Privacy Policy

Offkai (“we”, “us”) is a platform for organizing paid offline social gatherings. We act as the data controller for the personal data described below.

Contact for any privacy question or to exercise the rights listed below: privacy@offkai.app. We do not have a designated Data Protection Officer (we're too small to be required to under GDPR Article 37); the contact above handles all data-protection requests.

When you create an account, we collect:

• Email address — required for sign-in and to deliver event tickets, payment notifications, and account messages.
• Username (e.g. @dragonslayer99) — your community handle, visible to event hosts and other attendees on event pages.
• Preferred name (e.g. “Alex Johnson”) — used by event hosts to identify you at check-in.
• Sign-in method — whether you use a password, Google, or Discord. For OAuth providers we receive only your email address (verified) and your display name from that provider.
• Optional socials — handles you add yourself (X, Instagram, Discord, BlueSky, TikTok, “Other” with a custom label). Visible to attendees of events you host so they can reach you.
• Consent records — when you accept our Terms of Service, we store the date, the version you accepted, and the device user-agent and IP address at that moment, as a record of your consent.

When you RSVP to an event, we collect:

• RSVP details — which event, payment method chosen, ticket tier selected and any promo/access code you apply, “Going” / “Interested” intent on free no-check-in events, optional note to the host, optional guest count.
• Payment screenshots — if you pay digitally (Venmo, Zelle, etc.), the image you upload to confirm payment. Visible only to the event host who verifies your payment.
• Payment transaction / reference ID — if the event host requires it for manual (non-card) payments, the payment reference you enter (e.g. a Venmo or PayPal transaction ID) so the host can match your payment to your RSVP. Visible only to the event host who verifies your payment.
• Card payment information (Stripe events only) — if you pay by card, Stripe Checkout collects your card details on its hosted payment page. Offkai never receives or stores card numbers, CVVs, or bank account numbers; we only see Stripe’s tokenized payment intent reference and the success/failure outcome via webhook.
• Check-in records — the timestamp the host scans your ticket (QR mode) or taps your name (roster mode), and which host did it.
• Age confirmation — if an event has a 21+ requirement, the fact that you confirmed you meet it, with the date and the device user-agent and IP address at that moment.

If you host an event, we additionally collect:

• Event details you publish (title, description, location, date, timezone, cover image, payment instructions, check-in mode, optional categories + Discover-listing toggle).
• Payment method handles (Venmo, Zelle, PayPal, Wise, or custom “Other” entries) — visible to attendees of your events so they can pay you.
• Stripe Connect account state (if you onboard) — your Stripe account ID, whether charges and payouts are enabled, the connected country, and the last-4 of your payout bank. Stripe's onboarding (legal name, address, ID document) happens on Stripe’s site; Offkai never sees those fields.
• Fundraiser organizer verification — if you run a fundraiser event, Offkai requires a connected Stripe Connect account, and Stripe performs identity verification (KYC) on you as the organizer to support anti-money-laundering (AML) and fraud-prevention obligations. This identity and verification data is collected and handled by Stripe under Stripe’s own privacy terms; Offkai does not store the underlying KYC documents — only the connected-account state described above.
• Walk-in guest entries you add manually at the door (name + optional email).
• Per-attendee host notes you write — visible only to you and your co-hosts.

We do not collect: payment card numbers, bank credentials, location data beyond your browser timezone, contacts, browsing history outside our app, or any data from advertising networks. For card payments, full card details go directly to Stripe's hosted checkout — Offkai never sees them. For external methods (Venmo, Zelle, etc.) we never see your transfer or banking information either; only the proof-of-payment screenshot you choose to upload.

• Performance of a contract (Art. 6(1)(b)): account creation, RSVPs, ticket delivery, payment notifications, hosting tools — everything you need the service for.
• Legitimate interests (Art. 6(1)(f)): security and abuse prevention (rate limiting, RLS, error monitoring), capacity enforcement, fraud detection on screenshot uploads.
• Consent (Art. 6(1)(a)): optional cookies that go beyond what the service strictly needs (Sentry session replay, full UI breadcrumb capture). You see a banner on first visit and can change your choice anytime by clearing the offkai_consent cookie.

We do not rely on consent for the core processing required to deliver the service.

• To run RSVPs, payments, check-ins, and capacity for events you attend or host.
• To send transactional emails (ticket delivery, payment notifications, host invites, 24-hour reminders, cancellation notices).
• To prevent abuse (rate limiting, screenshot fraud detection).
• To debug crashes and errors via Sentry — with PII (email patterns, typed input values) automatically scrubbed before sending.
• To respond to your support requests and data-rights requests.

We do not sell your data. We do not run advertising. We do not use your data to train AI models. We do not share your data with anyone outside the sub-processors listed below.

• You: see your full profile, your RSVPs, your QR tickets, and any events you host (including all attendee details for those events).
• Event hosts (and their co-hosts): see your preferred name, username, email, payment screenshot, payment method, any payment transaction/reference ID you provide, ticket tier, guest count, and any notes you submitted — but only for events you’ve RSVP’d to.
• Other attendees: see your username on event pages. They do not see your email, preferred name, or payment details.
• Anonymous visitors: see public event pages including the host’s preferred name + username + optional socials. If the host has opted the event into Discover (the public catalog at /discover), the event title, cover image, categories, and active confirmed-RSVP count also appear on that catalog page. No attendee information is exposed in either case.
• Offkai admin: has read-only “view as host” access for support and abuse investigation. Admin actions (cancelling/deleting events) are gated and rate-limited.

We rely on the following processors to run the service. Each handles only the data necessary for their function. Each has a Data Processing Agreement (DPA) with us that includes the EU Standard Contractual Clauses where applicable.

Google Maps on event pages: we embed a small static map of the venue via the Google Maps Static API, proxied through our own servers. The map image is fetched server-side — your IP is not sent to Google when the map loads. Tapping the map opens Google Maps in a new tab with the venue as a search query, which does share your IP with Google (as any link to google.com would).

Stripe on event pages: when you view an event that accepts Card payment, our pages load Stripe.js so the Checkout flow is ready to launch. Stripe.js sets fraud-prevention cookies (__stripe_mid, __stripe_sid) and may load resources from m.stripe.com for risk scoring. These are functional to the payment flow; see the Cookies section below.

Most of our sub-processors are based in the United States. If you're in the European Economic Area, the United Kingdom, or Switzerland, your personal data is transferred outside your home jurisdiction when we use these services. We rely on the European Commission's Standard Contractual Clauses (SCCs) included in each sub-processor's DPA, plus their respective adherence to relevant adequacy frameworks (e.g. EU-US Data Privacy Framework where applicable).

We show a consent banner on your first visit. You can pick “Essential only” or “Accept all”; your choice is stored for one year. For a full per-cookie breakdown see our Cookie Policy.

Strictly necessary (always on):

• Supabase auth cookies — keep you signed in.
• _cfuvid (Cloudflare bot protection) — distinguishes browsers from automated traffic for security.
• offkai_consent — stores your cookie-consent choice itself.
• __stripe_mid / __stripe_sid (Stripe fraud prevention) — set by Stripe.js on event pages that accept Card payment, even before you start checkout. Used by Stripe to detect fraudulent transactions; functional to the payment flow.
• Theme preference in localStorage — remembers light/dark mode.

Optional (only with “Accept all”):

• Sentry session replay (on errors) — when an error happens, records a short replay of the UI to help us debug. The recording masks all text content and blocks images by default. Without consent, we still capture the bare error + stack trace, but no replay and no UI breadcrumbs.

We do not use advertising cookies, tracking pixels, or third-party analytics scripts.

• Account data (profile, socials, payment methods): kept while your account is active. On account deletion the personal fields are anonymized; see “Your rights” below.
• RSVPs and event records: kept while the event is active and afterwards as part of the host's historical record. On account deletion your RSVPs are cancelled and personal fields (notes, manual_name, manual_email) are scrubbed.
• Payment screenshots: deleted via a nightly sweep as soon as the host has verified or rejected the payment, so screenshots no longer linger after they've served their purpose. Screenshots that are never reviewed (e.g., the event is cancelled before the host gets to them) fall back to a final 30-day-post-event purge.
• Email delivery logs (sent / delivered / bounced status from Resend): kept for ~30 days for delivery troubleshooting.
• Sentry error reports: retained per Sentry's standard plan (~30 days for replays, ~90 days for events).
• Cloudflare request logs: short-lived edge logs for abuse prevention, kept per Cloudflare's defaults.
• Pending host or co-host invites (by email, before the invitee signs up): kept until the invitee signs up or the inviter revokes.

You have the following rights regardless of where you live; if you're in the EU, UK, Switzerland, or California they map to GDPR / UK GDPR / nFADP / CCPA respectively. You can exercise most rights self-service from your profile, or submit a request via our Privacy Request page.

• Access: see your account info on /profile and your RSVP history at /my-rsvps.
• Portability: download a JSON copy of all your personal data from /profile → “Your data” → “Download my data.” Includes profile, socials, payment methods, RSVPs, organized and co-hosted events.
• Rectification: edit your preferred name from /profile; for username or email changes, contact us.
• Erasure: delete your account from /profile → “Danger zone.” If you organize future events, you'll be asked to cancel them or transfer them to a co-host first. After deletion: your profile is wiped, socials and payment methods are deleted, RSVPs cancelled and personal fields scrubbed, login disabled. Past events you organized stay visible to attendees but show “Deleted user” as the host (we keep the event so attendees' RSVP history isn't wiped out from under them).
• Object / restrict processing: contact us. Note that essential processing for service delivery cannot be objected to without ending the contract (i.e. closing your account).
• Withdraw consent: change your cookie-consent choice anytime by clearing the offkai_consent cookie; the banner will re-appear on next visit.
• Lodge a complaint with your local data-protection authority (in the EU, that's your country's DPA; in the UK, the ICO).

We respond to data-rights requests within 30 days.

If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) gives you specific rights, which we honor for all users:

• Right to know what personal information we collect, the purposes, and the categories of recipients — all described in this policy.
• Right to delete your personal information — use account deletion on /profile → “Danger zone.”
• Right to correct inaccurate personal information — edit your profile or contact us.
• Right to opt out of the sale or sharing of personal information, and to limit use of sensitive personal information.
• Right to non-discrimination for exercising any of these rights.

We do not sell or share your personal information as those terms are defined under the CCPA/CPRA, and we have not done so in the preceding 12 months. We do not use or disclose sensitive personal information for purposes beyond what is necessary to provide the service. Because we never sell or share, there is no “Do Not Sell or Share My Personal Information” action to take — but you can still exercise the rights above at any time. You may use an authorized agent to submit a request on your behalf; we'll ask for proof of authorization. To exercise any right, email privacy@offkai.app.

We use industry-standard encryption in transit (HTTPS) and at rest (Supabase Postgres + Storage default encryption). Payment screenshots live in a private bucket gated by row-level security — only you and the event host can view them. Database access is gated by per-row RLS policies; admin actions go through audited SECURITY DEFINER functions. We do not store payment card or bank credentials. We rate-limit sensitive endpoints to prevent abuse.

If we ever discover a personal data breach affecting your account, we'll notify you and the relevant authority within 72 hours per GDPR Article 33.

Offkai is intended for adults: you must be at least 18 (or the age of majority where you live) to create an account. The service is not directed at children, and we do not knowingly collect personal data from anyone under 18. If you believe a minor has created an account, contact us and we will delete it.

We may update this policy as the service evolves. Material changes will be announced via the app or email. The “Last updated” date at the top reflects the latest revision.

Questions about this policy or your data? privacy@offkai.app