Privacy Policy

Last updated: April 28, 2026

1. Introduction

CompleteEvent ("we", "us", or "our") respects your privacy. This Privacy Policy explains how we collect, use, and protect your personal information when you use our event management platform, including our iOS and Android apps.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password. If you sign in with Google, we receive your name and email from Google.

Event and Registration Data

When you create events or register for events, we collect the information you provide, including event details, attendee names, email addresses, phone numbers, and any custom registration fields.

Abstract Submissions

When you submit an abstract, we collect your name, email, biography, and the abstract content.

Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers. Stripe's privacy policy governs how they handle your payment information.

Device and Push Notification Data

If you use our iOS or Android app and grant permission, we collect a device push token (provided by Apple APNs or Google FCM) to deliver push notifications such as event reminders. This token is stored securely on our servers and used solely to send you notifications. You can revoke permission at any time in your device settings.

If you enable biometric authentication (Face ID or Touch ID), your biometric data is processed entirely by your device's operating system and never transmitted to or stored by us. We only store a simple on/off preference in local device storage.

Usage Data

With your consent, we collect analytics data using Google Analytics, PostHog, and Vercel Speed Insights. This includes page views, feature usage, browser type, device information, and general location. No analytics data is collected until you explicitly accept via the consent banner. You can opt out at any time by declining the banner or clearing your browser storage.

3. How We Use Your Information

  • To provide and maintain the Service
  • To send registration confirmations and event reminders
  • To process abstract submissions and communicate review decisions
  • To process payments through Stripe
  • To send presenter invitations
  • To improve the Service (with analytics consent only)
  • To communicate service updates and changes
  • To contact you about your account, including to offer onboarding assistance or follow up if setup is incomplete

4. Cookies and Tracking

We use the following types of cookies and local storage:

  • Essential cookies: Required for authentication and basic functionality. These cannot be disabled.
  • Analytics cookies (Google Analytics): Google Analytics cookies (_ga, _gid) are only set if you consent via the consent banner.
  • Product analytics (PostHog): PostHog is used to understand how features are used. It stores data in session memory only (no persistent cookie) and is only active if you consent. No PostHog data is sent without your explicit consent.

You can change your analytics preference at any time by clearing your browser storage and revisiting the site.

5. Data Sharing

We share your information only in the following circumstances:

  • Event organizers: When you register for an event, the organizer receives your registration information.
  • Service providers: We use Supabase (database and authentication), Vercel (hosting), Stripe (payments), Resend (transactional emails), Firebase Cloud Messaging / Apple APNs (push notifications, mobile only), Google Analytics and PostHog (analytics, consent-gated), and Vercel Speed Insights (performance monitoring).
  • Legal requirements: We may disclose information if required by law or to protect our rights.

We do not sell your personal information to third parties.

6. Data Retention

We retain your account data for as long as your account is active. Event and registration data is retained for the duration of the event organizer's account. If you delete your account, your personal data will be removed within 30 days, except where retention is required by law.

7. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Request a copy of your data in a portable format
  • Withdraw consent for analytics at any time

To exercise these rights, please contact us at our contact page.

8. Data Security

We use industry-standard security measures including encrypted connections (HTTPS), secure authentication via Supabase Auth, and row-level security policies on our database. However, no method of transmission over the Internet is 100% secure.

9. International Data Transfers

Our service infrastructure is hosted in the United States. If you are accessing the Service from outside the United States, your data may be transferred to and processed in the United States.

10. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The "Last updated" date at the top of this page indicates when the policy was last revised.

12. Contact

For privacy-related questions or to exercise your rights, please contact us at our contact page.