GDPR

Last updated: 2025-06-18

Data Processing Statement

Event Sponge ("we", "us", or "our") is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR). This document outlines how we collect, process, and protect your personal data.

Personal Data We Collect

We collect the following personal data when you use our service:

  • Account Information: Name, email address, and profile information you provide during registration
  • Usage Data: Information about how you use our service, including activity logs and feature usage
  • Technical Data: IP addresses, browser information, and device data necessary for service functionality

How We Use Your Data

Your personal data is used for:

  • Providing and maintaining our service
  • Processing payments and managing your subscription
  • Sending transactional emails and service notifications
  • Improving our service functionality and user experience
  • Ensuring security and preventing fraud

Data Storage and Retention

  • Database Storage: Your data is stored securely in our database systems
  • Access Control: Only you, as the data owner, can access your personal data through our service
  • Retention Period: Data retention is determined by your subscription plan. Activity logs and usage data are maintained as long as your account is active
  • Account Deletion: You can delete your account at any time, which will permanently remove all your personal data from our systems

Cookie Usage

We use cookies that are essential for service functionality:

  • Authentication Cookies: Required for maintaining your login session
  • Security Cookies: Necessary for protecting against unauthorized access
  • Functional Cookies: Enable core service features and user preferences

These cookies are strictly necessary for the service to function properly and cannot be disabled.

Third-Party Services

We work with the following third-party services, each with their own privacy policies:

  • Lemon Squeezy: Payment processing and subscription management
  • Sentry: Error monitoring and performance tracking
  • SendGrid: Transactional email delivery

Data Hosting

Your data is hosted on secure cloud infrastructure provided by:

  • Digital Ocean: Primary application hosting
  • Google Cloud: Additional services and data processing
  • Cloudflare: Content delivery and security services

All hosting providers maintain strict security standards and GDPR compliance.

Your Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to data processing
  • Withdraw consent where applicable

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

International Data Transfers

Your data may be processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place for such transfers in accordance with GDPR requirements.

Contact Information

For any questions about this GDPR statement or to exercise your data protection rights, please contact us at [email protected].

We will respond to your request within 30 days of receipt.