AfterFive ("we", "our", or "us") is a social events platform based in Bengaluru, India. This Privacy Policy explains what data we collect when you use the AfterFive mobile app, how we use it, and the choices you have. By using AfterFive, you agree to this policy.
π 1. Information We Collect
Identity & Profile
Name, phone number, email, profile photo, bio, gender, age range, city, username, Instagram handle, LinkedIn URL, interests
Authentication
Phone OTP (hashed), Google / Apple / LinkedIn OAuth identifiers, auth tokens stored securely on your device
Location
GPS coordinates and text address β only while app is in use, to show nearby events, hosts, and venues
Payment
UPI ID (hosts only), transaction ID, amount, payment method. We do not store card numbers.
Device
Expo push notification token (device identifier for delivering push notifications)
Activity & Social
Events attended/hosted, reviews, connections, host/venue follows, community memberships, join requests and screening answers
Content
Photos you upload for your profile, event galleries, community posts β stored on AWS S3
Trust & Ratings
Ratings from other users, trust score, badges, host reliability metrics, attendance history
Information from Social Login
If you sign in with Google, Apple, or LinkedIn, we receive your name, email address, and profile photo from that provider. We store only what's needed to create your AfterFive profile and do not receive your password.
βοΈ 2. How We Use Your Information
- Event discovery β use your location to show nearby events, hosts, and venues sorted by distance
- Event participation β process join requests, notify hosts, send confirmations and event reminders
- Host tools β enable event creation, guest approval, check-ins, and payment collection
- Push notifications β send event reminders, join request updates, host broadcasts, and friend activity alerts (you control all types in Settings)
- Trust & safety β calculate trust scores, verify identities, surface shared connections for safer event matching
- Payments β record transactions between hosts and attendees
- Personalisation β show events matching your interests and past behaviour
- Customer support β respond to issues and resolve disputes
- Legal compliance β meet obligations under Indian law
π€ 3. Information Sharing
We do not sell your personal data. We share data only with the third-party services below, which are necessary to operate AfterFive:
AWS Cognito
Authentication β stores phone numbers and provider identifiers. India region (ap-south-1).
Authentication
AWS S3
File storage β profile photos and event images. India region (ap-south-1).
Storage
AWS SNS
SMS delivery β sends OTP codes for phone number verification. India region.
Messaging
Expo Push Notifications
Delivers push notifications to your device using your push token.
Notifications
Google / Apple / LinkedIn
OAuth sign-in β we receive your name, email, and profile photo only. Your password stays with the provider.
Auth
All AWS services used by AfterFive are hosted in the India (Mumbai) ap-south-1 region. Your data does not leave India's AWS infrastructure.
Other Users
Your public profile (name, photo, bio, rating, events hosted) is visible to other AfterFive users. You can control what's visible in Settings β Privacy.
Legal Disclosure
We may disclose your information if required by Indian law, court order, or to protect the safety of users or the public.
π 4. Permissions We Request
π
Location (When In Use)
To show events, hosts, and venues near you. Location is only accessed while the app is open β never in the background. GPS coordinates may be saved to your profile if you choose to share your location.
π·
Camera
To take photos for your profile picture. Only used when you actively open the camera within the app.
πΌοΈ
Photo Library
To upload your profile picture or event photos from your camera roll. We access only the photos you explicitly select.
π
Push Notifications
To send event reminders, join request updates, host broadcasts, and friend activity alerts. You can control each notification type individually in Settings β Notifications.
ποΈ 5. Data Retention
- Active accounts β all data retained while your account is active
- Deleted accounts β your personally identifiable information is anonymised within 30 days of deletion. Your push token is deleted immediately on account deletion.
- Deactivated accounts β your data is retained but hidden from other users. Reactivate anytime by logging back in.
- Transaction records β retained for 7 years to comply with Indian financial regulations
- OTP codes β expire after 10 minutes and are deleted immediately after verification
- Push tokens β deleted immediately when you log out or delete your account
βοΈ 6. Your Rights
We believe in giving you meaningful control over your data. The following can all be exercised directly within the app:
π€ Access & Export
Download a copy of your data β Profile β Settings β Export Data
βοΈ Correct
Update inaccurate information β Profile β Edit Profile
ποΈ Delete
Permanently delete your account β Settings β Manage Account β Delete Account
βΈοΈ Deactivate
Hide your profile without deleting data β Settings β Manage Account β Deactivate
π Opt Out of Notifications
Control each notification type β Settings β Notifications
ποΈ Privacy Controls
Control profile visibility, location sharing, and search β Settings β Privacy
To exercise any right not available in-app, or to raise a grievance, email us at boss@afterfive.social. We will respond within 72 hours.
π 7. Children's Privacy
AfterFive is intended for users 18 years of age and older. We do not knowingly collect personal data from anyone under 18. Age is verified during onboarding. If we discover that a user under 18 has created an account, we will delete that account and all associated data immediately.
If you believe a minor has registered, please contact us at boss@afterfive.social.
π 8. Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we will notify you via a push notification or in-app alert, and update the "Last updated" date at the top of this page. Continued use of AfterFive after changes constitutes acceptance of the updated policy.