Privacy Policy

Last updated: April 28, 2026

1. Introduction & Data Controller

This Privacy Policy explains how WhereIsMyEvent ("we", "us", "our") collects, uses and protects your personal data when you use our platform and services. WhereIsMyEvent acts as the data controller for the personal data described in this policy.

We are committed to protecting your privacy and handling your data in a transparent, lawful manner.

2. Data We Collect

We collect the following categories of data:

• Account information: Name, email address, organization name and password (stored as a secure hash) when you register for an account.
• Event data: Event titles, descriptions, dates, locations, addresses, images and categories that you create through the platform.
• Widget analytics: Aggregated and anonymized data about widget interactions, including page views, pin clicks and add-to-calendar actions. We do not track individual end-users of the widget.
• Payment information: Billing details are collected and processed exclusively by our payment provider, Stripe. We do not store credit card numbers or banking details on our servers. We retain only a Stripe customer identifier and subscription status.
• Technical data: IP address, browser type, device information and access logs for security and service improvement purposes.

3. How We Use Data

We use your data to:

• Provide, operate and maintain the Service;
• Process your subscription and payments;
• Send transactional emails (account verification, login links, team invitations);
• Generate analytics and usage reports for your dashboard;
• Improve the Service, fix bugs and develop new features;
• Comply with legal obligations;
• Protect against fraud and abuse.

We do not use your data for advertising or profiling purposes.

4. Data Sharing

We do not sell, rent or trade your personal data. We share data only in the following circumstances:

• Stripe: Payment and billing data is shared with Stripe for payment processing. Stripe's privacy policy governs their use of this data.
• Legal requirements: We may disclose data if required by law, regulation, legal process or governmental request.
• Business transfers: In the event of a merger, acquisition or sale of assets, your data may be transferred as part of the transaction. We will notify you of any such change.

5. Cookies & Tracking

The WhereIsMyEvent platform uses essential cookies for authentication and session management. We do not use third-party advertising trackers.

The embeddable map widget collects anonymized view and interaction data for analytics purposes. This data is aggregated and cannot be used to identify individual users. No third-party tracking scripts are loaded by the widget.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide you with the Service. Specifically:

• Account data: Retained until you delete your account.
• Event data: Retained until you delete the events or your account.
• Analytics data: Retained in aggregated form for up to 24 months.
• Payment records: Retained as required by tax and accounting regulations.
• Server logs: Retained for up to 90 days.

Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law.

7. User Rights

You have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data and account.
• Export: Request a machine-readable export of your data.
• Restriction: Request that we limit the processing of your data in certain circumstances.
• Objection: Object to processing of your data where we rely on legitimate interests.

To exercise any of these rights, please contact us at privacy@whereismyevent.com. We will respond within 30 days.

8. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If we learn that we have collected data from a child, we will delete it promptly. If you believe a child has provided us with personal data, please contact us.

9. International Data Transfers

Your data may be processed in countries other than your country of residence. When we transfer data internationally, we implement appropriate safeguards to ensure your data is protected in accordance with applicable data protection laws.

10. Security Measures

We implement technical and organizational measures to protect your data, including:

• Encryption of data in transit (TLS/HTTPS);
• Secure password hashing;
• Role-based access controls;
• Regular security reviews and updates;
• Minimal data collection (we only collect what is necessary).

While we take reasonable precautions, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

11. Changes to Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or through the Service. The "Last updated" date at the top of this page indicates when the policy was last revised.

12. Contact

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at privacy@whereismyevent.com.