Privacy Policy
Last updated: 20 April 2026
1. Who We Are
V2Events is operated by Version 2 Events Ltd, a private limited company registered in England and Wales (company number 17150252), with its registered office at 6 Babylon Grove, Milton Keynes, United Kingdom, MK4 4GH.
Version 2 Events Ltd is the data controller for the personal data processed through the V2Events platform. This means we determine the purposes and means of processing your personal data.
We have not appointed a Data Protection Officer (DPO) as we do not meet the thresholds requiring one under UK GDPR Article 37. For any data protection queries, please contact us at support@v2events.uk.
2. What Data We Collect
We collect and process the following categories of personal data:
2.1 Ticket Buyers
- Full name and email address (obtained from your Clerk account at checkout)
- Payment reference data (Stripe session ID, payment intent ID, customer ID)
- Amount paid and transaction details
- Refund request history and reasons (where applicable)
2.2 Partner / Event Organisers
- Organisation name and contact name
- Email address and phone number
- Social media handles (Instagram, Twitter/X) and website URL
- Stripe Connect account information (account ID, onboarding status)
- Event listing data (titles, descriptions, venue details, images)
2.3 Followers
- Name and email address
- Notification preferences (new events, reminders)
- Organiser follow relationships
2.4 Event Staff
- Email address
- Role assignments (linked to specific events)
2.5 Reps (Affiliates)
- Name and email address (via Clerk account)
- Rep codes and referral links
- Commission earnings and payout records
- Stripe payment details (for commission payouts)
2.6 All Users (via Authentication)
- Account information managed by our authentication provider, Clerk (name, email, session data, sign-in method)
2.7 Automatically Collected Data
- IP addresses (used for rate limiting and security; not stored permanently)
- Performance and web vitals data (via Vercel SpeedInsights — see our Cookie Policy for details)
3. How We Use Your Data
We use your personal data for the following purposes:
| Purpose | Lawful Basis (UK GDPR) |
|---|---|
| Processing ticket purchases and sending confirmation emails | Contract performance (Art. 6(1)(b)) |
| Processing partner applications and managing partner accounts | Contract performance (Art. 6(1)(b)) |
| Processing refund requests | Contract performance (Art. 6(1)(b)) |
| Processing rep commissions and payout records | Contract performance (Art. 6(1)(b)) |
| Sharing buyer data (name, email) with event organisers for guest list management and event entry | Contract performance (Art. 6(1)(b)) and Legitimate interests (Art. 6(1)(f)) |
| Sending event reminder and notification emails to followers | Consent (Art. 6(1)(a)) |
| Rate limiting, fraud prevention, and platform security | Legitimate interests (Art. 6(1)(f)) |
| Website performance analytics (Vercel SpeedInsights) | Legitimate interests (Art. 6(1)(f)) — see Cookie Policy for details on the PECR exemption |
| Complying with legal obligations (e.g. HMRC record-keeping, responding to lawful requests) | Legal obligation (Art. 6(1)(c)) |
4. Why We Need Your Data
The provision of certain personal data is a contractual requirement necessary to use the Platform:
- Name and email address are required to purchase or claim tickets. Without this information, we cannot issue tickets or send confirmations.
- Organisation and contact details are required for Partner applications. Without this information, we cannot assess or approve your application.
- Stripe account details are required for Partners and Reps to receive payouts. Without completing Stripe onboarding, payouts cannot be processed.
Where we rely on consent (e.g. follower notifications), you are free to withdraw consent at any time without any negative consequences, other than no longer receiving the relevant communications.
5. Who We Share Your Data With
We share your data with the following categories of recipients:
5.1 Event Organisers (Partners)
When you purchase a ticket, your name and email address are shared with the event organiser for the purpose of guest list management and event entry. The organiser is a separate data controller for the data they receive about their attendees.
5.2 Third-Party Service Providers
We use the following trusted third-party data processors:
- Stripe — Payment processing and payouts. Stripe processes your payment card details directly; V2E never sees or stores your full card number. See Stripe's Privacy Policy.
- Clerk — Authentication and user account management. See Clerk's Privacy Policy.
- Resend — Transactional email delivery (ticket confirmations, notifications, refund communications). See Resend's Privacy Policy.
- Supabase — Database hosting and storage. See Supabase's Privacy Policy.
- Vercel — Website hosting and performance analytics. See Vercel's Privacy Policy.
We do not sell your personal data to any third party. We only share data with the processors listed above for the specific purposes described.
6. International Data Transfers
Several of our third-party service providers (Stripe, Clerk, Resend, Supabase, Vercel) are based in the United States and may process your data outside the United Kingdom. Where personal data is transferred outside the UK, we ensure that appropriate safeguards are in place:
- UK-US Data Bridge: Where our US-based providers have self-certified under the UK Extension to the EU-US Data Privacy Framework (the "UK-US Data Bridge"), transfers are permitted without additional safeguards.
- International Data Transfer Agreement (IDTA): Where the UK-US Data Bridge does not apply, we rely on the UK International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses, as approved by the Information Commissioner's Office.
- Adequacy decisions: We may also transfer data to countries that the UK Government has recognised as providing an adequate level of data protection.
7. Data Retention
We retain your personal data for the following periods:
- Ticket and transaction data: 6 years after the event date (to comply with HMRC record-keeping requirements under the Taxes Management Act 1970), then deleted.
- Partner account data: Until you request account deletion, subject to any legal obligation to retain records.
- Rejected partner applications: 6 months, then deleted.
- Follower data: Until you unfollow the organiser or request deletion.
- Rep data: For the duration of the rep relationship, plus 6 years for financial records.
- Refund request records: 6 years after the event date (for legal and financial record-keeping).
- Support ticket data: 2 years after the ticket is resolved, then deleted.
8. Your Rights
Under UK GDPR, you have the following rights regarding your personal data:
- Right of access — Request a copy of the data we hold about you.
- Right to rectification — Request correction of inaccurate data.
- Right to erasure — Request deletion of your data (subject to legal obligations, e.g. we must retain financial records for 6 years).
- Right to restrict processing — Request that we limit how we use your data.
- Right to data portability — Request your data in a structured, commonly used, machine-readable format (applies to data processed by automated means on the basis of consent or contract).
- Right to object — Object to processing based on legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds.
- Right to withdraw consent — Where processing is based on consent (e.g. follower notifications), you can withdraw at any time via the unsubscribe link in our emails or by contacting us. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
To exercise any of these rights, please email support@v2events.uk. We will respond within one calendar month. In complex cases, we may extend this by a further two months, and we will inform you of any extension within the first month.
There is no fee for exercising your rights in most cases. We may charge a reasonable fee or refuse the request if it is manifestly unfounded or excessive.
9. Automated Decision-Making
V2E does not make any decisions based solely on automated processing (including profiling) that produce legal effects or similarly significantly affect you. Dynamic pricing features on the Platform are controlled by event organisers manually and are not automated profiling.
10. Children's Data
V2Events is intended for users aged 16 and over. We do not knowingly collect personal data from anyone under the age of 16. If you believe we have collected data from a child under 16, please contact us immediately at support@v2events.uk and we will delete the data promptly.
11. Cookies
We use essential cookies for authentication and analytics technologies for website performance monitoring. For full details, including information about the specific technologies used and how to manage your preferences, please see our Cookie Policy.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. Where changes are material (e.g. changes to what data we collect or how we use it), we will notify you by email or a prominent notice on the Platform. We encourage you to review this page periodically.
13. Complaints
If you are unhappy with how we handle your personal data, please contact us first at support@v2events.uk so we can try to resolve your concern.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection:
- Website: ico.org.uk/make-a-complaint
- Telephone: 0303 123 1113
- Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF