Privacy Policy

The data controller responsible for personal data processed through the Services is the Events4U entity operating events4u.ai ("Events4U", "we", "us"). Contact: support@events4u.ai.

This policy applies to personal data we process when you visit our website, create an account, buy or sell on the marketplace, contact support, or otherwise interact with the Services. It does not apply to websites or services we do not control.

Account and profile. Name, email address, password (stored using industry-standard hashing), phone number if you provide it, country or region, language preferences, and profile or business details you choose to add.

Transactions. Order details, delivery information, payment status (payment card data is typically processed by our payment partners; we may receive limited tokenised or non-sensitive payment metadata), billing address, and communications related to orders.

Vendor and listing data. Store name, descriptions, inventory, pricing, tax or company identifiers you submit, and verification documents where required.

Usage and device data. IP address, device type, browser type, approximate location derived from IP, pages viewed, referring URLs, timestamps, diagnostics, and security logs.

Support and surveys. Information you provide when you contact us, respond to surveys, or participate in beta programmes.

Content you upload. Photos, reviews, messages, and other content you post on the Services, including metadata (for example, timestamps).

Where the GDPR or UK GDPR applies, we rely on one or more of the following legal bases:

• Contract — to create and secure your account, process orders, provide vendor tools, and deliver the Services you request.
• Legitimate interests — to secure the platform, prevent fraud and abuse, improve features, analyse aggregate usage, communicate service updates, and assert or defend legal claims, balanced against your rights.
• Consent — for optional marketing communications and non-essential cookies or similar technologies, where required.
• Legal obligation — to comply with tax, accounting, court orders, or regulatory requests.

Where other laws apply (for example, in the United States), we process personal data as described in this policy and as permitted or required by those laws, including to perform our contract with you and for our legitimate business purposes.

We share personal data with service providers who process it on our instructions ("processors"), such as hosting, authentication, email delivery, analytics, payment processing, fraud prevention, customer support tooling, and logistics integrations. We require processors to implement appropriate confidentiality and security measures.

We may disclose personal data if we believe in good faith that disclosure is necessary to comply with law, enforce our terms, protect the safety of any person, or address fraud or security issues. We may also share information in connection with a merger, acquisition, or asset sale, subject to appropriate safeguards.

Where vendors fulfil orders, limited buyer information (such as shipping details) may be shared with the relevant vendor as necessary to complete the transaction.

We may process and store personal data in the European Economic Area, the United Kingdom, the United States, and other countries where we or our providers operate. Where we transfer personal data from the EEA, UK, or Switzerland to countries not recognised as providing adequate protection, we use appropriate safeguards such as the EU Standard Contractual Clauses (and the UK International Data Transfer Addendum where applicable), unless another lawful transfer mechanism applies.

We retain personal data only as long as necessary for the purposes described in this policy, including to comply with legal, tax, or accounting obligations, resolve disputes, and enforce agreements. Retention periods vary by data type; for example, order records may be kept longer than transient server logs. When retention ends, we delete or anonymise personal data where feasible.

We implement technical and organisational measures designed to protect personal data against accidental loss, unauthorised access, or unlawful processing. No method of transmission over the Internet is completely secure; we encourage you to use strong passwords and enable available security features.

Depending on your location, you may have rights to access, rectify, erase, restrict processing of, or port your personal data, and to object to certain processing (including profiling for direct marketing). You may withdraw consent where processing is based on consent, without affecting the lawfulness of processing before withdrawal.

EEA/UK. You may lodge a complaint with your local supervisory authority. We ask that you contact us first so we can try to resolve your concern.

California (CCPA/CPRA). California residents may have rights to know, delete, and correct personal information, and to opt out of "sale" or "sharing" of personal information (including certain cross-context behavioural advertising). We do not knowingly sell personal information of minors under 16. To exercise rights, email support@events4u.ai with "Privacy Request" in the subject line. We will verify your request as required by law and respond within applicable timelines.

Other US states. Residents of certain states may have similar rights; contact us as above and we will respond in line with applicable law.

We may use automated systems (including machine learning) to help detect fraud, rank search results, moderate content, or personalise your experience. Where a decision produces legal or similarly significant effects solely based on automated processing, we will provide information and human review where required by applicable law.

The Services are not directed to children under the age where they may lawfully use the Services in their jurisdiction. We do not knowingly collect personal data from children. If you believe we have collected such data, contact us and we will take appropriate steps to delete it.

We may update this Privacy Policy to reflect changes to our practices or legal requirements. We will post the updated version on this page and revise the effective date. Where required, we will obtain your consent or provide additional notice.

For privacy questions or requests, use our contact form or email support@events4u.ai.