Privacy Policy

1. Data Controller & Contact Information

Festie is operated by Asir Khan, who serves as the data controller for personal data processed through the service. The service is self-hosted on-premise infrastructure.

For privacy-related inquiries, requests to exercise data subject rights, or concerns about your personal data, please contact the email address above. We will respond to all requests within 30 days.

2. Categories of Personal Data Collected

Festie collects and processes the following categories of personal data:

Account Information

• Username: User-selected identifier for account access and display within the platform
• Password Hash: Passwords are hashed using Scrypt before storage and are never accessible to us or stored in plaintext
• Avatar Image: Optional profile picture uploaded by the user in WebP format for display in the app
• Email Address: Optional email provided during registration, used for password recovery and account verification

Festival Coordination Data

• Festival Picks: Musical acts, performances, or attractions selected and saved by the user
• Personal Notes: User-generated notes and scheduling information associated with selected acts
• Crew Memberships: Groups or crews the user is a member of and their associated role or permissions within those groups

Communication Data

• Device Tokens: Push notification tokens used exclusively for sending festival-related notifications and schedule updates

Technical Data

• IP Address: Your IP address is collected for security purposes, rate limiting, and abuse prevention
• Session Data: Session identifiers and authentication tokens to maintain your logged-in state

3. Legal Basis for Processing

We process your personal data under the following lawful bases:

Contract Performance

The collection and processing of account data, festival picks, notes, and crew memberships is necessary for the performance of the contract between you and us. These data are essential to provide the core festival coordination service you are using.

Consent

We process device tokens for push notifications based on your explicit consent. You grant this consent when you authorize push notifications during account setup or in your device settings. You may withdraw this consent at any time through your account settings.

Legitimate Interest

We process IP addresses and session data based on our legitimate interest in maintaining service security, preventing fraud and abuse, enforcing our terms of service, and monitoring and improving platform performance and reliability. We have balanced these interests against your privacy rights and have implemented appropriate safeguards.

4. Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law:

Account Data

• Duration: Retained for the lifetime of your account
• Upon Deletion: Your account deletion request initiates a 30-day grace period during which your data is accessible for restoration. After 30 days, all account data (username, password hash, avatar) is permanently deleted

Backups & Disaster Recovery

• Duration: Automated backups are retained for a maximum of 28 days (4 weekly backup cycles)
• Purging Schedule: Backups older than 28 days are automatically purged and permanently deleted from backup systems

Session Data & Authentication Tokens

• Duration: Session data and authentication tokens are retained for 24 hours
• Automatic Expiration: Sessions automatically expire after 24 hours of inactivity for security purposes

Avatar Images

• Duration: Retained while your account is active
• Upon Deletion: Permanently deleted upon account deletion after the 30-day grace period

5. Your Data Subject Rights

Under applicable data protection laws, you have the following rights regarding your personal data:

Right of Access

You have the right to access all personal data we hold about you. You can export a complete copy of your data in JSON format via the API endpoint GET /api/v1/account/export within your account settings. This export includes your account profile (username, avatar, preferences), festival picks and notes, crew memberships, registered device tokens, active sessions, and notification and topic-subscription preferences.

Right of Rectification

You have the right to correct or update inaccurate personal data. You can modify your profile information, username, and avatar directly within your account settings at any time.

Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data by initiating account deletion through your account settings. We will delete your account and associated data after a 30-day grace period. This grace period allows you to restore your account if deletion was accidental. After 30 days, all data is permanently deleted and cannot be recovered.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly-used, machine-readable format. You can export your data in JSON format using the API endpoint GET /api/v1/account/export, enabling you to transfer your data to another service or retain a copy.

Right to Restrict Processing

You have the right to restrict our processing of your personal data in certain circumstances. You may disable push notifications, restrict data sharing within crew groups, or limit how your data is used by contacting us at privacy@festie.us.

Right to Object

You have the right to object to certain types of processing based on our legitimate interest. To exercise this right, contact us at the email address below.

Exercising Your Rights

To exercise any of these rights, contact us at privacy@festie.us with your request. We will respond within 30 days. Some requests may take up to 60 days depending on complexity. We will verify your identity before processing requests to ensure we are sharing information only with authorized individuals.

6. Cookies & Session Management

Festie uses HTTP-only session cookies strictly for authentication and session management purposes only.

Cookie Usage

• Session Cookies: HTTP-only cookies are used to maintain your authenticated session
• No Tracking Cookies: We do not use tracking cookies, analytics cookies, or third-party cookies for behavioral tracking
• No Analytics: We do not deploy cookies for analytics, advertising, or user behavior profiling

Cookie Consent

No consent banner is required because our session cookies are exempt under ePrivacy Directive Article 5(3) as "strictly necessary" for the functioning of the service. These cookies are essential to authentication and do not require prior consent.

Cookie Management

Session cookies are automatically deleted when you log out or after 24 hours of inactivity. You can clear cookies from your browser settings, though this will log you out of the service.

7. Data Sub-Processors & Third Parties

Festie uses limited third-party services to provide specific functionality:

Cloudflare

• Purpose: Content delivery network (CDN) and secure tunnel infrastructure for the application
• Data Processed: IP addresses, request metadata, security headers
• Privacy Policy: https://www.cloudflare.com/privacy/

Firebase Cloud Messaging (FCM)

• Purpose: Push notification delivery for festival schedule updates and crew sync alerts
• Data Processed: Device tokens and notification payloads
• Privacy Policy: https://firebase.google.com/support/privacy

Sentry (Functional Software, Inc.)

• Purpose: Application error tracking and performance monitoring to diagnose crashes and reliability issues
• Data Processed: Error and exception details, stack traces, and request metadata (sensitive headers such as cookies and authorization tokens are filtered out before transmission)
• Privacy Policy: https://sentry.io/privacy/

We have entered into data processing agreements with these sub-processors to ensure appropriate safeguards. These services may process your data in the United States under standard contractual clauses. You may review our processing agreements upon request.

8. International Data Transfers

Your personal data is primarily stored on self-hosted infrastructure operated by us. However, certain sub-processors may process your data internationally:

• Cloudflare: May process data in the United States and other countries
• Firebase Cloud Messaging: Operated by Google, may process data in the United States and other locations
• Sentry: Operated by Functional Software, Inc., may process error and performance data in the United States

Where data is transferred to countries outside your country of residence, including the United States, we rely on Standard Contractual Clauses (SCCs) to ensure adequate safeguards for your data protection rights. We have implemented appropriate technical and organizational measures to protect your data during international transfers.

9. Security Measures

We implement comprehensive technical and organizational security measures to protect your personal data:

Data in Transit

• TLS 1.2+ Encryption: All data transmitted between your device and our servers is encrypted using TLS 1.2 or higher
• HTTPS Only: The entire application operates over secure HTTPS connections

Data at Rest

• Password Security: Passwords are hashed using Scrypt, a memory-hard key derivation function resistant to brute-force attacks
• Token Security: Authentication tokens are hashed using SHA-256 before storage
• Access Controls: Strict access controls limit internal access to personal data

Application Security

• Rate Limiting: API endpoints implement rate limiting to prevent brute-force attacks and abuse
• Input Validation: All user inputs are validated using Zod schemas to prevent injection attacks and malformed data
• Content Security Policy: CSP headers are implemented to prevent cross-site scripting (XSS) and other injection attacks
• CSRF Protection: Cross-site request forgery protection is implemented for state-changing operations

While we implement robust security measures, no system is completely immune from security incidents. We will notify you of any security breaches affecting your personal data as required by law, typically within 72 hours of discovery.

10. Children's Privacy

Festie is not directed to children under 13 years of age in the United States (per COPPA requirements) or under 16 years of age in certain European Union member states (per GDPR provisions).

Age Requirements: By using the service, you confirm that you are at least 13 years old in the United States, or at least 16 years old in EU member states where such age restrictions apply.

We do not knowingly collect personal data from children below these age thresholds. If we become aware that a child below the applicable age threshold has provided us with personal data, we will take steps to delete such information and terminate the child's account.

If you believe a child has created an account in violation of these age requirements, please contact us at privacy@festie.us.

11. Policy Changes & Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

Material Changes

For material changes that affect your privacy rights or how we process your data, we will provide you with at least 30 days' notice via the Festie application interface. Your continued use of the service after the 30-day notice period constitutes your acceptance of the updated Privacy Policy.

Minor Updates

We may update this policy for minor clarifications or non-substantive changes without notice. The effective date at the top of this document reflects the last major update.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

12. Additional Legal Documents

Please also review our Terms of Service, which govern your use of Festie and contain important limitations of liability and dispute resolution provisions.

13. Contact & Support

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

We will respond to all privacy-related inquiries within 30 days. For data subject requests (access, deletion, portability), we will provide our response within 30 days, or up to 60 days for complex requests.