Privacy Policy

1. Introduction

Eventimio ("we," "us," or "our") operates the event planning platform at eventimio.ai. This Privacy Policy explains how we collect, use, store, and protect your personal information, including biometric data, when you use our services.

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), the Illinois Biometric Information Privacy Act (BIPA), and the California Consumer Privacy Act (CCPA/CPRA).

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address (used for passwordless magic link authentication)
• Phone number (optional, for OTP verification)
• Name and profile information you provide

2.2 Event and Guest Information

When you create and manage events, we process:

• Event details (name, date, venue, type)
• Guest information (names, email addresses, phone numbers, dietary restrictions, RSVP status)
• Budget and vendor information
• Seating arrangements
• Task lists and notes

2.3 Photos

When you upload photos to your event gallery, we store them securely with industry-standard encryption at rest.

2.4 Biometric Data

What we collect:

• Facial feature embeddings (mathematical vectors derived from photos)
• Face bounding box coordinates (location of faces within photos)
• Face thumbnail images (cropped face regions)

How we process it:

• Photos are processed by our facial recognition service
• The service detects faces and generates numerical embeddings
• Embeddings are stored in our database and used to match faces across photos within the same event
• Face thumbnails are generated and stored for display purposes

What we do NOT do:

• We do not sell, lease, trade, or otherwise profit from biometric data
• We do not share biometric data with third parties
• We do not use biometric data for surveillance, tracking, or identification outside your event
• We do not share biometric data across organizations or events belonging to different users
• We do not use biometric data for training AI models

3. Consent for Biometric Data

We require your explicit consent before processing any biometric data. Facial recognition features are disabled until you actively opt in through our consent dialog in your account settings.

Your consent is recorded with:

• Timestamp of when consent was given
• The specific consent text you agreed to
• Your IP address and browser information (for audit purposes)

You may withdraw consent at any time from your Account Settings under Privacy & Data. Withdrawing consent will promptly trigger deletion of all your biometric data. Deletion is completed as soon as technically practicable.

3.1 Guest Consent (Selfie Finder)

When event guests use the Selfie Finder feature, they must explicitly consent to biometric data processing by checking a consent checkbox before uploading their photo. Guest consent is recorded with the same audit trail as organizer consent.

4. Data Retention and Deletion

4.1 Biometric Data Retention

• Automatic deletion: Face embeddings and thumbnails are automatically deleted after 90 days
• Consent withdrawal: All biometric data is deleted immediately when you withdraw consent
• Account deletion: All data, including biometric data, is permanently deleted when you delete your account

Deletion is verified and logged in our biometric audit trail.

4.2 Other Data Retention

• Account data: retained while your account is active, plus 2 years after closure
• Photos: retained while your account is active (you control deletion)
• Event data: retained while your account is active, plus 2 years after closure
• Audit logs: retained for 3 years
• Consent records: retained for 7 years (legal requirement)

5. Your Rights

5.1 Under GDPR (EU/EEA Residents)

• Right of Access (Art. 15): Request a copy of all your data via Account Settings → Export Data
• Right to Erasure (Art. 17): Delete your account and all associated data via Account Settings
• Right to Withdraw Consent (Art. 7): Withdraw biometric consent at any time via Account Settings → Privacy
• Right to Data Portability (Art. 20): Export your data in machine-readable JSON format
• Right to Restrict Processing (Art. 18): Contact us to restrict processing of your data
• Right to Object (Art. 21): Object to processing based on legitimate interests

5.2 Under BIPA (Illinois Residents)

In compliance with the Illinois Biometric Information Privacy Act (740 ILCS 14):

• We provide written notice before collecting biometric data (this policy and our consent dialog)
• We obtain your written release (consent) before collection
• We publish this retention schedule and destruction guidelines
• We do not sell, lease, trade, or profit from your biometric data
• We store and protect biometric data using reasonable security measures, at least as protective as measures used for other confidential information

5.3 Under CCPA/CPRA (California Residents)

• Biometric information is classified as "sensitive personal information"
• You have the right to limit use and disclosure of sensitive personal information
• You have the right to delete your personal information
• You have the right to know what personal information is collected and why
• We do not sell personal information

6. Security Measures

We protect your data with:

• Passwordless authentication (magic link — no passwords stored)
• Role-based access control (5 permission levels)
• Organization-level data isolation (your data is never accessible to other organizations)
• Encryption in transit (TLS/HTTPS via Cloudflare)
• Encryption at rest for stored photos and database
• Rate limiting on all API endpoints
• Comprehensive audit logging of all data access and modifications
• Automated security scanning in our development pipeline
• Regular security audits

7. Data Sharing and Third Parties

We use trusted third-party service providers for infrastructure hosting, content delivery, photo storage, facial recognition processing, and phone verification. The majority of data processing — including personal information, event data, and biometric data — takes place within the European Union. Certain limited functions use providers outside the EU as described in the International Data Transfers section below.

We do not sell your personal information to any third party. We share data with service providers only as necessary to operate the platform, under appropriate data processing agreements. All our service providers maintain industry-standard security certifications.

8. International Data Transfers

Your core data — including personal information, event data, and all biometric data (face embeddings) — is processed and stored exclusively in the European Union. Our servers, database, and facial recognition processing all operate within the EU.

Limited data flows to US-based services for specific functions:

• Phone verification (Twilio): Your phone number is sent to Twilio for OTP verification
• OAuth login (Google, GitHub): If you choose to link a social account, your email and name are shared with the provider

These US-based providers are certified under the EU-US Data Privacy Framework (DPF), providing an adequate level of data protection as recognized by the European Commission. No biometric data is ever transferred outside the EU.

9. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the platform. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Us

For privacy-related inquiries, data access requests, or to exercise your rights:

• Email: [email protected]
• Website: eventimio.ai

For GDPR-specific inquiries, you may also contact your local data protection supervisory authority.