vibeticketing
Home/Privacy Policy

Privacy Policy

Last Updated: November 28, 2025

Vibeticketing ("Vibeticketing," "we," "us," or "our") is an Australian-based AI-powered platform dedicated to empowering event organizers to create, manage, and sell tickets for events using natural language prompts. Our mission is to simplify event creation through innovative AI tools, seamless ticketing platform integrations, and collaborative features, while prioritizing the privacy and security of your data. We are committed to fostering a vibrant event organizer community and ensuring compliance with applicable privacy laws in Australia (including the Privacy Act 1988 (Cth) and the Australian Privacy Principles), the United States (including all applicable state privacy statutes), European Economic Area, United Kingdom, Switzerland, and Canada.

This Privacy Policy ("Policy"), available online at vibeticketing.com/privacy, outlines how Vibeticketing collects, uses, shares, and otherwise processes personal information from users, including event organizers, entrepreneurs, and visitors ("User," "you," or "your") of our website, platform, and services (collectively, our "Services"). By using our Services, you acknowledge this Policy; our legal basis for processing may include contract performance, legitimate interests, or legal obligations, as set out in Section 3. This Policy incorporates our Terms of Service by reference. If you do not agree with the terms of this Policy, please discontinue your use of our Services.

1. Personal Data

For purposes of this Policy, "personal data" (also called "personal information" under the Privacy Act 1988 (Cth) in Australia, the California Consumer Privacy Act/Privacy Rights Act and similar U.S. state laws) means any information that relates to an identified or identifiable natural person or is reasonably capable of being linked to a particular consumer or household, as set out in the Australian Privacy Act 1988 (Cth), EU GDPR, UK GDPR, Canada's PIPEDA, the revised Swiss Federal Act on Data Protection, and all applicable U.S. federal or state privacy statutes. Personal data may include, for example, your name, business email address, postal address, telephone number, username, unique device or browser identifiers, Internet-protocol (IP) address, authentication tokens, usage and telemetry logs, or other information generated through your use of our Services. Personal data also includes biometric, genetic, and special category data as defined under GDPR and international equivalents.

Vibeticketing does not intentionally collect special-category or sensitive personal data, such as biometric identifiers, health information, or precise geolocation, and instructs customers not to upload such information. This definition will be interpreted to include any equivalent term under other privacy laws that come into force during the life of this Policy.

2. Collection and Use of Information

Information You Provide Directly

When you create an account, purchase credits, open a support ticket, or otherwise use our Services, you may supply personal data such as your name, business-email address, phone number, payment information (processed via secure third-party payment processors; see their privacy policies for details on how they handle your card details and transaction data). For usage-based services like AI event generation, we collect and process Usage Data (e.g., API calls, prompt volumes, credit consumption) to meter consumption against your Credits (prepaid balances). We do not store full payment card details; payment processors serve as the source of truth for billing records, which may include anonymized usage metrics shared with us for invoicing, and project artifacts (for example, natural-language prompts, event data, or configuration settings). These artifacts are used only to serve your workspace and, once anonymized or aggregated, to improve our models; they are never used to train general-purpose AI models that benefit other customers without your permission.

Information Collected Automatically

When you interact with the Services, we automatically collect technical data such as IP address, browser type, operating system, device identifiers, pages visited, timestamps, and error logs. Certain operational metrics and telemetry ("Service Data") are processed by Vibeticketing as an independent controller for security, billing, analytics, and product-improvement purposes.

Billing and Metering Data

Telemetry on service usage (e.g., credit consumption, API requests via AI Gateway) is collected to generate invoices showing consumption by service. This data is anonymized where possible and shared with payment processors for payment processing and revenue recognition.

Usage and Analytics Data

We record how you engage with key features (e.g., prompts submitted, events generated, edits made, integrations with ticketing platforms). If you authorize a third-party integration (such as TicketLime, Eventbrite, or other ticketing platforms), Vibeticketing accesses only the minimum data required to provide that integration and processes it under the same terms as other Customer Personal Data.

Data Handling in AI Gateway

The AI Gateway acts as a proxy to connect your applications to third-party AI providers, including OpenAI. When using the AI Gateway, your inputs (e.g., prompts, queries) and related Customer Data are transmitted to these providers for processing and response generation. These transmissions occur on a pass-through basis; we do not store the raw prompts or responses unless you explicitly save them in your workspace. By using the AI Gateway, you consent to such transfers under the privacy policies of OpenAI (openai.com/policies/privacy-policy) and other providers. We do not control these providers' data practices, and you are responsible for reviewing their policies.

Ticketing Platform Integrations

When you connect to a ticketing platform (such as TicketLime, Eventbrite, Ticketmaster, or others), we access and transfer your event data to the platform on your behalf. This data includes event information, ticket configurations, and related content. Each ticketing platform has its own privacy policy, and your use of their services is subject to their terms. We act as an intermediary and do not control how ticketing platforms process your data once it is transferred.

Children's Data

Vibeticketing's Services are not intended for individuals under the age of eighteen (18), and we do not knowingly collect or solicit personal data from anyone under this age. By using our Services, you represent that you are at least 18 years old or the age of majority in your jurisdiction. If we discover that we have collected personal data from a minor without verifiable parental consent, we will promptly delete that information. If you believe we may have collected such data, please contact us at the email address provided in Section 16.

We process this information on the legal basis of contract performance, legitimate interests, compliance with legal obligations, and your consent, for the following purposes:

  • to provide, operate, and maintain the Services, including storing event data, generating AI content, and facilitating ticket sales;
  • to personalize your experience and tune AI-driven features for your workspace;
  • to analyze usage patterns and improve performance, functionality, and reliability;
  • to detect, prevent, and investigate fraud, abuse, or security incidents;
  • to deliver product updates and measure the effectiveness of our own marketing;
  • to communicate with you and provide customer support, as permitted by your account settings;
  • to process payments and other transactions you authorize;
  • to comply with legal, regulatory, export-control, and sanctions obligations in the jurisdictions where we operate; and
  • to meet record-keeping, accounting, and audit requirements.

Vibeticketing does not engage in automated decision-making that produces legal or similarly significant effects on individuals (GDPR Art 22). We collect only the personal data necessary for these purposes and retain it in line with the schedule in Section 11. You can exercise your opt-out or objection rights to certain processing activities as described in Section 9 ("Your Privacy Choices").

3. Legal Bases for Processing Your Data

Vibeticketing processes personal data only where a valid legal ground applies under each privacy regime that governs our Services.

Applicable privacy frameworks:

  • Australia: Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) for Australian residents and users.
  • United States: CCPA/CPRA (California), VCDPA (Virginia), CPA (Colorado), UCPA (Utah), CTDPA (Connecticut), and any other U.S. state privacy laws in force during your use of the Services.
  • International: GDPR (EEA), UK GDPR, and the revised Swiss Federal Act on Data Protection (rev-FADP) for residents of the EEA, United Kingdom, or Switzerland.
  • Canada: Personal Information Protection and Electronic Documents Act (PIPEDA).

Legal bases:

  • Contract Performance: To fulfill our obligations under the Terms of Service and provide the Services you request.
  • Legitimate Interests: To improve our Services, prevent fraud, ensure security, and conduct analytics (balanced against your privacy rights).
  • Legal Obligations: To comply with applicable laws, regulations, and court orders.
  • Consent: Where required by law or where you have provided explicit consent for specific processing activities.

4. Sharing Your Information

We do not sell your personal data. We share your information only in the following circumstances:

  • Service Providers: We share data with third-party service providers who perform services on our behalf, such as payment processing, cloud hosting, analytics, and customer support. These providers are contractually obligated to protect your data and use it only for the purposes we specify.
  • Ticketing Platforms: When you choose to publish an event to a ticketing platform, we share your event data with that platform to enable ticket sales and event management.
  • Third-Party AI Providers: When you use AI features, your prompts and related data are transmitted to third-party AI providers (such as OpenAI) for processing. These providers have their own privacy policies.
  • Legal Requirements: We may disclose your information if required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of our users or others.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. Data Security

We implement reasonable technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, secure data centers, and regular security assessments. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. Please notify us immediately if you suspect any unauthorized access to your account.

6. International Data Transfers

Your personal data may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your jurisdiction. When we transfer personal data from the EEA, UK, or Switzerland to other countries, we rely on appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to ensure your data is protected.

7. Your Privacy Choices

Depending on your location, you may have certain rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal data.
  • Deletion: Request deletion of your personal data, subject to legal and contractual obligations.
  • Portability: Request transfer of your personal data to another service provider.
  • Objection: Object to certain processing activities based on legitimate interests.
  • Restriction: Request restriction of processing in certain circumstances.
  • Withdraw Consent: Withdraw consent for processing activities that rely on consent.
  • Opt-Out: Opt out of marketing communications and certain data sharing practices.

To exercise these rights, please contact us using the information provided in Section 16. We will respond to your request within the timeframes required by applicable law (typically 30 days).

Vibeticketing will not discriminate against you for exercising your privacy rights. If you are not satisfied with our response, you may lodge a complaint with your local data protection authority.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information about your use of our Services. Cookies are small text files placed on your device that help us provide, protect, and improve our Services. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device until deleted or expired).

We use cookies for the following purposes:

  • Essential Cookies: Required for the Services to function properly (e.g., authentication, security).
  • Analytics Cookies: Help us understand how users interact with our Services (e.g., Google Analytics).
  • Functional Cookies: Remember your preferences and settings.
  • Marketing Cookies: Used to deliver relevant advertisements and measure campaign effectiveness.

You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use some features of our Services.

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law. When determining retention periods, we consider:

  • The nature and sensitivity of the data;
  • The purposes for which we process the data;
  • Legal and regulatory requirements;
  • The potential risk of harm from unauthorized use or disclosure.

When you delete your account (subject to forfeiture of unused Credits as per the Terms), we will delete your Personal Data within 30 days, except for data required for fraud prevention, legal compliance, or legal defense purposes. Backups may retain data for up to 90 days. To request deletion, contact us using the information provided in Section 16; we comply with applicable laws (e.g., GDPR erasure rights). We retain Customer Data only as needed to provide the Services, with deletion available upon request (subject to backups and legal holds).

10. Links to Other Sites

Our Services may include links or integrations (for example, ticketing platforms, payment providers, or AI providers) that are not controlled by Vibeticketing. Your interactions with those third-party services are governed by their own privacy policies and terms. We encourage you to review those policies before providing personal data, as Vibeticketing is not responsible for the privacy or security practices of external sites.

11. Notice and Communications

By using the Services, you consent to receive transactional or administrative electronic communications from Vibeticketing—such as account alerts, security notifications, and billing messages. You may opt out of non-essential marketing e-mails at any time via the "unsubscribe" link or your account settings; this will not affect core service communications. To send formal privacy notices to Vibeticketing, use the contact information provided in Section 16. Vibeticketing may provide legal or privacy notices to you via e-mail, in-product banners, or any other method allowed by law.

12. Governing Law & Venue

This Policy is governed by and construed in accordance with the laws of Australia and the State of New South Wales, without regard to its conflict-of-law principles. However, if you are located in a jurisdiction that grants you mandatory consumer protection or data protection rights under local law (including the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles), those provisions will take precedence to the extent they conflict with this Policy.

For Australian residents, you have rights under the Privacy Act 1988 (Cth), including the right to access, correct, or delete your personal information. If you have concerns about how we handle your personal information, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

For residents of the European Economic Area (EEA), United Kingdom (UK), or Switzerland, international data transfers are subject to the EU Standard Contractual Clauses. Any disputes arising under this Policy shall be resolved in accordance with applicable law and the dispute resolution provisions in our Terms of Service.

13. Changes to This Policy

Vibeticketing reserves the right to update or revise this Privacy Policy to reflect changes in our practices, legal requirements, or the Services themselves. We will post any revised Policy at vibeticketing.com/privacy and indicate the "Last Updated" date at the top of the document. For material changes that reduce your rights or expand our processing purposes, we will provide at least thirty (30) days' advance notice by e-mail or in-product banner. Your continued use of the Services after the new Policy takes effect constitutes acceptance of the revised terms.

14. Severability

If any provision of this Policy is found to be unlawful, void, or unenforceable under applicable law, that provision will be interpreted to achieve its intent as closely as possible, or, if impossible, deemed severed, and the remaining provisions will remain in full force and effect.

15. Entire Agreement

This Policy, together with the Terms of Service and any supplemental product terms, constitutes the entire agreement between you and Vibeticketing regarding privacy and data protection in connection with the Services.

16. Contact Details

If you have questions, concerns, or wish to exercise your privacy rights, please contact us:

Email: [email protected]
Website: vibeticketing.com
Address: Vibeticketing, Australia

We aim to respond to verified data-subject requests within thirty (30) days, or longer where permitted under applicable law, in which case we will notify you of the delay and reason. If you are an Australian resident and believe your inquiry has not been satisfactorily resolved, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au. For residents of other jurisdictions, you may lodge a complaint with your local supervisory authority, the Irish Data Protection Commission, the UK Information Commissioner's Office, or the Swiss FDPIC, as appropriate.

← Back to Home