Our Commitment to Your Privacy
EventYield is built for business owners who handle sensitive financial data every day. The short version of this policy:
This Privacy Policy describes how The Soda Well LLC, doing business as EventYield ("EventYield," "we," "us," or "our"), collects, uses, stores, and shares information when you use the EventYield mobile application, website located at eventyield.live, and all related services (collectively, the "Service").
Contact information for privacy matters:
EventYield (operated by The Soda Well LLC)
Email: support@eventyield.live
Website: eventyield.live
For privacy-specific inquiries, include "Privacy Request" in the subject line of your email.
This Privacy Policy applies to all users of the EventYield mobile application on iOS and Android, all visitors to eventyield.live, and all persons who communicate with EventYield by email or other means.
This Privacy Policy does not apply to third-party services that EventYield integrates with, including Square, Clover, Google Calendar, Microsoft Outlook, or Stripe. Your use of those services is governed by their own privacy policies.
This Service is intended for use by residents of the United States only.
When you connect your point-of-sale system or calendar application to EventYield, we access and process data that originates from those third-party systems — your sales transactions, event records, client names, and location information.
With respect to this third-party sourced data, EventYield acts as a data processor. This means:
Account information: Email address, password (stored as a cryptographic hash), business name, vendor type, city and state of operation, home base address (used to calculate travel distances), and phone number (optional).
Business profile information: Event names, dates, times, and locations; client names and contact information; guest count estimates; event notes; quoted amounts and actual revenue figures; event fees and revenue split percentages; hours worked preferences.
Payment information: Credit or debit card information submitted during subscription signup. Your payment card details are processed and stored by Stripe, Inc. EventYield does not store your full card number, CVV, or other sensitive payment card data.
From Square and Clover (point-of-sale systems):
We do not import or store your Square or Clover banking information, processing fee details, full customer payment card data, or employee identifiers.
From Google Calendar and Microsoft Outlook:
We do not import or store email messages, contacts outside the context of calendar events, files or attachments, or unrelated calendar events.
Analytics data: Location performance calculations, event type performance calculations, revenue trend data, forecast models, and item performance data derived from your historical data.
Usage and technical data: Session information, IP address at time of login (for security audit logging), and timestamps of significant account actions.
Consent records: The date, time, IP address, and version of each document you accepted (Terms of Service, Privacy Policy, Forecast Disclaimer).
EventYield does not collect: Social Security numbers, precise real-time GPS location data, microphone/camera/photo library data, data from your device's contacts, behavioral tracking data for advertising, or biometric data (Face ID and fingerprint authentication are handled entirely by your device's operating system).
EventYield uses the data we collect exclusively to provide the Service (authentication, data storage, analytics, forecasting, transaction matching), operate your account (payments, transactional emails, push notifications, support), and maintain security (unauthorized access detection, audit logging, fraud prevention).
We do not use your data for: Advertising or marketing to third parties, building advertising profiles, training machine learning models beyond your individual forecasts, selling or licensing to data brokers, or any purpose not described in this Privacy Policy.
EventYield does not sell your data. EventYield does not share your data with third parties for their own marketing or advertising purposes.
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase, Inc. | Database hosting and authentication | All user and business data |
| Stripe, Inc. | Payment processing | Email, subscription details, payment method |
| Expo | Mobile app platform, push notifications | Device push tokens |
| Railway Corp. | Backend server hosting | Data processed during operation |
| Google LLC | Maps and distance calculation | Event addresses for geocoding |
EventYield may disclose your data if required by law, including in response to court orders, subpoenas, or lawful government requests. Where permitted by law, we will notify you before complying.
If EventYield is involved in a merger, acquisition, or sale of assets, your data may be transferred. We will notify you by email and in-app before any transfer. You will have the opportunity to delete your account before the transfer.
Your data is stored on servers operated by Supabase, Inc. in the United States.
Encryption: All data in transit is encrypted using TLS. Third-party integration credentials are encrypted using AES-256. Passwords are stored as cryptographic hashes using bcrypt.
Access controls: Row-Level Security policies ensure each user can only access their own data. Administrative access is logged and audited.
Session security: Session tokens are stored in your device's Secure Enclave (iOS) or equivalent secure storage. Sessions expire after thirty (30) minutes of inactivity.
No security system is impenetrable. If we become aware of a security breach affecting your data, we will notify you as required by applicable law. If you believe your account has been compromised, contact us at support@eventyield.live.
During active subscription: We retain your data for as long as your subscription is active.
Upon subscription end: Within twenty-four (24) hours, we permanently delete all data associated with your account including your profile, events, transactions, analytics, integration credentials, and audit logs. This deletion is permanent and cannot be recovered.
After deletion: We retain only minimal billing records (payment dates, amounts, Stripe customer ID) for tax compliance purposes (typically seven years).
If you are a California resident, you have additional rights under the CCPA/CPRA including the right to know what information we collect, the right to delete, the right to correct, and the right to opt out of sale or sharing. EventYield does not sell or share your personal information for cross-context behavioral advertising.
To exercise your California privacy rights, contact us at support@eventyield.live with the subject line "CCPA Rights Request." We will respond within forty-five (45) days.
Residents of Virginia, Colorado, Connecticut, Texas, and other states with comprehensive privacy laws have similar rights. EventYield extends access, correction, deletion, and portability rights to all users regardless of state of residence.
The Service is not directed to children under the age of 18. EventYield does not knowingly collect personal information from children under 18. If you believe a child has provided information to EventYield, contact us immediately at support@eventyield.live.
When you connect a third-party service to EventYield, that service's privacy policy governs data stored with that service. EventYield's privacy policy governs only the data we import and store.
Push notifications are delivered through the Expo Push Notification Service. The device token used is solely for routing notifications and is not used for tracking or advertising. You may manage preferences through your device settings or within the app.
EventYield does not use Google Analytics, Meta Pixel, or any third-party behavioral analytics tools. EventYield does not track your activity across other websites or applications.
The EventYield mobile application does not use advertising cookies or cross-site tracking technologies.
Because EventYield does not engage in cross-site behavioral tracking, Do Not Track signals do not change how EventYield operates.
In the event of a data breach affecting your personal information, EventYield will notify affected users via email within the time period required by applicable state breach notification laws.
When we make material changes, we will update the "Last Updated" date, increment the version number, notify you through an in-app notice, and require your agreement before you may continue using the Service.
If you have questions about this Privacy Policy, your data, or EventYield's privacy practices:
EventYield (operated by The Soda Well LLC)
Email: support@eventyield.live
Website: eventyield.live/privacy
For privacy requests, include "Privacy Request" in the subject line.
For CCPA-specific requests, include "CCPA Rights Request" in the subject line.
For data breach reports, include "Security Concern" in the subject line.
We aim to respond to all privacy inquiries within five (5) business days.