To exercise your rights under GDPR and send a request to The Events Calendar, please fill in our GDPR rights form.
Even though The Events Calendar is based in the United States, we strive to remain compliant with the EU’s GDPR directive for our EU users. As such, we’ve compiled the information below, that you may review at any time. If you have further questions, it’s best to contact us by email. If you are making a data request, this must be done via our request form.
What are your details?
The Events Calendar is an American company, formed in 2007. Our postal address is:2703 Ena Drive
Lansing, MI 48917
What are the contract terms?
When subscribed to our products or services, you are on a monthly or annual renewal Agreement but can cancel at any time.
What personal data is held by The Events Calendar?
Records necessary to provide you with our products and services.
Your account with theeventscalendar.com, such information stored includes:
- Your name, email address, billing address, IP address for transactional purchases as well as marketing/re-marketing purposes, payment method information, account username, account password (which is encrypted), license keys assigned to you, any Support threads you’ve opened, purchase emails, Support emails you’ve initiated, and transactional records.
Your account with Loxi.io, such information stored includes:
- Your name, email address, billing address, IP address for transactional purchases as well as marketing/re-marketing purposes, payment method information, account username, account password (which is encrypted), embedded URLs of your calendar(s), event data, venue & organizer data, any Support threads you’ve opened, purchase emails, Support emails you’ve initiated, and transactional records.
Your use (as a Site Owner) of our plugin(s), such information stored includes:
- System Information (if supplied directly by you to our Support Team), Install domain, License key to validate (if premium plugin or service), WP Version, PHP Version, MySQL Version, Theme info, Site language, User language, Site public status,
WP_DEBUGstatus, Site Timezone, Multisite status, Network activated status, Number of all active sites in multisite
- For our Event Aggregator service (excludes CSV file import), the following data is collected (strictly for processing requirements in order to serve you through our import service):
- We store the data fetched from origin sources, which might include organizer and venue details accessible to you through API keys only, via caching. After a short period of time (est. 12 hours – 7 days), data is automatically deleted on our servers as we’ve completed processing data to your website.
- For our Promoter service, the following data is collected:
- Attendees: name, email address, attendance to specific events, ticket type purchased, emails sent, date added, opt-in status, email open, email click, list segmentation.
- Site Owner: License key, name, email address, email verification status, time zone, connected website address, shared token, password, subscription status, custom shortcuts, custom, campaign email template (logo, mailing address, copy), delivery stats on messages.
- Please note: we do not collect nor store any data on your own end users through the use of any of our plugins and within any new (free or premium) plugin version we release (as of May 2018), you’ll find that we provide to you two policy statements:
- Our policy disclosure detailing the information collected through your use of our plugin(s) as listed above.
- A policy disclosure you may use within your own policy informing your site & plugin users of what data is collected by you through the use of our plugin(s).
In addition, we use third party services within certain plugins, such as The Events Calendar, Events Calendar Pro, and Event Tickets. These services include Google Maps as well as PayPal (when you setup and connect these within our plugins). It’s important to note that your use of these third party services fall under their own privacy and data collection policies, which are separate from our own.
How can I exercise my GDPR rights, like request my data to be deleted?
You can contact us directly at any time by making a request via this form.
Where is data stored and processed?
Currently, all data is stored and processed in the United States.
How do you handle deleting data?
Records that we can legally delete and/or anonymize can be done so upon your request. You may contact us at any time to have your data deleted and/or anonymized. Please note, once this has been done, there will not be an option to reverse your decision.
What measures do you have in place to protect data?
As much of your data as possible is encrypted. Additionally, we have multiple security measures in place to protect your data, including limited access to team members.
What third parties do you share data with?
What access controls do you have in place?
The Events Calendar limits access to data based on company discipline, meaning members of our team only have access to the data needed to execute specific duties, including requests made by you. We also put in place, a variety of measures to ensure appropriate access, including two-factor authentication.