Privacy Policy

Last updated:

This Privacy Policy explains how the Event Application (“the App”) operated by ByteGenius LLC (“we”, “us”, “our”) collects, uses, and protects personal data. We comply with applicable data protection laws, including the GDPR where relevant. See also our Terms of Use.

1) Introduction

By using the App and related services (“Services”), you acknowledge that you have read and understood this Privacy Policy (“Policy”). This Policy applies to personal data you provide to us or that we collect through your use of the App.

2) Definition of Personal Data

“Personal data” means any information that directly or indirectly identifies an individual (e.g., email, identifiers, device data). We may also process non-identifiable information (aggregated, anonymized, or de-identified data), which is not considered personal data unless re-identifiable.

3) Scope (18+)

The App is intended for individuals aged 18 and older. By using the App, you confirm that you meet this requirement. The App is not directed to children.

4) Categories of Data Collected

  • Identification: Email for Magic Link authentication; display name.
  • Account & Content: Profile info, chat messages (text/voice), photos, videos.
  • Event: Programs/activities viewed or interacted with, RSVPs, notification read status.
  • Technical & Usage: Device type/OS, app version, IP, timestamps, navigation events, crash/error logs.
  • Location/Places: Weather & venue info via Google Places (if enabled).
  • Notifications: Push token (FCM) and preferences.

5) Purposes & Legal Bases

Purpose Examples Legal Basis
Access & Use of the App Authentication (Magic Link), viewing programs/activities Contract performance
Messaging & Media Chats, voice messages, sharing photos/videos Contract performance
Notifications Event reminders, push alerts (opt-out available) Legitimate interest
Event & Venue Information Places details, reviews, weather Legitimate interest
Support & Diagnostics Error/performance monitoring (Sentry), analytics Legitimate interest
Legal & Compliance Security, fraud prevention, lawful requests Legal obligation / Legitimate interest

6) Data Storage & Security

  • Supabase for authentication, real-time data, and storage (with RLS/access controls).
  • Firebase Cloud Messaging (FCM) for push notifications.
  • Google Places API for venue details and photos (where enabled).
  • Sentry for error/performance monitoring.
  • All transfers use encryption (HTTPS/TLS). Technical and organizational measures are applied to prevent unauthorized access.

7) Data Retention

Data Retention
AccountActive account + up to 30 days after deletion (legal/operational needs)
Messages / MediaUntil deleted by user or per organizer policy
Cache / PlacesApprox. 30 minutes – 3 days
LogsUp to 90 days

8) Sharing of Data

We share personal data only as needed with authorized personnel and event organizers, trusted service providers acting under appropriate terms, public authorities where required by law, and professional advisors where necessary. We do not sell personal data.

9) Sub-processors (Third-Party Providers)

  • Supabase — Auth/DB/Storage (EU/US)
  • Firebase Cloud Messaging — Push notifications (Global)
  • Google Places API — Venue details/photos (Global)
  • Sentry — Monitoring (EU/US)

10) International Transfers

Because our providers may operate globally, your data may be processed outside your country. Where required, we implement appropriate safeguards (e.g., standard contractual clauses) to protect your information.

11) Your Rights

Depending on your location, you may have rights to access, rectify, erase, restrict or object to processing, request portability, and withdraw consent when processing relies on consent. To exercise your rights, see “Contact”.

12) Regional Notices

GDPR (EEA/UK)

You have rights under GDPR including access, rectification, erasure, restriction, objection, and portability. We respond within 30 days.

CCPA/CPRA (California)

We do not sell or share personal information for cross-context behavioral advertising. California residents may request access or deletion as described below.

13) Data Subject Requests (DSR)

To submit a data request (access/export/delete), email contact@bytegenius.us with the subject “Data Request”. We verify identity via Magic Link or equivalent. We aim to respond within 30 days.

14) Security Measures

We implement reasonable technical and organizational safeguards. No system is 100% secure. In case of a data breach affecting your rights and freedoms, we will notify you and/or authorities as required by law.

15) Updates to this Policy

We may update this Policy to reflect changes in practices or legal requirements. The “Last updated” date indicates the latest version. Continued use of the App constitutes acceptance of the updated Policy.

16) Contact

ByteGenius LLC
30 N Gould St Ste N,
Sheridan, WY, 82801, US
Email: contact@bytegenius.us