Privacy Policy

Eventi Pty Ltd

1. Introduction

Eventi ("we", "our", "us") operates the Eventi mobile application (the "App") and the website at eventimeetup.com (the "Website"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our App and Website.

We are committed to protecting your privacy and complying with applicable data protection laws, including:

• The Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)
• The UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018, for users in the United Kingdom
• The EU General Data Protection Regulation (GDPR), for users in the European Economic Area
• The Personal Information Protection and Electronic Documents Act (PIPEDA), for users in Canada
• The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), for users in California, United States

By using Eventi, you consent to the practices described in this Privacy Policy. Where applicable law requires a different legal basis (such as legitimate interest or contractual necessity), we rely on that basis as described in the relevant sections below.

2. Information We Collect

2.1 Information You Provide

2.2 Information Collected Automatically

2.3 Information from Third Parties

3. How We Use Your Information

We use your personal information to:

3.1 Provide the Service

• Create and manage your account
• Display your profile to other users
• Show relevant events, rooms, and posts based on your location and interests
• Enable messaging between users
• Process room memberships and RSVPs

3.2 Personalise Your Experience

• Show events and rooms based on your selected location and filters
• Show content relevant to your city
• Remember your preferences

3.3 Communicate With You

• Send verification codes
• Notify you about room updates, messages, and activity
• Send important service announcements
• Respond to your enquiries

3.4 Safety and Security

• Verify your identity and age (18+)
• Detect and prevent fraud, abuse, and policy violations
• Enforce our Terms of Service and Community Guidelines
• Respond to legal requests

3.5 Improve Our Service

• Analyse usage patterns
• Fix bugs and technical issues
• Develop new features

4. How We Share Your Information

4.1 With Other Users

When you use Eventi, certain information is visible to other users:

You control:

• Post visibility (Everyone, Women Only, Men Only, Custom)
• Room visibility (Public or Private)
• Location reveal timing for rooms

4.2 With Service Providers (Sub-Processors)

We share data with trusted third parties who help us operate the App. These providers act as data processors on our behalf and are contractually obligated to protect your data and process it only on our instructions.

4.3 For Legal Reasons

We may disclose your information if required by law, including:

• To comply with legal process (subpoena, court order)
• To respond to requests from the eSafety Commissioner or equivalent regulatory bodies in your jurisdiction
• To protect the rights, safety, or property of Eventi, our users, or the public
• To detect, prevent, or address fraud, security, or technical issues

4.4 Business Transfers

If Eventi is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5. Data Storage & Residency

Your personal data is primarily stored in Sydney, Australia (AWS ap-southeast-2 region) via our infrastructure provider, Supabase. Supabase acts as a data processor on our behalf and processes your data only in accordance with our instructions.

Some data may be processed internationally by our service providers as described in Section 4.2. Where data is transferred outside of your country of residence, we ensure appropriate safeguards are in place (see Section 11).

6. Location Data

6.1 How We Use Location

• City-level location is required to show you relevant local content
• Precise location (GPS) is optional and used for map-based discovery

6.2 Your Controls

• You can enable/disable location permissions in your device settings
• Room hosts can set location reveal timing (immediate, members only, or timed)

6.3 We Never

• Sell your location data
• Share your precise location with other users without your consent
• Track your location when the App is not in use

7. Analytics & Usage Tracking

7.1 In the App

The Eventi app uses Apple's built-in diagnostics and crash reporting only. This data is collected by Apple and may be shared with us in aggregated, non-identifying form through App Store Connect. We do not use third-party analytics SDKs in the app.

7.2 On the Website

Our website (eventimeetup.com) uses Google Analytics 4 to understand how visitors interact with the site. Google Analytics collects:

• Page views and navigation patterns
• Approximate geographic location (country/city level)
• Device and browser information
• Referral sources

This data is aggregated and used to improve our website. It is not linked to your Eventi app account. See Section 8 for cookie details.

7.3 How This Data Is Used

Analytics data is used to:

• Identify and fix crashes and performance issues
• Understand which features are used most
• Improve the overall user experience

We do not use analytics data to build individual user profiles or make automated decisions about you.

8. Cookies & Web Tracking

Our website uses cookies, which are small text files stored on your device by your web browser.

8.1 Cookies We Use

8.2 Your Cookie Controls

You can control cookies through your browser settings. Most browsers allow you to block or delete cookies. Note that blocking essential cookies may affect website functionality.

The Eventi mobile app does not use cookies.

9. Your Rights

9.1 All Users (Australian Privacy Principles)

Under the Privacy Act 1988, you have the right to:

• Access your data — Request a copy of the personal information we hold about you
• Correct your data — Update your profile information at any time in the App, or contact us to correct other data
• Delete your data — Delete your account in the App (Settings > Account > Delete Account). This removes your profile from public view immediately and anonymises your data within 30 days
• Opt out of marketing — Manage notification preferences in Settings or unsubscribe from marketing emails at any time
• Withdraw consent — Withdraw consent for optional data collection (e.g., location) at any time via device settings or the App

9.2 Users in the European Economic Area & United Kingdom (GDPR)

If you are located in the EEA or UK, you have additional rights under GDPR:

• Right of access — Obtain confirmation of whether we process your data and request a copy
• Right to rectification — Request correction of inaccurate personal data
• Right to erasure — Request deletion of your personal data (subject to legal obligations)
• Right to data portability — Receive your personal data in a structured, commonly used, machine-readable format
• Right to restrict processing — Request that we limit how we use your data in certain circumstances
• Right to object — Object to processing based on legitimate interests, including direct marketing
• Rights related to automated decision-making — Eventi does not currently make automated decisions that produce legal or similarly significant effects on you (see Section 10)

To exercise these rights, contact us at support@eventimeetup.com. We will respond within 30 days. If you are not satisfied with our response, you may lodge a complaint with your local data protection authority (e.g., the ICO in the UK).

9.3 Users in Canada (PIPEDA)

If you are located in Canada, you have rights under PIPEDA, including:

• Access — Request access to the personal information we hold about you
• Correction — Request correction of inaccurate or incomplete information
• Withdrawal of consent — Withdraw consent for the collection, use, or disclosure of your personal information, subject to legal or contractual restrictions
• Complaints — File a complaint with the Office of the Privacy Commissioner of Canada

9.4 Users in California, United States (CCPA/CPRA)

If you are a California resident, you have rights under the CCPA and CPRA, including:

• Right to know — Request disclosure of the categories and specific pieces of personal information we collect, use, and disclose
• Right to delete — Request deletion of your personal information
• Right to opt out of sale — We do not sell your personal information. No opt-out is necessary
• Right to non-discrimination — We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at support@eventimeetup.com.

10. Automated Recommendations & Decision-Making

Eventi shows you events, rooms, and content based on:

• Your selected city or location
• Filters and preferences you set (e.g., event categories, date ranges)
• Your map region when browsing

This content surfacing is user-driven, not based on automated profiling or algorithmic scoring. We do not make any automated decisions that produce legal or similarly significant effects on you.

If we introduce algorithmic recommendations in the future, we will update this policy and notify you accordingly.

11. International Data Transfers

Your personal data is primarily stored in Sydney, Australia (AWS ap-southeast-2) via Supabase. However, some data may be processed outside Australia by the following services:

Where your data is transferred outside your country of residence, we ensure appropriate safeguards are in place, including:

• Standard contractual clauses (SCCs) where required under GDPR
• Binding data processing agreements with all service providers
• Compliance with Australian Privacy Principle 8 (APP 8) for cross-border disclosure
• Compliance with relevant data protection laws in the destination country

12. Data Retention

13. Data Security

We implement appropriate technical and organisational measures to protect your data, including:

• Encryption in transit (TLS/SSL)
• Encryption at rest
• Row-level security policies
• Secure authentication (phone OTP)
• Regular security reviews

However, no method of transmission or storage is 100% secure. You are responsible for keeping your account credentials secure.

14. Children's Privacy

Eventi is intended for users aged 18 and over. We do not knowingly collect personal information from anyone under 18.

If we become aware that we have collected data from someone under 18, we will delete it immediately. If you believe a minor is using Eventi, please contact us.

15. Third-Party Links

The App may contain links to third-party websites or services (e.g., Ticketmaster for ticket purchases). We are not responsible for their privacy practices. Please review their privacy policies.

16. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy in the App and on the Website
• Sending you a notification (for significant changes)

Your continued use of Eventi after changes constitutes acceptance of the updated policy.

17. Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:

Eventi Pty Ltd
Email: support@eventimeetup.com

18. Complaints

If you are not satisfied with our response to a privacy complaint, you may contact the relevant authority in your jurisdiction:

Australia

Office of the Australian Information Commissioner (OAIC):

• Website: www.oaic.gov.au
• Phone: 1300 363 992
• Email: enquiries@oaic.gov.au

United Kingdom

Information Commissioner's Office (ICO):

• Website: ico.org.uk

European Union

Contact your local Data Protection Authority. A list is available at edpb.europa.eu.

Canada

Office of the Privacy Commissioner of Canada:

• Website: www.priv.gc.ca

19. Privacy Policy Summary

We never sell your data. We never share your location without consent.

This Privacy Policy is governed by the laws of Australia. Where you are located in another jurisdiction, the applicable local data protection laws also apply to our processing of your personal data as described in this policy.