Privacy Policy

• Account data: your email address and display name, provided when you register.
• Profile data: your profile photo, uploaded voluntarily.
• Event data: events you create, including titles, descriptions, dates, locations, and photos you upload.
• Social data: your friends list and event participation records.
• Device data: push notification tokens, stored only if you grant permission. Automatically deleted when invalid.
• Technical data: IP address, device type, and error diagnostics for service reliability. We do not use this data for advertising.

• To provide, operate, and maintain the Firstime service.
• To send you event anniversary reminders, friend requests, and event invitations.
• To deliver push notifications, only with your explicit opt-in consent.
• To monitor service reliability, diagnose errors, and improve the user experience.
• To protect against fraud, abuse, and unauthorised access to accounts.

• We do not sell, rent, or trade your personal data.
• Your display name and profile photo are visible to your friends on Firstime.
• Event details (title, date, photos, location) are visible only to you and the participants you invite.
• We use trusted third-party service providers to operate the service, including EU-based cloud infrastructure, image storage, email delivery, error monitoring, and map services. Each provider is bound by data processing agreements and processes data only on our instructions.

Your data is stored on secure servers located in the European Union. All data in transit is encrypted via TLS (HTTPS). We implement access controls, regular security reviews, and industry-standard measures to protect your information.

We retain your data for as long as your account is active. When you delete your account, all personal data is permanently removed within 30 days. Anonymised, aggregated data may be retained for service analytics.

• Access: request a copy of the personal data we hold about you.
• Rectification: correct inaccurate or incomplete data directly in the app, or by contacting us.
• Erasure: delete your account and all associated data from Settings → Delete Account, or by contacting us.
• Data portability: request your data in a structured, machine-readable format by emailing hello@firstime.app.
• Withdraw consent: disable push notifications from your device settings, or revoke other consents at any time. Withdrawal does not affect the lawfulness of prior processing.

We use strictly necessary cookies for authentication, language preference, and theme setting. These cannot be disabled as they are essential for the service to function. Third-party map services used on the web platform may set their own cookies when map features are loaded. We do not use advertising or behavioral tracking cookies.

Firstime is not directed at children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal data from children. If we learn that we have collected data from a child without parental consent, we will promptly delete it. If you believe a child has provided us with personal data, please contact us at hello@firstime.app.

We may update this Privacy Policy to reflect changes in our practices or for legal reasons. If we make material changes, we will notify you via the app or email before they take effect. Your continued use of Firstime after the effective date constitutes acceptance of the updated policy.

For questions, requests, or concerns about this Privacy Policy or your data, contact us at hello@firstime.app.