Privacy Policy

Last updated: February 22, 2026

Revelry ("Revelry", "we", "us" or "our") operates the Revelry platform for discovering, organizing, and managing events via revelryapp.io and related applications (the "Platform"). This privacy policy explains how we collect, use, share, and protect personal data when you use Revelry.

This policy is designed to meet GDPR requirements and reflect best practices used by major event platforms while remaining accurate for our startup stage.

1. Who we are

Revelry

Business address: Het Eeuwsel 57, 5612AS Eindhoven, The Netherlands

Email: support@revelryapp.io

KvK number: 99671794

Revelry is the data controller for personal data processed through the Platform unless stated otherwise.

2. Types of users

We process data for two main categories of people:

1. Attendees / Users

People who create accounts, browse events, or purchase tickets.

2. Organizers

Individuals or organizations that create and manage events on the Platform.

Event organizers may also act as independent data controllers for personal data they collect outside Revelry.

3. Personal data we collect

We only collect data necessary to operate Revelry.

A. From Attendees / Users

  • Name
  • Email address
  • Phone number (optional)
  • Account credentials
  • Device and browser information
  • IP address
  • Event attendance history
  • Customer support communications
  • Payment information processed by our payment processor (we do NOT store card numbers)

B. From Event Organizers

  • Name and company name
  • Email address and phone number
  • Billing and payout details
  • Event descriptions, images, and content uploaded
  • Analytics about event performance
  • Communications with attendees

C. Automatically collected

  • Log files
  • Cookies and session data
  • Usage analytics
  • Security and fraud-prevention signals

We do not intentionally collect sensitive personal data unless required for a specific feature.

4. Why we process personal data

We process data to:

  • Create and manage accounts
  • Sell and manage event tickets
  • Provide organizer tools and analytics
  • Send confirmations and service emails
  • Provide customer support
  • Prevent fraud, abuse, and unauthorized access
  • Improve the Platform
  • Comply with legal and tax obligations

Legal bases include performance of a contract, legal obligation, legitimate interests, and consent where required.

5. Sharing personal data with third parties

We do NOT sell personal data.

We share data only with trusted service providers necessary to operate Revelry. These providers act as data processors under GDPR.

Examples include:

  • Cloudflare – security and content delivery
  • Vercel – website hosting
  • Hetzner & Laravel Forge – backend infrastructure
  • Email providers (Zoho, Resend, Mailtrap)
  • Payment processors (e.g., Stripe)
  • Analytics providers (privacy-friendly tools)
  • Government authorities when legally required

We maintain Data Processing Agreements with these providers and require appropriate safeguards.

Some providers may process data outside the EU. In such cases we rely on Standard Contractual Clauses or equivalent safeguards.

6. Data shared between organizers and attendees

When you buy a ticket, Revelry may share necessary information with the event organizer, such as your name or ticket details. Organizers may use this information to manage their event, communicate with attendees, and meet legal obligations.

Organizers are responsible for how they use attendee data outside the Platform.

7. Cookies and tracking

Revelry uses necessary cookies for login, security, and functionality. We may use privacy‑friendly analytics cookies to improve the Platform. Where legally required, we request consent for cookies.

You can control cookies through your browser settings.

8. Data retention

We keep data only as long as necessary:

  • Account data: until deletion or 2 years of inactivity
  • Ticket and billing data: up to 7 years (tax law)
  • Logs and security data: up to 30 days
  • Organizer event data: while events remain active or legally required

We may keep anonymized data longer for analytics.

9. Automated decision making

Revelry may use automated systems for recommendations, fraud detection, and analytics. These systems do not make decisions with significant legal effects without human review.

10. Your rights

Under GDPR you have the right to:

  • Access your data
  • Correct your data
  • Delete your data
  • Restrict processing
  • Transfer your data
  • Object to processing
  • Withdraw consent

Send requests to support@revelryapp.io. We respond within one month.

11. Security measures

We protect personal data using industry‑standard measures including:

  • HTTPS encryption
  • Secure hosting infrastructure
  • Access control and monitoring
  • Regular backups
  • Firewall and DDoS protection
  • Secure email authentication (SPF, DKIM, DMARC)
  • DNS security protections

No system is completely secure, but we continuously improve safeguards.

12. Children

Revelry is not intended for children under 16 without parental consent. If you believe a child has provided personal data, contact us to remove it.

13. Changes to this policy

We may update this policy as Revelry evolves. Significant changes will be communicated via email or the Platform.

14. Contact

Questions about privacy or data protection:
support@revelryapp.io

Back to home