Privacy Policy
Last updated: July 4, 2026
1. Introduction
360 Events ("we", "us", or "our") operates the website at 360events.co.za and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, join our waitlist, or create an account.
This policy is intended to support our compliance with applicable privacy laws, including South Africa's Protection of Personal Information Act, 2013 ("POPIA"), where it applies.
2. Information We Collect
We may collect the following types of information:
- Account information: name, email address, and password when you register.
- Waitlist information: email address and signup source when you join our waitlist.
- Event data: event titles, descriptions, dates, locations, and ticketing details you create on the platform, including guest lists, RSVP responses, check-in records, budgets, team assignments, and event communications.
- Attendee information: names, contact details, RSVP answers, ticket details, payment status, accessibility notes, dietary preferences, or other information submitted by or about attendees for an event.
- Payment information: payment status, transaction references, payout information, invoices, subscription plan details, and limited payment metadata. Full card numbers and card security codes are processed by our payment provider and are not stored by 360 Events.
- Usage and device data: IP address, approximate location derived from IP, device type, operating system, browser version, referring website, pages visited, timestamps, session identifiers, log files, crash reports, and security events.
3. Cookies
We use cookies and similar technologies to keep you signed in, remember preferences, improve website performance, analyze usage, prevent fraud, and enhance security. You can control cookies through your browser settings, although disabling certain cookies may affect how the platform functions.
4. Legal Basis for Processing
We process personal information where necessary to provide our services, perform a contract with you, comply with legal obligations, protect legitimate interests such as platform security and fraud prevention, protect users and attendees, or where you have provided consent.
5. How We Use Your Information
We use collected information to:
- Provide, operate, and maintain our services
- Process waitlist signups and send launch updates
- Authenticate users and manage accounts
- Create, publish, manage, ticket, and report on events
- Process payments, subscriptions, payouts, refunds, and chargebacks
- Send event updates, RSVP messages, ticket confirmations, and support replies
- Send marketing communications where permitted by law or where you have opted in. You may unsubscribe at any time using the unsubscribe link or by contacting us.
- Prevent fraud, abuse, and unauthorized access
- Improve our platform and respond to support requests
- Comply with legal obligations
6. How We Share Information
We do not sell your personal information. We may share information with service providers who help operate the platform, process payments, host data, send messages, provide analytics, investigate fraud, respond to support requests, comply with legal obligations, enforce our agreements, or protect our legal rights.
Event organizers may receive attendee information submitted for their events, such as RSVP answers, ticket records, check-in status, and contact details needed to run the event. Organizers are responsible for using attendee information in accordance with applicable privacy laws and their own obligations to attendees. Event organizers are also responsible for ensuring they have an appropriate legal basis for collecting attendee information and for using it in compliance with applicable privacy laws.
7. Third-Party Services
We use trusted third-party providers to operate our platform, including Supabase (database and authentication), Vercel (hosting), Upstash (rate limiting), payment providers, email or messaging providers, analytics providers, and other operational tools. These providers process data on our behalf under their own privacy policies and service terms.
8. International Transfers
Your information may be processed or stored in countries outside South Africa because we use cloud hosting, database, payment, messaging, and security providers. Where applicable, we take reasonable steps to ensure appropriate safeguards are in place for international transfers of personal information.
9. Data Retention
We retain your information for as long as your account is active or as needed to provide services. Waitlist entries are kept until you request removal or we launch and migrate accounts. You may request deletion of your data at any time by contacting us.
We may retain certain information for longer where required or permitted by law, including to resolve disputes, enforce agreements, prevent fraud, maintain security, keep backups, comply with accounting or tax obligations, or preserve records of payments, chargebacks, and legal claims.
10. Account Deletion
You may request deletion of your account at any time. If you are an event organizer, deletion may affect your events, guest lists, tickets, communications, and reporting. We may retain certain information where required by law, to resolve disputes, enforce our agreements, prevent fraud, maintain security, or comply with accounting and tax obligations.
11. Your Rights
Depending on your location and applicable law, including POPIA, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate, irrelevant, excessive, outdated, or incomplete data
- Request deletion or destruction of data where applicable
- Object to certain processing of your personal information
- Withdraw consent where consent is the basis for processing
- Opt out of marketing communications
- Complain to the South African Information Regulator at inforegulator.org.za/complaints
You can contact us at privacy@360events.co.za to make a privacy request. We may need to verify your identity before responding.
12. Security
We implement reasonable technical and organizational security measures including encrypted connections (HTTPS/TLS), access controls, row-level security on our database where applicable, rate limiting, monitoring, backups, secure password policies, and provider security controls. No method of transmission or storage over the internet is 100% secure, and we cannot guarantee absolute security.
If we become aware of a security incident involving personal information, we will investigate it promptly and, where required by applicable law, notify affected individuals and relevant authorities.
13. Children's Privacy
Our services are not directed to children under 13. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us and we will delete it promptly.
14. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Where required by law, we will provide additional notice of material changes before they take effect.
15. Contact Us
If you have questions about this Privacy Policy, contact us at privacy@360events.co.za. General support questions can be sent to hello@360events.co.za.