Privacy Policy – EventSphere Solutions

Last Updated: 10 December 2025

EventSphere Solutions (“EventSphere”, “we”, “our”, “us”) operates a SaaS platform that includes

AI-driven automation, agent orchestration, project/task management tools, data processing

workflows, and integrations with third-party systems. This Privacy Policy explains how we collect,

use, store, protect, and disclose personal information in compliance with the General Data

Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other global

privacy laws.

By using our website, platform, or services (“Services”), you agree to the practices described here.

1. Data We Collect

We collect the following categories of information:

1.1 Account & Identity Information

  • Name
  • Email address
  • Password (encrypted)
  • Company/organization
  • User role (admin, venue owner, staff)

Used for authentication and account management.

1.2 Platform Usage & Interaction Data

Collected automatically via logs:

  • IP address
  • Browser & device metadata
  • Login timestamps
  • Actions performed inside the platform
  • AI agent interaction logs
  • Workflow and task automation history

Used to operate, secure, and improve the platform.

1.3 Project, Document, and Content Data

When using features like:

  • Orchestrator logs
  • Document parsing
  • Uploaded files
  • Workflow automation

We process:

  • Files you upload (documents, images, templates)
  • Task descriptions, system commands, prompt text
  • Project metadata and dependencies
  • API connection details (if provided manually)

This data is processed only to provide the service and remains your property.

1.4 Payment Information

Handled exclusively by third-party PCI-compliant processors (Stripe, Paddle, etc.).

We do not store raw credit card numbers.

1.5 Cookies & Web Tracking

Used for:

  • Session management
  • Analytics
  • Personalization
  • Fraud prevention

Cookie banners are displayed where legally required.

2. How We Use the Data

We process personal and project data for:

  • Core Service Delivery
  • Account creation & secure login
  • Processing your uploaded data
  • Task and workflow execution
  • Notifications and collaboration

Legal Basis (GDPR)

We rely on:
Processing Purpose Legal Basis

Account setup & Service delivery

Contractual necessity

Analytics & improvements Legitimate interest

Marketing communications User consent

Security, fraud prevention Legitimate interest

Compliance with law Legal obligation

AI Data Processing

AI models may process:

  • Prompts
  • Event details
  • Venue details
  • Uploaded files
  • Generated tasks

We do not use customer data to train public AI models.

3. How We Share Data

We may share data with:

3.1 Service Providers

  • Cloud hosting
  • Database infrastructure
  • Payment processor
  • Email/notification providers
  • AI model providers (OpenAI, Google Vertex, local LLMs, etc.)

All providers operate under strict confidentiality and data processing agreements.

3.2 Legal Compliance

We may disclose data when:

  • Required by law
  • Needed to protect user safety
  • Required to protect system integrity

3.3 Business Transfers

If EventSphere is acquired, merged, or reorganized:

  • Users will be notified
  • Data protection obligations will remain in force

4. International Data Transfers (GDPR)

If your data is transferred outside the EU/EEA:

  • Standard Contractual Clauses (SCCs) are applied
  • Equivalent safeguards are enforced

5. Your Rights

GDPR (EU): You have the right to

  • Access your data
  • Correct inaccurate data
  • Request deletion (“Right to be Forgotten”
  • Request data portability
  • Restrict or object to processing
    Withdraw consent at any time

CCPA (California): You have the right to

  • Request what personal data is collected
  • Request deletion of personal information
  • Opt out of “sale” of personal data (we do not sell data)
  • Receive equal service even if you opt-out

Requests: hello@eventspheresolutions.com

We respond within statutory deadlines (usually 30–45 days).

6. Data Retention

We retain data only for:

  • As long as your account is active
  • Compliance with legal obligations
  • Backup integrity and dispute resolution

Project files and uploaded documents can be fully deleted upon user request.

7. Security Measures

We implement:

  • Encryption in transit (TLS 1.2+)
  • Encryption at rest
    Role-based access control
  • Periodic security audits
    Secure credential storage (bcrypt/argon2)
  • Monitoring for suspicious activity

8. Children's Privacy

Our Services are not intended for anyone under 13.

We do not knowingly collect data from minors.

9. Changes to This Policy

We may update this Policy periodically.

Material changes will be notified via email or platform alerts.