Privacy Policy

Last updated: December 2025

1. Introduction

Welcome to Yup! Events ("we," "our," or "us"). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our event management platform.

Yup! Events is operated from Portugal and complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller: Yup! Events
Contact: For any privacy-related questions, please contact us at privacy@evental.app

2. Information We Collect

We collect the following types of information when you use Yup! Events:

2.1 Account Information

  • Personal details: Name, email address, phone number, profile picture
  • Organization information: Organization name, legal name, business address, tax identification number, business type
  • Authentication data: Password (encrypted), login credentials

2.2 Event and Participation Data

  • Event information: Event names, descriptions, dates, locations, budgets
  • Participation details: Vendor, sponsor, and performer information, participation status, role assignments
  • Communication data: Messages, invitations, responses, and notifications related to events

2.3 Payment Information

  • Payment processing: We use Stripe to process payments. We do not store complete credit card numbers on our servers
  • Financial data: Bank account details (for payouts), billing addresses, transaction history
  • Invoicing information: Tax rates, fees, payment records

2.4 Usage and Technical Data

  • Device information: IP address, browser type, operating system, device identifiers
  • Usage patterns: Pages visited, features used, time spent on platform, click patterns
  • Cookies and tracking: Session cookies, preference cookies, analytics cookies (see Section 8)

2.5 Communications

  • Support inquiries: Messages sent to customer support, feedback submissions
  • Marketing preferences: Email subscription status, communication preferences

3. How We Use Your Information

We use your personal data for the following purposes:

  • Service delivery: To provide and maintain the Yup! Events platform, create and manage your account, process events and participations
  • Payment processing: To process payments, manage invoices, and handle financial transactions through Stripe
  • Communication: To send service-related notifications, event invitations, system updates, and respond to your inquiries
  • Platform improvement: To analyze usage patterns, improve features, fix bugs, and enhance user experience
  • Security: To detect fraud, prevent abuse, ensure platform security, and protect user accounts
  • Legal compliance: To comply with legal obligations, respond to legal requests, enforce our terms of service
  • Marketing (with consent): To send promotional emails about new features, updates, and event management tips (you can opt out anytime)

Legal Basis for Processing (GDPR)

  • Contract performance: Processing necessary to provide services you've requested
  • Consent: Where you've given explicit consent (e.g., marketing emails)
  • Legitimate interests: For platform improvement, security, and fraud prevention
  • Legal obligations: To comply with tax, accounting, and other legal requirements

4. How We Share Your Information

We share your personal data only in the following circumstances:

  • With event participants: When you create an event and invite participants (vendors, sponsors, performers), your organization details and event information are shared with invited participants
  • Within your organization: Members of your organization can access shared event and participation data
  • Service providers: We share data with trusted third-party service providers who assist us in operating the platform:
    • Stripe: Payment processing (see Stripe Privacy Policy)
    • Email service providers: For sending transactional and marketing emails
    • Cloud hosting providers: For secure data storage and platform infrastructure
    • Analytics providers: For usage analytics and platform improvement
  • Legal requirements: When required by law, court order, or governmental authority
  • Business transfers: In connection with a merger, acquisition, or sale of assets (users will be notified)
  • With your consent: For any other purpose with your explicit consent

We do not sell your personal data to third parties.

5. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this Privacy Policy:

  • Active accounts: Data retained while your account is active
  • Closed accounts: Personal data deleted within 90 days of account closure, except where longer retention is required by law
  • Financial records: Retained for 7 years to comply with tax and accounting regulations
  • Legal compliance: Data retained longer if required for legal, dispute resolution, or regulatory purposes
  • Anonymized data: We may retain anonymized, aggregated data indefinitely for analytics and research

6. Your Rights Under GDPR

As a user in the European Union, you have the following rights regarding your personal data:

  • Right to access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure ("right to be forgotten"): Request deletion of your personal data
  • Right to restrict processing: Request limitation on how we use your data
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent: Withdraw consent at any time (where processing is based on consent)
  • Right to lodge a complaint: File a complaint with your local data protection authority (in Portugal: CNPD - Comissão Nacional de Proteção de Dados)

To exercise any of these rights, please contact us at privacy@evental.app. We will respond within 30 days.

7. Data Security

We implement industry-standard security measures to protect your personal data:

  • Encryption: Data encrypted in transit (TLS/SSL) and at rest
  • Access controls: Role-based access restrictions, authentication requirements
  • Secure infrastructure: Hosted on secure cloud servers with regular security updates
  • Payment security: PCI-DSS compliant payment processing through Stripe
  • Regular audits: Security assessments and vulnerability testing
  • Employee training: Staff trained on data protection and security best practices

While we take extensive measures to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but continuously work to improve our safeguards.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

  • Essential cookies: Required for platform functionality (login sessions, security)
  • Preference cookies: Remember your settings and preferences
  • Analytics cookies: Help us understand how users interact with the platform
  • Marketing cookies: Used to deliver relevant advertisements (with your consent)

You can control cookies through your browser settings. Disabling essential cookies may affect platform functionality.

9. International Data Transfers

Yup! Events operates primarily in Portugal. However, some of our service providers (e.g., cloud hosting, analytics) may process data outside the European Economic Area (EEA).

When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs): EU-approved data transfer agreements
  • Adequacy decisions: Transfers to countries recognized by the EU as providing adequate protection
  • Privacy Shield (where applicable): For transfers to certified U.S. companies

10. Children's Privacy

Yup! Events is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe we have collected data from a child under 16, please contact us immediately at privacy@evental.app, and we will delete the information.

11. Third-Party Links

Our platform may contain links to third-party websites or services (e.g., Stripe, social media). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or platform features. We will notify you of significant changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending an email notification to your registered email address
  • Displaying a prominent notice on the platform

Continued use of Yup! Events after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: privacy@evental.app
  • Data Protection Officer: dpo@evental.app
  • Address: Couraça da Estrela 12, 3000-433 Coimbra, Portugal

For GDPR-related complaints, you may also contact the CNPD - Comissão Nacional de Proteção de Dados:

© 2026 Yup! Events. Privacy Policy.