Information security and privacy is built into Eventlify’s growth, mission, and vision. We regularly perform vulnerability scanning, penetration testing, access control, encryption and data privacy measures. Eventlify’s information security programs are upheld by the AICPA’s Trust Services Criteria of security.
We are tirelessly committed to protection of your data and your privacy. Eventlify’s information security and privacy controls are detailed below.
Have questions or feedback? Feel free to reach out to us at email@example.com
Eventlify is committed to protecting your privacy. We ensure data protection through several controls. All of this data is encrypted and protected by access control measures and alerting and monitoring systems. Eventlify offers SSO integration to ensure users are securely authenticated. Eventlify does not sell customer data to any third parties.
All data is encrypted in transit and at rest to ensure protection of your data and privacy
Employee access to the environment in which customer data is stored is granted on a least permissions basis, highly restricted, and monitored.
Alongside Eventlify’s infrastructure-based protection measures, we provide users with authentication and SSO integration capabilities.
All payment instrument processing is safely outsourced to Stripe which is certified as a PCI Level 1 Service Provider.
Eventlify’s infrastructure is hosted in Amazon Web Services (AWS) in SOC 2 Type II and ISO 27001 compliant data centers. Eventlify has backup data center regions to ensure high availability.
All our hosted services run in the cloud. Our cloud environment is protected by intrusion detection and prevention systems with alerting and monitoring in place. We do not host or run our own routers, load balancers, DNS servers or physical servers. We use Amazon Web Services (AWS) and have no physical infrastructure or physical access to the servers themselves. Our production databases are on Amazon RDS and S3. AWS provides strong security measures to protect our infrastructure and are compliant with most certifications.
Eventlify has indefinite data retention by default to allow for compliance with an array of customer retention needs. Data is deleted immediately and securely upon request.
Users may request to have their data deleted at any time by writing to firstname.lastname@example.org. Please allow 30 days to process your request.
We back up all our critical assets and regularly run backup restores to guarantee fast recovery in case of disaster. All our backups are encrypted for data protection.
Eventlify has redundant data center zones in place with failover capabilities to ensure availability of services and data. Eventlify’s RTO is 8 hours and RPO is 24 hours, providing quick restoration of services in the event of an outage and minimal to no data loss.
We encourage everyone to practice responsible disclosure and comply with our policies and terms of service.
Please avoid automated testing and only perform security testing with your own data. Please do not disclose any information regarding the vulnerabilities until we fix them.
You can report vulnerabilities by contacting email@example.com. Please include a proof of concept. We will respond as quickly as possible to your submission and won’t take legal actions if you follow the rules.
Eventlify will accept findings for investigation concerning the below categories of vulnerabilities:
This program does NOT include:
Eventlify is a powerful all-in-one event management platform that offers innovative, easy-to-use donor management and fundraising solutions. Our cloud-based platform allows event organizers to optimize productivity, while increasing revenue and visibility.
© 2023 Eventlify, LLC. All Rights Reserved.
Use your preferred social account: