Privacy Policy

1. Data We Collect

When you RSVP to an event or create an account, we may collect:

• Full name
• Email address
• Phone number
• Check-in timestamps and location
• Table reservation and payment details

We also collect standard usage data such as browser type, device information, and pages visited to improve the Platform.

2. How We Use Your Data

• To process RSVPs, check-ins, and table reservations
• To provide venue owners with guest intelligence and segmentation
• To provide organizers with aggregate event analytics
• To enable rep attribution and performance tracking
• To detect churn, identify loyal guests, and power venue CRM features
• To process payments through Paystack
• To communicate important updates about events you have RSVP’d to

3. Data Ownership Model

Signal operates a tiered data ownership model:

4. Marketing Consent & Email

When you tick the “Stay in touch with {Venue}” or “Stay in touch with {Organizer}” box at RSVP, Signal stores a record that this specific sender can email you. Signal sends those emails on their behalf — your address is never given to them directly.

Each sender is limited to a maximum of 3 marketing emails per month. You can unsubscribe from any one sender with one click; unsubscribing does not affect your consents with other senders.

Venues and organizers cannot download or export your contact information. The audience pool stays inside Signal at all times. We follow Nigeria’s NDPR for storage and handling.

You may withdraw any marketing consent at any time by clicking the unsubscribe link in any email or by contacting us. The default state for all marketing checkboxes is unchecked — you must actively opt in.

5. Third-Party Services

We use the following third-party services to operate the Platform:

• Clerk — Authentication and identity management
• Paystack — Payment processing for paid events and table reservations
• Vercel — Application hosting and deployment
• Supabase / PostgreSQL — Database hosting

Each service processes data in accordance with their own privacy policies. We only share the minimum data necessary for each service to function.

6. Security

All data is transmitted over HTTPS. Access to guest data is authentication-gated and restricted based on account type. Door staff access is protected by venue-specific PINs and codes. We implement reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, or misuse.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Venue-owned guest data is retained until the venue deletes their account or requests data removal. You may request deletion of your personal data at any time by contacting us.

8. Your Rights

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your personal data
• Object to processing of your data in certain circumstances
• Request a portable copy of your data

Direct mailing-list export is not available through the dashboard. Venue owners or organizers needing a list pulled for a specific integration must contact Signal support, who run controlled exports under audit.

9. Governing Law

This Privacy Policy is governed by the laws of the Federal Republic of Nigeria, including the Nigeria Data Protection Regulation (NDPR). Any disputes shall be subject to the exclusive jurisdiction of the courts of Lagos State, Nigeria.

10. Contact

For privacy-related enquiries or to exercise your rights, reach out via our contact page.