Privacy Policy

Effective Date: INSERT_EFFECTIVE_DATE
Last Updated: INSERT_LAST_UPDATED_DATE

Outsiide is committed to protecting your privacy and handling your personal information in a transparent and lawful manner. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the Platform.

This Policy is designed to align with:

• PIPEDA (Canada)
• GDPR (EU/EEA/UK)
• CCPA/CPRA (California, where applicable)

1. Information We Collect

1.1 Information You Provide Directly

• Name, email address, password
• Profile information (photo, bio, location, interests)
• Host information (business name, address, contact details)
• Event/content details (titles, descriptions, images, tags, capacities)
• RSVPs, messages, reports/complaints, and support communications

1.2 Information Collected Automatically

• Device information (model, OS version, unique device identifiers)
• IP address and general location
• Log data (pages viewed, app screens, actions taken, timestamps)
• App interaction data (e.g., RSVPs, likes, check-ins, profile updates)
• Crash logs and performance metrics

1.3 Location Data

• With your permission, we collect approximate or precise location to provide features such as “Live” and local discovery
• You may disable location at the OS level, though some features may be limited

1.4 Third-Party Data

We may receive information from:

• Google Maps / Places APIs (e.g., venue details, opening hours, coordinates)
• Payment processors (e.g., payment status)
• Authentication providers (if social login is enabled in the future)

2. How We Use Your Information

We use your information to:

• Create and manage your account and profile
• Authenticate you and secure your login sessions (including verification codes)
• Display personalized feeds (For You, Following, Happening Now)
• Allow Hosts to create and manage events, experiences, and capacities
• Process RSVPs, track ticket allocation, and record check-ins
• Show synced RSVPs and profile data across your devices
• Operate reporting and complaint workflows (User → Admin → Host if necessary)
• Provide analytics dashboards (aggregate statistics) to Hosts and admins
• Improve and optimize Platform performance and user experience
• Comply with legal requests and enforce our Terms and Conditions

3. Legal Bases for Processing (GDPR)

Where GDPR applies, we process personal data under the following legal bases:

• Contractual necessity (e.g., creating your account, processing RSVPs)
• Legitimate interests (e.g., fraud prevention, security, analytics, platform improvement)
• Consent (e.g., location data, certain marketing communications)
• Legal obligation (e.g., responding to lawful requests or court orders)

4. Sharing & Disclosure of Data

We may share personal data with:

• Service providers (hosting, analytics, payment processing, messaging)
• Hosts, in limited contexts (e.g., attendee lists, RSVP/check-in status for their events)
• Authorities, where required by law or necessary to protect rights, safety, or property

We may share aggregated or anonymized data that does not identify individuals for analytics, research, or marketing.

We do not sell your personal information in the conventional sense. If laws define “sale” broadly (e.g., CCPA), we will provide appropriate opt-outs where required.

5. Cookies & Tracking

Our app and website may use cookies or similar technologies to:

• Maintain sessions
• Remember preferences
• Measure usage and performance

You can manage cookies via your browser settings where applicable.

6. Data Retention

We retain personal data:

• For as long as your account is active
• As needed to provide the Platform
• As required for legal, accounting, or reporting obligations (e.g., past events, complaints)

Event data (including archived events, RSVPs, check-ins) and complaint history may be kept for record-keeping, security, and analytics, even after events are over.

When data is no longer needed, we will delete or anonymize it.

7. Your Rights

Depending on your jurisdiction, you may have rights to:

• Access your personal data
• Correct or update inaccurate data
• Delete certain data (“right to be forgotten”)
• Object or restrict certain processing
• Data portability (exporting your data)
• Withdraw consent for consent-based processing
• Lodge a complaint with a supervisory authority

To exercise rights, contact: privacy@outsiide.ca

We may take steps to verify your identity before fulfilling requests.

8. Children’s Privacy

Outsiide is not intended for children under 13. We do not knowingly collect personal data from children under 13. If we learn that a child under 13 has provided information, we will delete it.

9. Data Security

We implement technical and organizational measures to protect your data, including:

• Encryption in transit where appropriate
• Access controls and authentication
• Monitoring and logging for security events

However, no system is completely secure. You use the Platform at your own risk.

10. International Data Transfers

Your data may be stored or processed in countries outside your own, including Canada, the U.S., and the EU.

Where required, we use safeguards such as:

• Standard Contractual Clauses
• Data Processing Agreements
• Other legally recognized transfer mechanisms

11. Changes to This Privacy Policy

We may update this Policy from time to time. Material changes will be notified in the app or by email where appropriate. Continued use of the Platform after changes means you accept the updated Policy.

12. Contact

If you have questions or concerns about these Terms or this Policy, or wish to exercise your rights, contact:

Outsiide Inc.
Email: privacy@outsiide.ca
INSERT_PHYSICAL_ADDRESS

13. Payment Information (PCI-DSS Compliant)

When you make purchases through Outsiide:

• Payment information is processed by certified third-party payment processors that comply with PCI-DSS standards
• Outsiide does not store full credit card details on our servers
• We may store transaction amount, transaction ID, timestamp, and the last 4 digits of the card

14. User Behavior Data & Analytics

We collect usage data to:

• Monitor app performance
• Detect bugs or crashes
• Improve feed recommendations
• Track event popularity
• Ensure accurate Host analytics
• Improve location-based discovery (“Happening Now”)

This data may include:

• Screen taps, swipes, scrolls
• Time spent on pages
• RSVP and check-in patterns
• Device actions (OS logs)
• Search queries
• Heatmaps (if implemented)

Data is used in aggregated form unless necessary for fraud prevention or safety.

15. Profiling & Automated Recommendations (GDPR Requirement)

Outsiide uses automated systems to recommend:

• Events, activities, and experiences
• Hosts to follow
• Locations you may enjoy
• Trending or local opportunities

This is considered “profiling” under GDPR.

You may request:

• Explanation of automated decisions
• Correction of inaccurate data
• Opt-out of certain recommendation engines (where feasible)

16. Data Storage Location

User data may be stored in:

• Canada
• United States
• EU regions (as needed for CDN performance)

All storage regions follow:

• Standard Contractual Clauses (SCC)
• Adequate security measures
• Restricted staff access

17. Law Enforcement Requests

We may disclose data when required:

• By court order
• By legal subpoena
• To comply with municipal, provincial/state, or federal laws
• Where necessary to protect life or safety

We attempt to notify users when legally permitted.

18. Data Breach Notification

If a data breach occurs involving personal information, Outsiide will:

• Investigate immediately
• Notify affected users as required under PIPEDA, GDPR, and other applicable laws
• Notify relevant data protection authorities
• Take corrective measures

19. Host Analytics & Patron Visibility

Hosts may receive visibility into:

• RSVP counts
• Check-in counts
• Patron profile information only to the extent necessary (e.g., first name, email if provided during RSVP)
• Event engagement metrics

Hosts do not receive access to:

• Patron messages
• Patron private data
• Location tracking beyond event attendance windows

20. Retention of Archived Events & Complaints

Archived events remain stored for compliance, analytics, and Host history. Patron complaints are retained even if an event is deleted or archived. This data is used for safety, fraud prevention, and platform integrity.

21. Data Deletion

You can delete your data directly withing the Outsiide App:

Delete Your Entire Account - Navigate to Settings>Account>Delete Account.

You will be able to confirm by typing your display name. This will permanently and immediatley delete: - Your profile and personal information - All RSVP, follows, and check-ins - Your authentication credentials - All associated account date

This action cannot be undone

Delete Host Profile Only - If you have a host (business) profile, you can delete just the host profile from your Host Profile screen. This will delete your business profile, all your post, and notify Outsiiders (patrons) who RSVPed. You profile will continue as an Outsiider only.

Subscriptions - Deleting your account does not automatically cancel your subscription. You mush cancel your subscription separately through the App Store (iOS) or Google Play Store (Android) before deleting your account.