Privacy Policy

1. What we collect

Workspace data. When an organizer creates a workspace we store the email and basic profile of the workspace owner and any collaborators they invite.

Event data. Anything you upload as part of running an event — registration form responses, ticket purchases, exhibitor records, deposit receipts, file uploads — is stored to deliver the service.

Operational logs. We log API calls and dashboard actions to detect abuse, debug failures, and provide an audit trail. Logs are stored in our cloud object storage and rotated on a fixed retention schedule.

2. How we use it

• To run the service you’re paying for.
• To send transactional email (invoices, account activations, deposit confirmations) via our email delivery provider.
• To detect abuse and respond to support requests.
• We do not sell your data, ever.

3. Where it lives

All data is stored on a globally distributed cloud platform: a SQL database for structured data, object storage for file uploads, and key-value caching for performance. Our cloud provider’s data residency rules apply.

4. Subprocessors

We rely on the following subprocessors to deliver the service. Naming them here is a compliance disclosure, not an endorsement — you don’t need to know any of these names to use toEvents.

• Cloudflare — compute, storage, edge delivery and transactional email.
• Stripe — payment processing for paid registrations.
• PayPal / Alipay — alternative payment rails (per workspace configuration).

5. Your rights

You can export your full workspace at any time. You can request deletion via privacy@to.events; we will action it within 30 days unless retention is required by law (e.g., financial records).

6. Cookies

We use strictly necessary cookies (session, locale preference). No third-party advertising or tracking cookies are set.

7. Contact

Privacy questions: privacy@to.events. toEvents is a product of ePark.