← Eaves

EAVES Privacy Policy

Last updated: 2026-07-03

1. Who we are

EAVES ("we," "us," "our") is a nightlife and events discovery platform operated by Rufin De Schreye, based in Belgium.

Data controller contact: rufindeschreye@gmail.com Support contact: eaves.help@gmail.com

For the purposes of the General Data Protection Regulation (GDPR), we are the data controller for the personal data described below.

2. What data we collect

2.1 Account data (all users)

2.2 Location data

2.3 Social & activity data

2.4 Photos and media

2.5 Role-specific data

If you request or hold a role beyond standard user, we additionally process: - Artists: bio, social media links, featured tracks/links, booking contact information - Organizers: bio, contact information, social media links - Venue owners: company name, Belgian company registration number (KBO/BCE), business address, and any supporting documentation submitted for verification

2.6 Device & technical data

3. Why we process your data (legal basis)

Purpose Legal basis (GDPR Art. 6)
Creating and managing your account Contract (Art. 6(1)(b))
Showing nearby events/venues Consent (Art. 6(1)(a)) — location is opt-in
Social features (friends, follows, RSVPs) Contract
Age verification (16+ minimum) Legal obligation / legitimate interest
Sending push notifications Consent — you can opt out
Fixing bugs and crashes Legitimate interest (Art. 6(1)(f))
Venue owner verification Legal obligation / legitimate interest (fraud prevention)

4. Who we share your data with (subprocessors)

We use the following third-party service providers to operate EAVES. Each only receives the data necessary for their specific function, and each is bound by a data processing agreement where applicable:

Provider Purpose Data involved
Supabase Database, authentication, file storage All account, social, location, and media data
Render API hosting Data in transit while the app is in use
Sentry Error and crash monitoring Technical/device data, and any data present in memory at the time of a crash
Expo / EAS App builds, over-the-air updates, push notifications Push notification tokens, device information
Google Maps Location display, geocoding Location data you choose to share

We do not sell your personal data. We do not share your data with advertisers.

Supabase and Render both host our data in the EU (Frankfurt, Germany) region. Sentry stores our data in the EU region.

Expo/EAS and Google Maps are US-based providers. Transfers of EU personal data to these providers are covered by the EU-U.S. Data Privacy Framework (an adequacy mechanism recognized by the European Commission) and/or Standard Contractual Clauses, as each provider's own compliance documentation confirms.

5. How long we keep your data

We retain your account data for as long as your account is active.

When you delete your account, we immediately and permanently delete your profile, uploaded photos, social connections (friends, follows), RSVPs, ratings, and role-specific data (artist, organizer, or venue owner profiles).

Exception — content tied to shared or public use. Events and venues you created may remain visible after you delete your account, so that other users who RSVP'd, saved, or otherwise engaged with that content are not affected. This content is de-identified — it is no longer attributed to your account or personal data.

Exception — security and moderation logs. Where you have been the actor or subject of an administrative action (e.g. a role approval or a report review), a de-identified log entry of that action may be retained for up to 12 months for security and abuse-prevention purposes, even after account deletion. This log entry is not linked back to your personal data once your account is deleted.

Crash and error diagnostic data collected via Sentry is retained for 30 days.

6. Your rights

Under GDPR, you have the right to: - Access the personal data we hold about you - Rectify inaccurate data - Erase your data ("right to be forgotten") — you can do this yourself at any time via Account Settings → Delete Account, which permanently deletes your profile and associated data - Restrict or object to certain processing - Data portability — receive your data in a machine-readable format - Withdraw consent at any time (e.g. for location access or push notifications), without affecting the lawfulness of processing before withdrawal

To exercise these rights, contact us at eaves.help@gmail.com. You also have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données) at www.gegevensbeschermingsautoriteit.be.

7. Children

EAVES is not intended for anyone under 16 years old. We ask for your date of birth at signup and block registration if it indicates you are under 16. We do not independently verify identity documents, and we do not knowingly collect data from users under this age.

8. Changes to this policy

We may update this policy from time to time. We will notify you of material changes via the app or by email. Continued use of EAVES after changes take effect constitutes acceptance of the updated policy.

9. Contact

Questions about this policy or your data: eaves.help@gmail.com