1. Information We Collect

We collect the following information when you use Gevent:

Information you provide

Account data: name, email, password (hashed), venue name, phone
Event data: guest names, table numbers, dietary restrictions, confirmation statuses
Business data: lead information, budgets, billing data
Team data: names and emails of your staff members
Gallery photos: images uploaded to the event wall (EXIF data is removed during processing)

Automatically collected information

Usage data: pages visited, features used, access times
Technical data: IP address, browser type, operating system, device type
Technical cookies: we use essential cookies for authentication and session preferences

2. Legal Basis for Processing

We process your data under the following legal bases:

Consent: granted when creating your account and accepting these terms
Contractual fulfillment: necessary to provide you with the contracted service
Legitimate interest: to improve the service, prevent fraud and ensure security
Legal obligation: when the law requires us to retain or share data

3. How We Use Your Information

We use your data to:

Provide and maintain the Gevent service
Process RSVP confirmations and send event-related notifications
Send transactional emails (confirmations, alerts, account changes)
Send push notifications (only with your explicit consent)
Improve the platform based on aggregated usage patterns
Prevent fraud and ensure service security
Comply with legal obligations

We do not sell your personal data or your guests' data to third parties.

4. Guest Data

As a Gevent user, you are responsible for the guest data you upload to the platform. We act as data processors on your behalf. This includes:

Names, confirmation statuses and table assignments
Dietary restrictions and menu preferences
Post-event survey responses
Event wall messages
Photos uploaded to the event gallery

You are responsible for informing your guests that their data will be processed through our platform and for obtaining their consent. If you upload data of minors as guests, you guarantee that you have the corresponding parental authorization.

5. Sharing Information — Sub-processors

We share information with the following infrastructure providers:

Supabase (database and storage) — United States
Vercel (hosting and edge functions) — United States
Resend (transactional email delivery) — United States
OpenAI (AI features, when activated) — United States
Stripe / MercadoPago (payment processing, when activated) — United States / Argentina

We also share information within your organization: your team members can see data according to their assigned role.

All our providers comply with security and data protection standards. We maintain standard contractual clauses with providers in the United States to ensure data protection in international transfers.

6. Web Push and Notifications

If you enable push notifications, we store your push subscription endpoint with your explicit consent. You can disable notifications at any time from your account settings or from your browser.

7. Photo Gallery

Photos uploaded to the event gallery are processed as follows:

EXIF data (location, camera model, etc.) is removed during processing
Photos are resized and converted to WebP format for optimization
Photos automatically expire 30 days after the event date and are irreversibly deleted

8. Technical Cookies

Gevent uses the following strictly necessary cookies:

sb-*-auth-token: Supabase authentication token to keep your session active
theme: your light/dark theme preference
NEXT_LOCALE: your language preference

We do not use third-party cookies for advertising or tracking. We do not use Google Analytics or third-party tracking tools.

9. Data Security

We implement security measures that include:

Data encryption in transit (HTTPS/TLS) and at rest
Secure authentication with JWT tokens and refresh tokens
Row-level security policies (RLS) in the database
Role-restricted access (owner, admin, manager, staff, receptionist)
Automatic daily backups

No system is 100% secure. In the event of a security breach affecting your data, we will notify you within 72 hours.

10. Data Retention

We retain your data while your account is active. When deleting your account:

You have 30 days to export your data
After that period, your personal data is irreversibly deleted
Event data is anonymized or deleted according to your preference
Backups are purged within 90 days
Data required by law may be retained for the legally established period

11. Your Rights

You have the right to:

Access: request a copy of your personal data
Rectification: correct inaccurate or incomplete data
Deletion: request the deletion of your data
Portability: receive your data in a structured and readable format
Objection: object to the processing of your data for specific purposes

To exercise these rights, contact us at hola@gevent.pro. We will respond within 30 business days.

12. Minors

Gevent is not directed at minors under 18 years of age. We do not intentionally collect data from minors. If you believe a minor has provided us with information, contact us so we can delete it.

13. International Transfers

Your data may be processed on servers located outside Argentina (United States) through our infrastructure providers. We maintain standard contractual clauses with these providers to ensure adequate levels of data protection.

14. Changes to this Policy

We may update this policy periodically. We will notify you of significant changes by email. The "last updated" date at the beginning of this document indicates when the last modification was made.

Subprocesadores

Para operar Gevent contratamos a terceros de confianza ("subprocesadores") que procesan datos personales por nuestra cuenta. Cada uno firmó un Acuerdo de Procesamiento de Datos (DPA) con cláusulas estándar de la UE para transferencias internacionales.

Proveedor	Servicio	Datos	Ubicación
Vercel	Hosting + CDN + crons	Logs, IPs, request bodies	EE.UU. / UE
Supabase	Base de datos + Auth + Storage	Cuentas, eventos, invitados, archivos	EE.UU. (us-east-1)
Stripe	Procesamiento de pagos	Email, dirección, datos de tarjeta (no almacenamos PAN)	EE.UU. / UE
Resend	Email transaccional	Email destinatario, contenido, tracking de delivery/open	EE.UU.
OpenAI	Asistente IA (BelIA copilot)	Texto del prompt, contexto del evento (sin entrenar modelos)	EE.UU.
Sentry	Monitoreo de errores	Stack traces, IDs anonimizados, breadcrumbs	EE.UU. / UE
Google Workspace	Email + Calendar (cuenta de soporte)	Inbox de soporte hola@gevent.pro	EE.UU. / global
Upstash	Rate limiting (Redis)	IPs, tokens (TTL corto, no persistente)	EE.UU. / UE

Si agregamos un nuevo subprocesador o cambiamos la ubicación de procesamiento, actualizamos esta tabla y avisamos por email con al menos 14 días de anticipación a clientes con cuentas activas.

15. Contact

For privacy or data protection inquiries, contact us at hola@gevent.pro.

1. Information We Collect

We collect the following information when you use Gevent:

Information you provide

Account data: name, email, password (hashed), venue name, phone
Event data: guest names, table numbers, dietary restrictions, confirmation statuses
Business data: lead information, budgets, billing data
Team data: names and emails of your staff members
Gallery photos: images uploaded to the event wall (EXIF data is removed during processing)

Automatically collected information

Usage data: pages visited, features used, access times
Technical data: IP address, browser type, operating system, device type
Technical cookies: we use essential cookies for authentication and session preferences

2. Legal Basis for Processing

We process your data under the following legal bases:

Consent: granted when creating your account and accepting these terms
Contractual fulfillment: necessary to provide you with the contracted service
Legitimate interest: to improve the service, prevent fraud and ensure security
Legal obligation: when the law requires us to retain or share data

3. How We Use Your Information

We use your data to:

Provide and maintain the Gevent service
Process RSVP confirmations and send event-related notifications
Send transactional emails (confirmations, alerts, account changes)
Send push notifications (only with your explicit consent)
Improve the platform based on aggregated usage patterns
Prevent fraud and ensure service security
Comply with legal obligations

We do not sell your personal data or your guests' data to third parties.

4. Guest Data

As a Gevent user, you are responsible for the guest data you upload to the platform. We act as data processors on your behalf. This includes:

Names, confirmation statuses and table assignments
Dietary restrictions and menu preferences
Post-event survey responses
Event wall messages
Photos uploaded to the event gallery

5. Sharing Information — Sub-processors

We share information with the following infrastructure providers:

Supabase (database and storage) — United States
Vercel (hosting and edge functions) — United States
Resend (transactional email delivery) — United States
OpenAI (AI features, when activated) — United States
Stripe / MercadoPago (payment processing, when activated) — United States / Argentina

We also share information within your organization: your team members can see data according to their assigned role.

6. Web Push and Notifications

If you enable push notifications, we store your push subscription endpoint with your explicit consent. You can disable notifications at any time from your account settings or from your browser.

7. Photo Gallery

Photos uploaded to the event gallery are processed as follows:

EXIF data (location, camera model, etc.) is removed during processing
Photos are resized and converted to WebP format for optimization
Photos automatically expire 30 days after the event date and are irreversibly deleted

8. Technical Cookies

Gevent uses the following strictly necessary cookies:

sb-*-auth-token: Supabase authentication token to keep your session active
theme: your light/dark theme preference
NEXT_LOCALE: your language preference

We do not use third-party cookies for advertising or tracking. We do not use Google Analytics or third-party tracking tools.

9. Data Security

We implement security measures that include:

Data encryption in transit (HTTPS/TLS) and at rest
Secure authentication with JWT tokens and refresh tokens
Row-level security policies (RLS) in the database
Role-restricted access (owner, admin, manager, staff, receptionist)
Automatic daily backups

No system is 100% secure. In the event of a security breach affecting your data, we will notify you within 72 hours.

10. Data Retention

We retain your data while your account is active. When deleting your account:

You have 30 days to export your data
After that period, your personal data is irreversibly deleted
Event data is anonymized or deleted according to your preference
Backups are purged within 90 days
Data required by law may be retained for the legally established period

11. Your Rights

You have the right to:

Access: request a copy of your personal data
Rectification: correct inaccurate or incomplete data
Deletion: request the deletion of your data
Portability: receive your data in a structured and readable format
Objection: object to the processing of your data for specific purposes

To exercise these rights, contact us at hola@gevent.pro. We will respond within 30 business days.

12. Minors

Gevent is not directed at minors under 18 years of age. We do not intentionally collect data from minors. If you believe a minor has provided us with information, contact us so we can delete it.

13. International Transfers

14. Changes to this Policy

We may update this policy periodically. We will notify you of significant changes by email. The "last updated" date at the beginning of this document indicates when the last modification was made.

Subprocesadores

Proveedor	Servicio	Datos	Ubicación
Vercel	Hosting + CDN + crons	Logs, IPs, request bodies	EE.UU. / UE
Supabase	Base de datos + Auth + Storage	Cuentas, eventos, invitados, archivos	EE.UU. (us-east-1)
Stripe	Procesamiento de pagos	Email, dirección, datos de tarjeta (no almacenamos PAN)	EE.UU. / UE
Resend	Email transaccional	Email destinatario, contenido, tracking de delivery/open	EE.UU.
OpenAI	Asistente IA (BelIA copilot)	Texto del prompt, contexto del evento (sin entrenar modelos)	EE.UU.
Sentry	Monitoreo de errores	Stack traces, IDs anonimizados, breadcrumbs	EE.UU. / UE
Google Workspace	Email + Calendar (cuenta de soporte)	Inbox de soporte hola@gevent.pro	EE.UU. / global
Upstash	Rate limiting (Redis)	IPs, tokens (TTL corto, no persistente)	EE.UU. / UE

Si agregamos un nuevo subprocesador o cambiamos la ubicación de procesamiento, actualizamos esta tabla y avisamos por email con al menos 14 días de anticipación a clientes con cuentas activas.

15. Contact

For privacy or data protection inquiries, contact us at hola@gevent.pro.

Privacy Policy

1. Information We Collect

Information you provide

Automatically collected information

2. Legal Basis for Processing

3. How We Use Your Information

4. Guest Data

5. Sharing Information — Sub-processors

6. Web Push and Notifications

7. Photo Gallery

8. Technical Cookies

9. Data Security

10. Data Retention

11. Your Rights

12. Minors

13. International Transfers

14. Changes to this Policy

Subprocesadores

15. Contact

Privacy Policy

1. Information We Collect

Information you provide

Automatically collected information

2. Legal Basis for Processing

3. How We Use Your Information

4. Guest Data

5. Sharing Information — Sub-processors

6. Web Push and Notifications

7. Photo Gallery

8. Technical Cookies

9. Data Security

10. Data Retention

11. Your Rights

12. Minors

13. International Transfers

14. Changes to this Policy

Subprocesadores

15. Contact