Tixio logoTixio
Start Selling for Free

Legal

Privacy Policy

How we collect, use, and protect your data when you sell or buy tickets with Tixio.

Effective: Jan 1, 2025View Terms of Service

1. Overview

This Privacy Policy explains how Tixio (“we”, “our”, “us”) collects, uses, and protects your information.

By using Tixio, you agree to the practices described here.

2. Data We Collect

Account data: email, name, password (hashed), and profile details you provide (e.g., phone, organization name).

Event data: event details, ticket settings, images, and branding you upload.

Transaction data: ticket purchases, payment intent IDs, and related Stripe metadata.

Usage data: device/browser information, IP address, and interaction logs used for security and analytics.

3. How We Use Data

Provide and operate the service (ticketing, checkout, staff invites, scanning).

Send transactional emails (tickets, receipts) and account notifications.

Prevent fraud and protect the platform (RLS policies, JWT ticket verification, staff permissions).

Improve the product via aggregated analytics (e.g., Vercel Analytics).

4. Sharing & Disclosure

Payments: Processed via Stripe; we share necessary transaction metadata with Stripe.

Email delivery: Tickets and notifications are sent via Resend.

Organizers: Attendee data (name/email) is shared with the organizer of the event you buy tickets for.

Legal: We may disclose information if required by law or to protect rights and safety.

5. Data Retention

We retain account and transaction data as long as your account is active or as needed for legal, tax, and auditing purposes.

You can request deletion of your account; some records (payments, invoices) may be retained where required.

6. Security

Data is stored on Supabase (PostgreSQL) with Row Level Security and least-privilege policies.

Service-role operations are restricted to backend flows (webhooks, PDFs).

Secrets (ticket signing keys, Stripe keys) are stored server-side and never exposed publicly.

Transport is encrypted via HTTPS; passwords are hashed by the auth provider.

7. Your Choices

Access and update your profile via the dashboard.

Unpublish events or remove staff to limit access to attendee data.

Contact support to request account deletion or data export (where applicable).

8. Children

Tixio is not intended for individuals under 16. Do not use the service if you do not meet this requirement.

9. Changes

We may update this Privacy Policy periodically. Material changes will be posted in the dashboard or via email.

10. Contact

For privacy questions or requests, contact privacy@support.tixioapp.com.