V
Vendor Space

Privacy Policy

Last updated: March 2026

1. Introduction

Vendor Space ("we," "our," or "us") operates the Vendor Space platform, a vendor management and payment collection service for event organizers. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, organization name, and timezone preference.

Event and Vendor Data

We store event details you create (event names, dates, locations, booth configurations) and vendor information (company names, contact details, registration data) that you or your vendors provide through the platform.

Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers or bank account details on our servers. Stripe collects and processes payment information in accordance with their own privacy policy. We store transaction records including amounts, dates, and payment status.

Usage Data

We automatically collect certain information when you access the platform, including your IP address, browser type, device information, pages visited, and the dates and times of your visits.

3. How We Use Your Information

  • To provide, operate, and maintain the platform
  • To process payments and manage financial transactions
  • To send transactional emails (payment confirmations, event notifications)
  • To improve and personalize your experience
  • To respond to your inquiries and provide customer support
  • To detect and prevent fraud or abuse
  • To comply with legal obligations

4. Data Sharing

We do not sell your personal information. We share data only with the following third-party services necessary to operate the platform:

  • Stripe — for payment processing and connected account management
  • Resend — for transactional email delivery (payment links, notifications)
  • Supabase — for database hosting and authentication

Event organizers can view vendor data submitted for their events. Vendors can view event details published by organizers.

5. Data Retention

We retain your account data for as long as your account is active. Event and vendor data is retained for as long as the associated organizer account exists. Transaction records may be retained longer as required for tax and legal compliance. When you delete your account, we will remove your personal data within 30 days, except where retention is required by law.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent for data processing
  • Object to data processing for direct marketing

To exercise any of these rights, please contact us at the address provided below.

7. Cookies

We use essential cookies to maintain your authentication session and remember your preferences (such as dark mode). We do not use third-party advertising or tracking cookies. Session cookies are automatically deleted when you close your browser or after your session expires.

8. Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS), encrypted storage, row-level security policies, and secure authentication. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the platform after any changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us through our contact page.