Your data. EU servers.
No compromises.
Eventyca is built by a Croatian company, hosted on EU infrastructure, and designed to meet GDPR requirements from the ground up — not as an afterthought.
EU infrastructure only
Eventyca runs on Supabase's EU (Frankfurt) region. Your data — events, contacts, financials, audience lists — is stored exclusively on European servers operated under EU data protection law. We do not use US-based services for any data storage.
Built for GDPR from day one
Most software treats GDPR compliance as a legal checkbox bolted on at the end. We built Eventyca in the EU, for EU businesses, with GDPR in mind from the first line of code. Every data flow, every consent mechanism, and every data retention policy was designed to comply.
After the Schrems II ruling, using US-hosted tools for EU audience data carries real legal risk. With Eventyca, your subscriber lists, contact data, and financial records never leave European servers.
Data residency
All data stored in Supabase EU region (Frankfurt). Never transferred outside the EU.
Right to erasure
Audience members can be deleted on request, complying with GDPR Article 17 right to erasure.
Consent tracking
Email opt-in status tracked per audience member. Unsubscribes processed automatically.
Data Processing Agreement
A full DPA is available for organisations that require one. Email us to request.
How we protect your data
HTTPS everywhere
All traffic encrypted in transit with TLS. No unencrypted connections.
Row-level security
Every database row is protected by RLS policies. Organisation data is completely isolated — one tenant cannot access another's data.
Encrypted at rest
All data encrypted at rest using AES-256. Database backups are also encrypted.
Access controls
Role-based permissions (Admin / Member) control what each team member can view or edit.
Continuous backups
Automated daily backups with point-in-time recovery. Your data is never at risk of permanent loss.
Data we hold and why
Organisation data
Company name, address, billing info. Required to operate your account and issue invoices.
Event data
Shows, costs, revenues, artist bookings. This is the core of your Eventyca workspace.
Contacts
Professional contacts (agents, vendors, staff). Stored securely, visible only to your organisation.
Audience data
Ticket buyer emails and profiles imported from your ticketing platform. Used only for campaigns you initiate.
Questions about security?
Contact us at info@eventyca.com — we respond within one business day.
Contact us