Privacy Policy

Last updated: 26 June 2026

This Privacy Policy explains what personal data PartyHardy ("PartyHardy", "we", "us") collects when you use the PartyHardy mobile app and the partyhardy.app website, why we collect it, who we share it with, and the rights you have over it.

PartyHardy is operated by PartyHardy OÜ (registry code 17456951), Tornimäe 5, Tallinn, 10145, Estonia, which is the data controller for the purposes of the EU General Data Protection Regulation (GDPR) and equivalent laws in the countries where we operate (currently Estonia, Sweden, Denmark, the Netherlands, Germany and France).

1. Data we collect

Information you give us

Account details — your email address, display name, and the password you set (stored only as a salted hash by our authentication provider; we never see it in plain text).
Profile preferences — your age group and the music genres / "vibes" you select during onboarding or later edit in your profile.
Notification settings — whether push notifications are enabled, your nightly alert cap, and your alert radius.

Information collected automatically when you use the app

Approximate location — see the dedicated section below.
Push notification identifier — a device-level push subscription ID issued by our push provider, so we can deliver "live now" alerts and ticket notifications to your device.
App activity — anonymous, aggregate usage events (for example, that a feed was viewed or a paywall was opened) used to understand how the app is used. These events carry no name, email, or account ID — they are tied only to a randomly generated per-device identifier.
Diagnostic data — crash reports and error logs that help us fix bugs.

Information related to payments and rewards

Subscription data — your plan tier, billing cycle, renewal/expiry date, and a customer reference issued by our payment processor. We do not receive or store your full card number — card data is handled entirely by Stripe.
Spin-wheel and ticket data — any free-ticket wins, ticket codes, and whether a ticket has been scanned at a venue.

2. Approximate location ("location sync")

What happens: When you open or return to the PartyHardy app, the app reads your device's approximate location (your city, a coarse latitude/longitude of roughly 500 metres' accuracy, and your country) and stores it on your account. This is how we show you events in the city you're actually in tonight, and how we target "live now" push alerts to nearby venues — including when you travel to a different city.

Foreground only. Location is read only while the app is open and in the foreground. We never track your location in the background, and we do not request background-location permission.

You control it. Location sync only runs if you grant location permission (the app asks for this on the Map screen). If you decline, the app still works — we simply skip the location-based alerts. You can revoke the permission at any time in your device settings.

How often: At most once per hour. The most recent value overwrites the previous one; we keep your last-known location, not a location history or movement trail. For alert targeting, a stored location older than 7 days is ignored.

Precision: We store a coarse, city-level fix. We do not collect or store precise GPS traces, routes, or place visits.

3. Why we use your data (legal bases)

Purpose	Data used	Legal basis (GDPR)
Create and run your account; show you the event feed and map	Account details, profile preferences, approximate location	Performance of a contract
Send "live now" alerts and ticket notifications	Push identifier, approximate location, notification settings	Consent (you enable push and location)
Process subscription payments	Subscription data, email	Performance of a contract
Send transactional and security emails (password reset, email change, receipts)	Email, account events	Performance of a contract / legitimate interest
Send lifecycle / marketing emails	Email	Consent (you can opt out at any time)
Understand and improve the app	Anonymous usage events, diagnostic data	Legitimate interest
Prevent spam and abuse at sign-up	Email, IP address (at sign-up only)	Legitimate interest

4. Who we share data with

We do not sell your personal data. We share it only with the service providers ("processors") that operate parts of the app on our behalf, each under a data-processing agreement:

Provider	Purpose
Supabase	Backend, authentication, and database hosting
Stripe	Subscription payment processing (handles card data directly)
OneSignal	Push notification delivery
Resend	Transactional and lifecycle email delivery
PostHog	Anonymous product analytics
Sentry	Crash and error reporting
Google Maps	Map display within the app
Cloudflare	Website hosting and sign-up spam protection (Turnstile)

Some of these providers may process data outside the European Economic Area. Where that happens, the transfer is covered by appropriate safeguards such as the European Commission's Standard Contractual Clauses.

We may also disclose data where required by law, to protect our legal rights, or in connection with a merger or sale of the business.

5. How long we keep it

We keep your account data for as long as your account exists. If you delete your account, we delete or anonymise your personal data within a reasonable period, except where we must retain certain records (for example, payment records) to meet legal obligations. Approximate location is overwritten on each sync and is not retained as a history. Anonymous analytics events are retained in aggregate and cannot be linked back to you.

6. Your rights

Under the GDPR you have the right to:

access the personal data we hold about you;
have inaccurate data corrected;
have your data deleted ("right to be forgotten");
restrict or object to certain processing;
receive your data in a portable format;
withdraw consent at any time (for example, by disabling push or location, or opting out of marketing email); and
lodge a complaint with your local data protection authority.

To exercise any of these rights, email us at hello@partyhardy.app.

7. Children

PartyHardy is intended for adults of legal nightlife age in the markets we serve and is not directed at children under 17. We do not knowingly collect data from anyone under that age. Some events carry their own age restrictions, which are set by the venue.

8. Security

We use industry-standard measures to protect your data, including encryption in transit, hashed passwords, and access controls. No system is perfectly secure, but we work to keep your data safe and to notify you and the relevant authority if a breach affecting your data ever occurs.

9. Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you in the app or by email.

10. Contact

Questions about this policy or your data? Email hello@partyhardy.app.