VIVELO

Last updated · May 29, 2026

Privacy Policy

This policy explains what data VIVELO (operated by PERREO TECH, San Diego, California) collects, why, and how we protect it. It applies to vivelo.live and any related services (the “Service”).

1. What we collect

  • Account info — email, name, optionally phone number.
  • Order info — events you bought, ticket quantity, dollar amount.
  • Payment info — handled entirely by Square and Stripe. We never see or store your card number.
  • Technical data — IP address and user agent for fraud prevention.
  • Marketing preferences — your email/SMS opt-in/opt-out status. We honor unsubscribe requests immediately.
  • Door scans — timestamp and outcome (accepted/rejected) for entry analytics. No biometric data.

2. Why we collect it

To deliver tickets, prevent fraud, communicate about events you attend, manage event marketing for the organizers you bought from, and run our business. We do not sell your personal data.

3. Service providers we share data with

VIVELO uses the following third-party services. We share only the minimum data required for each:

  • Square — primary payment processing.
  • Stripe — backup payment processing and refunds.
  • Resend — transactional email (ticket confirmations, event updates).
  • Brevo — marketing email delivery for promoter campaigns.
  • Twilio — SMS delivery if you opt in.
  • Event organizers — only the data needed to admit you (name, ticket type, scan status). Not your card or contact info except where you specifically opted into the organizer's marketing.
  • Law enforcement — only when legally required.

4. Advertising platforms (custom audiences)

With your consent (granted by opting in to marketing communications when buying a ticket), event organizers may build custom audiences from their VIVELO contact list to retarget you with ads on:

  • Meta (Facebook + Instagram)
  • TikTok (TikTok For Business)
  • Snapchat (when integrated; not yet active)
  • Google Ads (when integrated; not yet active)

When this happens, your email address (and phone number if provided) is one-way hashed using SHA-256 before being sent to the ad platform. The ad platform uses these hashes to match you against their own user database. We never send unhashed personal data to ad platforms.

You can opt out of ad-platform targeting independently from any other marketing channel. The ad opt-out is a separate flag in our database — unsubscribing from email or SMS will notautomatically opt you out of ad audiences (and vice versa). To opt out of ad targeting specifically, email privacy@vivelo.livewith the subject line “Ad opt-out”. We mark you as opted-out within 1 business day, and your hashed identifiers are removed from existing ad-platform audiences within 30 days. To opt out of marketing email or SMS, click unsubscribe in any marketing email or reply STOP to any marketing SMS.

5. At-the-door age verification (ID scanning)

When you arrive at a 21+ event, venue staff may scan your government-issued ID using a VIVELO scanner. This practice is authorized under California Civil Code §1798.90.1 for age verification and the prevention of fraud, abuse, and material misrepresentation.

We extract only your age and a one-way cryptographic fingerprint of your ID. Your name, date of birth, address, and license number are processed in memory and immediately discarded — they are never stored in our database. The fingerprint cannot be reversed back to your identity even if our database were compromised, because it is salted with a server-side secret.

We retain the fingerprint for up to two years to:

  • Detect duplicate ticket scans across events (anti-resale fraud)
  • Enforce venue-level banned lists for safety
  • Defend against payment chargebacks where the ID at the door verifies attendance

We never sell, share, or use this fingerprint for marketing. To request deletion of your fingerprint records, email privacy@vivelo.live.

6. Cookies and similar technologies

VIVELO uses these cookies:

  • Session cookies for admin and customer login. Removed when you log out.
  • OAuth state cookies (10-minute expiry) when you connect VIVELO to a third-party service like TikTok or Spotify.
  • Cart cookies for in-progress orders. Cleared after checkout.

We do not use third-party advertising pixels or cross-site tracking analytics. Embedded widgets from third parties (e.g. Square checkout, ticket scan PWA) may set their own cookies subject to their privacy policies.

7. Your rights

Depending on where you live, you may have the right to access, correct, port, or delete your personal data, and to object to or restrict certain processing. To exercise any of these rights, email privacy@vivelo.live. We respond within 30 days. Note: completed orders may be retained for accounting and legal reasons even after account deletion.

California residents have specific rights under the CCPA. We do not sell your personal data and have not done so in the past 12 months.

8. Data retention

  • Order records — retained for 7 years for tax and audit purposes.
  • Marketing preferences — retained until you withdraw consent or delete your account.
  • Door scan logs — retained for 90 days.
  • OAuth tokens for connected ad platforms — retained until disconnected by the account holder.

9. Security

We use industry-standard encryption in transit (HTTPS/TLS) and at rest. Admin tokens are stored as hashed values. Database access is restricted to localhost. We monitor for unauthorized access and will notify affected users in the event of a breach as required by applicable law.

10. International data transfers

VIVELO is operated from the United States. If you access the Service from outside the US, your data will be transferred to and processed in the US. By using the Service, you consent to this transfer.

11. Children

The Service is not intended for users under 13. Many of our events are 21+; the venue verifies age at entry. We do not knowingly collect data from children under 13.

12. Changes to this policy

We may update this policy occasionally. Material changes will be announced via email to active users at least 30 days in advance. The “Last updated” date at the top reflects the most recent revision.

13. Contact

For privacy questions or to exercise your rights, email privacy@vivelo.live.

VIVELO is operated by PERREO TECH, San Diego, California, USA.