privacy policies. We are not responsible for the practices of third parties you authorize.
We may update this Policy from time to time. If changes are material, we will provide reasonable advance notice through the Service, by email to the address on file, or by posting a prominent notice on our website, and will update the "Effective date" above. Your continued use of the Service after the effective date constitutes acceptance of the updated Policy.
For privacy questions or to exercise rights, contact us at privacy@vantageevents.app or info@vantageevents.app. Physical mailing address: [Insert official business mailing address before public launch].