1. Security
EVENTY security is built around invite validation, guest sessions where appropriate, private storage, secure upload and download links, role checks, audit logs, request limits, and clear separation between public pages and private event albums.
2. Public and private boundaries
Public pages explain EVENTY, support, pricing, privacy, legal terms, security, and data deletion. Private albums are reached by invite, and organizer actions such as purchases, people, downloads, role management, review, and full event settings stay in the mobile app.
3. Access controls
Private media should not be exposed through open storage URLs. Uploads and downloads should use signed access, event membership checks, package checks, role-aware controls, expiring links, and event-scoped permissions.
4. Storage and transfer safeguards
EVENTY uses private storage architecture, HTTPS transport, signed media access, invite expiration and revocation, upload-window checks, browser-origin handling, request limits, and separation between public marketing routes and private event routes. Raw invite tokens should not be stored as durable public identifiers.
5. Operational monitoring
Operational safeguards include logged service activity, diagnostics for crashes and failed uploads, abuse reporting, account/session invalidation, provider monitoring, and recovery routes when an invite cannot be opened. Logs should be limited to what is needed for reliability, safety, and security review.
6. Reporting issues
Report suspected unauthorized access, exposed private media, abusive uploads, impersonation, account takeover, payment entitlement abuse, or platform misuse with the event context and enough detail to reproduce or locate the issue. EVENTY may restrict invites, uploads, accounts, downloads, or event access while reviewing a report.
7. Security limits
No internet service can guarantee perfect security or uninterrupted availability. Users should protect their email accounts, device passcodes, QR materials, invite links, and downloaded ZIP files. Organizers should rotate or revoke invites if a QR code or link is shared outside the intended guest group.
8. Contact
This page is written for the current EVENTY product model and public website scope. For legal, privacy, security, deletion, or abuse requests, email EVENTY with the event title, invite code when available, the account email or guest display name used in the flow, and enough detail for the team to find the right album.
