• Events
Terms of ServicePrivacy Policy

Attendee

  • Events
  • My Tickets
  • Refund Policy

Organizer

  • Scan Tickets
  • Dashboard
  • Start an Event
  • Event Organizer Guide
  • About
  • Pricing
  • FAQ
  • Contact
2025 EventPass Ltd. All rights reserved.

Terms of Service

1. Introduction

EventPass ("we," "us," or "our") operates the EventPass platform at eventpass.ke and related subdomains (including host.eventpass.ke). This Privacy Policy explains how we collect, use, process, and protect your personal information when you use our event ticketing and management services.

This policy applies to all users of our platform, including event organizers who create and manage events, and attendees who purchase tickets and attend events.

2. Information We Collect

2.1 Information You Provide Directly

For Event Attendees:

  • Name, email address, and phone number
  • Payment information (processed securely through our payment service provider)
  • Event preferences and ticket selections
  • Communication preferences
  • Any information you provide when contacting customer support

For Event Organizers:

  • Name, email address, and phone number
  • Business information (if applicable)
  • Bank account details for payouts
  • Event details and descriptions
  • Marketing materials and content
  • Dashboard usage and preferences

2.2 Information We Collect Automatically

Usage Data:

  • IP address and device information
  • Browser type and version
  • Pages visited and time spent on our platform
  • Referral sources and promotional clicks
  • Search queries and event browsing behavior
  • Ticket purchase funnel data
  • Check-in and attendance data via QR code scans

Analytics Data:

  • Event performance metrics
  • Attendee behavior patterns
  • Affiliate tracking data
  • Instagram attribution data (when applicable)
  • Conversion rates and drop-off points

2.3 Information from Third Parties

  • Payment processing data from Paystack
  • Social media insights from Instagram integration
  • Email delivery data from AWS SES
  • Analytics data from PostHog
  • AI-powered responses and processing from OpenAI or Google Gemini (when using Event Assistant features)

3. How We Use Your Information

3.1 To Provide Our Services

  • Process ticket purchases and payments
  • Generate QR code tickets and facilitate event check-ins
  • Enable split payment disbursements to organizers
  • Send booking confirmations and event updates
  • Provide customer support and handle refund requests via email
  • Facilitate communication between organizers and attendees
  • Power our Event Assistant feature for event discovery and recommendations

3.2 To Improve Our Platform

  • Analyze user behavior to enhance user experience
  • Develop new features and services
  • Conduct research and analytics
  • Monitor platform performance and security
  • Test new functionality and features

3.3 For Business Operations

  • Process payments and handle refunds
  • Prevent fraud and ensure platform security
  • Comply with legal obligations
  • Enforce our terms of service
  • Calculate and collect our service fees

3.4 For Marketing and Communications

  • Send promotional emails and WhatsApp messages about relevant events (with your consent)
  • Provide personalized event recommendations through our Event Assistant
  • Track affiliate marketing performance
  • Analyze marketing campaign effectiveness
  • Send service-related notifications

You can opt-in or opt-out of promotional communications at any time through your account settings or by following unsubscribe instructions in our messages.

4. Information Sharing and Disclosure

4.1 With Event Organizers

When you purchase a ticket, we share your name, email, and attendance status with the event organizer to facilitate event management and communication.

4.2 With Service Providers

We share information with trusted third-party service providers who assist us in operating our platform:

  • Paystack: Payment processing and split payment disbursements
  • AWS SES: Email delivery services
  • PostHog: Analytics and user behavior analysis
  • Zitadel: Authentication services
  • Instagram: Social media integration and analytics
  • OpenAI/Google Gemini: AI-powered Event Assistant features
  • AWS/Hostinger: Cloud hosting and infrastructure services

4.3 For Legal Compliance

We may disclose your information when required by law, to protect our rights, or to comply with legal processes, including:

  • Court orders or legal proceedings
  • Law enforcement requests
  • Compliance with applicable regulations
  • Protection against fraud or security threats

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the transaction.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Secure data transmission using encryption
  • Access controls and authentication systems (Zitadel)
  • Authorization controls (OpenFGA)
  • Regular security assessments
  • Secure infrastructure using Docker Stack and Traefik

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this policy. Our data retention practices include:

6.1 Account-Based Data

For users with EventPass accounts:

  • Account information: Retained until you delete your account, plus 7 years for legal and financial compliance requirements
  • Transaction records: 7 years from transaction date for financial and tax obligations
  • Communication preferences: Until account deletion or opt-out

6.2 Event-Based Data

For users without accounts (ticket purchases only):

  • Ticket purchase information: 3 years from event date for customer support and legal compliance
  • Payment records: 7 years from transaction date for financial obligations
  • Event attendance records: 2 years from event date for organizer analytics and support

6.3 Other Data Types

  • Customer support records: 3 years from last interaction
  • Analytics data: 5 years in aggregated, anonymized form
  • Marketing data: Until opt-out or account deletion
  • Refund request communications: 7 years from resolution date

6.4 Legal Compliance

Some data may be retained longer when required by applicable laws, ongoing legal proceedings, or legitimate business interests such as fraud prevention.

7. Your Rights

Under the Kenya Data Protection Act and other applicable laws, you have the right to:

7.1 Access and Portability

  • Request access to your personal information
  • Receive a copy of your data in a portable format

7.2 Correction and Updates

  • Request correction of inaccurate information
  • Update your account information at any time

7.3 Deletion

  • Request deletion of your personal information
  • Delete your account through your dashboard settings

7.4 Processing Restrictions

  • Object to certain types of data processing
  • Withdraw consent for marketing communications
  • Opt out of non-essential analytics

7.5 Complaints

  • Lodge complaints with the Office of the Data Protection Commissioner (Kenya)
  • Contact us directly with privacy concerns

To exercise these rights, contact us at [eventpass.ke@gmail.com] or through your account settings.

8. International Data Transfers

Your personal information may be processed and stored outside of Kenya through our use of international service providers including AWS and Hostinger hosting services. As we expand our services to support USD payments and East African markets, additional international data processing may occur.

We ensure appropriate safeguards are in place for international transfers, including:

  • Adequacy decisions by relevant data protection authorities
  • Standard contractual clauses with service providers
  • Certification schemes and codes of conduct
  • Technical and organizational security measures

Current international processing locations:

  • AWS services (various global regions)
  • Hostinger hosting services
  • Third-party service providers as listed in this policy

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your session and authentication
  • Remember your preferences
  • Analyze platform usage
  • Track affiliate referrals
  • Provide personalized experiences

You can control cookie settings through your browser, though this may affect platform functionality.

10. Age Restrictions

Our services are available to users of all ages, as events on our platform are not generally age-restricted. However, users under 18 years of age should have parental or guardian consent before creating an account or making purchases.

If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us at eventpass.ke@gmail.com so we can address your concerns.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes through:

  • Email notifications to registered users
  • Prominent notices on our platform
  • Updates to the "Last Updated" date above

Continued use of our services after policy changes constitutes acceptance of the updated terms.

12. Contact Information

For questions, concerns, or requests related to this Privacy Policy, please contact us:

Email: eventpass.ke@gmail.com

Phone Number: +254 116 762 108

13. Governing Law

This Privacy Policy is governed by the laws of Kenya, including the Data Protection Act, 2019. For users in other jurisdictions, additional local privacy laws may apply.