Editorial event companions // Conferences, seminars, conventions, retreats // Built for rooms where the trip has to be worth itEditorial event companions // Built for rooms that matter
/Simpli-FIEvents
Privacy · plain English

What we collect. Why we collect it. What we do with it.

We handle data the way we would want our own data handled. Last updated June 2026.

01

Who we are

Simpli-FI Events is operated by Simpli-FI OS LLC, a Texas limited liability company. Reach us at events@simpli-fi-os.com.

02

What we collect from prospective customers

When you submit the lead-intake form at /get-started, we collect the fields you fill in: name, email, organization, role, event size, events per year, next event date, current event app vendor, pain points, decision-maker status, decision factors, and any referral organization or referrer contact email you choose to provide. We store that record in a Supabase database owned by Simpli-FI OS LLC, use it to respond to your request, scope a possible event project, manage any referral credit, and notify our team by email so we can usually reply by the next business day.

When you submit the Beautiful Histories Travel Desk form at /travel, we collect the fields you choose to provide about your role, business-travel rhythm, rough monthly spend band, point programs, point-balance range, destination, travel window, trip purpose, cultural interests, and consent preferences. We use that record to create an internal handoff packet for Beautiful Histories. Do not submit card numbers, bank logins, passport files, dates of birth, account screenshots, or other sensitive financial or travel documents through this form.

03

What we collect from site visitors

We log standard request metadata at the edge (IP, user agent, referrer, path) for security and rate-limiting. If Vercel Web Analytics is enabled, we use it in privacy-first mode; it does not set cookies or track individual visitors across sites. We do not run third-party advertising trackers.

Lead-intake rate-limit keys are kept only to slow abusive or accidental repeated submissions. They reset after about ten minutes, and stale keys are deleted by the rate-limit service as new intake requests are processed.

When you interact with the feedback survey at /feedback, the page records a per-tab session identifier, the user agent string, the page referrer, and the in-page event you triggered (such as “step viewed” or “submission attempted”) into a Supabase analytics table owned by Simpli-FI OS LLC. The session identifier is created in your browser, lives only in your tab, and resets when you close the tab. We use this signal to make the survey work and to learn which steps lose people. We do not link it to your account or to third-party advertising profiles.

04

What we collect from event attendees

When a customer runs an event on our platform, the attendee data we handle is the data their organization has chosen to provide. This typically includes name, registration email, organization, role, and optional photo for digital badges. Sponsor lead retrieval is opt-in per attendee scan. We do not share attendee data across tenants. We do not sell attendee data to anyone, ever.

05

Live engagement, profiles, and sponsor exports

Live polling, Q and A, QR networking, attendee profiles, sponsor lead retrieval, room feedback, and message preferences may collect the choices, scans, comments, profile fields, device installation IDs, timestamps, and event context needed to provide the feature. Sponsor lead data is shared only when an attendee affirmatively scans, opts in, or otherwise consents through the event flow.

Badge scans and QR networking may collect contact information from the scanned event profile or badge, such as name, email, phone number, organization, title, profile link, event profile ID, and any optional contact method the attendee chose to publish. A scan record can also include the scanned QR or badge value, barcode type, scan kind, scanner role, timestamp, event, and device installation ID. We use that contact information for event networking, sponsor or exhibitor lead capture, contact exchange, check-in, organizer reporting, security, support, and follow-up requested through the scan.

Authorized dashboard users may view scan totals and export captured leads, contacts, and check-ins as CSV files for the event. When an attendee chooses a sponsor, exhibitor, check-in, or contact-exchange scan, the scan record may be shared with the event organizer and the sponsor, exhibitor, staff member, or participant who performed or received the scan. These records are linked to the event context and scan action, are not sold, and are not used for third-party advertising or tracking.

06

Voice, recordings, and local drafts

Voice memos or recording-related features are enabled only when an event contract and on-screen consent flow allow them. If enabled, we store the recording, transcript, related metadata, and retention status needed for the customer workflow. Some review and feedback tools also save local browser drafts in localStorage so a user can resume their own unsent notes.

07

Images, venue media, and references

Venue and city images are used as editorial references, not as endorsements unless a venue expressly agrees otherwise. We track source, permission status, credit requirements, approval notes, media-kit links, and audit dates for public venue imagery.

08

Where the data lives

Lead-form data, Beautiful Histories partner referral data, and customer event data are stored in Supabase Postgres instances under Simpli-FI OS LLC or in customer-owned projects that we operate for the customer under the signed order form. Production regions are selected for the customer use case when we provision the project. Hosting, transactional email, push-notification delivery, security logs, backups, and other subprocessors may process the limited data needed to provide those services under their own security, subprocessor, and data-processing terms. We use database and application access controls to limit customer event data to authorized workflows.

09

Who we share data with

We share lead-form data only with the subprocessors required to operate the site: Vercel for hosting, Supabase for storage, Resend for transactional email. A signed Data Processing Addendum with Resend is on file as of 2026-05-21 and covers EU SCCs and the UK Addendum. If you submit the Beautiful Histories Travel Desk form and consent to handoff, we share the request with Beautiful Histories so Shelli or the team can review and follow up. We use subprocessors under their published or signed security, subprocessor, and data-processing terms. We do not sell data. We do not share data with advertisers, data brokers, or third-party advertising networks.

Event data is shared with the customer organization that runs the event and with the staff, sponsors, exhibitors, speakers, or attendees authorized for the workflow. For example, a sponsor lead scan can be made available to that sponsor and the organizer, while anonymous session feedback is reported only as session-level response data. Apple, Google, Expo, and push-notification services may process the app binary, notification tokens, or delivery metadata needed to distribute the app or deliver alerts; they do not receive attendee records from us for advertising.

For internal venue intelligence and provider research used in customer engagements, we may use Firecrawl as a research subprocessor to fetch publicly available pages from venue and association websites. Lead-form data, attendee data, and customer event data are never sent to Firecrawl. Each Firecrawl call is recorded in an internal audit log with the requested URL, the allowlist decision, and the credits consumed.

10

How long we keep it

Lead-form and Beautiful Histories partner-referral records are kept for 36 months from last contact, then deleted or archived with limited internal access for ordinary business recordkeeping for up to 7 years. Closed-lost leads are kept 12 months for win-back outreach, then deleted or archived under the same limit. Referral contact data follows the same schedule unless a credit is issued, in which case the credit record is retained while the credit is active and for ordinary business recordkeeping after it expires. Deleted records may remain in provider backups until those backups expire under the provider’s normal backup schedule. Customer event data is retained for the term of the contract plus 90 days, then exported to the customer and deleted or archived according to the signed order form. Badge scan and contact-exchange records follow that customer event-data schedule unless the event contract requires a shorter period.

11

Security

We use HTTPS in transit, provider-managed encryption at rest, access controls, environment-scoped secrets, audit-oriented logging, and private storage for customer event data. No system is perfectly secure, so we keep access limited to the people and services that need it to operate the event, support the customer, satisfy legal obligations, or investigate abuse.

12

Your rights

You can ask us what we have, ask us to correct it, ask us to delete it, or ask for a copy in machine-readable form. Email events@simpli-fi-os.com with the subject line “Privacy request” and we will usually confirm within 5 business days. For event badge-scan or contact-exchange records, include the event name and the contact information you used at the event so we or the organizer can locate the record. Anonymous session ratings do not carry a name, email, or device identifier, so they cannot be located or deleted by person after submission.

Where state privacy laws apply, you may also ask to opt out of sale, sharing for targeted advertising, or significant profiling, and you may appeal if we deny a request. We do not currently sell personal data, share personal data for cross-context targeted advertising, or use app data for significant profiling. If that changes, we will update this notice and add the required opt-out path before using data that way.

13

Children

This is a B2B platform. We do not knowingly collect data from anyone under 18. If you believe a child has submitted information to us, contact events@simpli-fi-os.com and we will remove it.

14

Changes

When we update this notice, we change the “last updated” date at the top. Material changes are emailed to active customers and posted to the home page for 30 days.