Privacy Policy

TeensGate (“we,” “us,” or “our”) operates EventPass, a digital event ticketing and management platform accessible via web and mobile applications (collectively, the “Platform”). This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use EventPass.

By creating an account, purchasing a ticket, or otherwise using the Platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of the Platform.

2.1 Information You Provide Directly

• Identity data: Full name, email address, phone number
• Account credentials: Passwords (stored in hashed, non-reversible form)
• Transaction data: Ticket purchases, payment references, order history
• Support data: Messages, complaints, and correspondence submitted through our support channels

2.2 Information Collected Automatically

• Device and usage data: IP address, browser type and version, operating system, referring URLs, pages visited, and timestamps
• Authentication logs: OTP request records, login attempts, session tokens
• Performance data: Error logs, response times, and system diagnostics used to maintain platform stability

2.3 Information from Third Parties

We may receive limited data from payment processors (such as transaction status and reference numbers) to verify and reconcile purchases. We do not receive full card details from any payment provider.

We process your personal data only for the following purposes, each supported by a lawful basis:

We do not sell your personal data. We do not use your data for advertising or marketing without your explicit consent.

To deliver our services, we engage trusted third-party processors who handle data strictly on our behalf and under contractual data protection obligations. These include:

• SendGrid (Twilio) — Transactional email delivery (ticket confirmations, OTPs, notifications)
• Arkesel / Twilio — SMS delivery for OTP authentication and ticket notifications
• Paystack — Payment processing and transaction verification for ticket purchases
• Cloudflare R2 — Secure cloud object storage for event assets and generated files
• Render / AWS — Cloud hosting infrastructure for application servers and databases

Each of these providers operates under their own privacy and security standards. We do not authorize any third party to use your data for their own independent purposes.

We do not sell, rent, or trade your personal information. We may disclose your data only in the following circumstances:

• Service delivery: To the third-party processors listed in Section 4, solely to perform services on our behalf
• Event organizers: Limited attendee data (name, ticket reference) may be shared with the organizer of an event you purchased a ticket for, solely for attendance verification
• Legal compliance: Where required by applicable law, court order, or governmental authority
• Safety and fraud prevention: Where disclosure is necessary to protect the rights, property, or safety of TeensGate, our users, or the public
• Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the successor entity, subject to equivalent privacy protections

Regardless of your location, we respect the following rights with respect to your personal data:

• Right to access: You may request a copy of the personal data we hold about you
• Right to rectification: You may request correction of inaccurate or incomplete data
• Right to erasure: You may request deletion of your account and associated personal data, subject to legal retention obligations
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time
• Right to data portability: You may request your data in a structured, machine-readable format
• Right to object: You may object to processing based on legitimate interests where your individual circumstances warrant it

To exercise any of these rights, contact us at support@teensgate.com. We will respond within 30 days. We may need to verify your identity before processing your request.

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Active accounts: Data is retained for the duration of your account
• Transaction records: Retained for a minimum of 5 years to comply with financial and legal obligations
• Support records: Retained for up to 2 years following resolution of a case
• Security and fraud logs: Retained for up to 12 months, or longer where an active investigation requires it
• Deleted accounts: Personal data is purged within 30 days of account deletion, except where retention is required by law

Anonymised or aggregated data that cannot identify you may be retained indefinitely for analytical purposes.

We implement industry-standard technical and organisational measures to protect your personal data, including:

• Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS (HTTPS)
• Encryption at rest: Sensitive data stored in our databases is encrypted at the storage level
• Password security: Passwords are hashed using a strong one-way algorithm and are never stored in plain text
• Access controls: Access to personal data is restricted to authorised personnel on a need-to-know basis
• Monitoring: We maintain audit logs and automated monitoring systems to detect and respond to unauthorised access
• OTP expiry: One-time passwords expire within a short window and are invalidated after use

No method of transmission or storage is 100% secure. In the event of a data breach that poses a risk to your rights, we will notify affected users as required by applicable law.

EventPass uses cookies and similar technologies to operate and improve the Platform.

9.1 What We Use Cookies For

• Essential cookies: Required for authentication, session management, and core platform functionality. These cannot be disabled without affecting service operation.
• Analytics cookies: Used to understand how users interact with the Platform. This data is aggregated and does not identify you personally.

9.2 Managing Cookies

You can control or disable non-essential cookies through your browser settings. Note that disabling essential cookies may prevent you from logging in or using core features of the Platform. We do not use cookies for advertising or cross-site tracking.

EventPass is not intended for use by individuals under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at support@teensgate.com and we will promptly delete that data.

Users between the ages of 13 and 18 should use the Platform only with the knowledge and consent of a parent or legal guardian.

TeensGate is based in Accra, Ghana. Some of our third-party service providers operate servers in other countries, including the United States and the European Union. When your data is transferred internationally, we ensure that appropriate safeguards are in place, including contractual data protection clauses with our service providers, consistent with applicable privacy standards.

The Platform may contain links to external websites or services not operated by TeensGate. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any external services you visit.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the “Last Updated” date at the top of this document and, where appropriate, notify you via email or an in-app notice.

Your continued use of the Platform after any update constitutes your acceptance of the revised policy. If you do not agree with the updated policy, you should discontinue use and may request deletion of your account.

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us: