We collect the following types of personal information:

Account Information:
• Full name
• Email address
• Profile photo
• Password (stored securely via Supabase Auth)

Event and Community Data:
• Events you create, attend, or interact with
• Communities you create or join
• Messages sent through the platform (including direct messages)
• Event listings, descriptions, and media you upload

Payment Information:
• Payment details are collected and processed directly by Stripe
• Crowdify does not store your full credit card number, CVV, or bank account details
• We receive limited transaction data from Stripe (e.g. last four digits, transaction status, payout details)

Location Data:
• Event locations you provide when creating events
• General location data used to show relevant events near you

Device and Usage Data:
• Device type, operating system, and browser information
• IP address
• Pages visited, features used, and interactions on the platform
• App usage data (via our mobile application)

Communications:
• Emails and support correspondence
• Transactional emails sent via Brevo (our email service provider)

We use your personal information for the following purposes:

• To create and manage your Crowdify account
• To facilitate event creation, discovery, ticketing, and attendance
• To process payments and payouts through Stripe
• To enable community features and direct messaging between users
• To send transactional emails (e.g. ticket confirmations, event updates, payout notifications) via Brevo
• To provide customer support and respond to enquiries
• To improve and optimise the platform, including troubleshooting and analytics
• To enforce our Terms of Service and protect against fraud or misuse
• To comply with legal obligations under Australian law
• To send platform-related notifications and updates

We do not sell your personal information. We may share your information in the following circumstances:

With Event Organisers:
• When you purchase a ticket, the event organiser receives your name and email to manage attendance
• Organisers must not use attendee data for purposes beyond event management without your explicit consent

With Service Providers:
• Supabase: Database hosting, authentication, and file storage
• Stripe: Payment processing and payout facilitation
• Brevo: Transactional email delivery

With Other Users:
• Your public profile information (name, profile photo) is visible to other users
• Community and event interactions may be visible to other members

For Legal Compliance:
• We may disclose information where required by law, regulation, or legal process
• We may share information with law enforcement or government authorities when legally obligated to do so

Business Transfers:
• In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction

All payment processing on Crowdify is handled by Stripe, a PCI-DSS compliant payment processor.

• Crowdify charges a 12% platform commission on paid event tickets
• Stripe may also charge applicable processing fees
• Your payment card details are collected and stored by Stripe, not by Crowdify
• Funds are held until event funding goals are met and verification checks are passed
• Organiser payouts are processed through Stripe Connect

For more information on how Stripe handles your data, please refer to Stripe's Privacy Policy at https://stripe.com/privacy.

Your data is stored and managed using Supabase, which provides:

• Encrypted data storage and secure authentication
• Row-level security policies to protect data access
• Secure file storage for uploaded media (e.g. profile photos, event images)

We implement reasonable technical and organisational measures to protect your personal information against unauthorised access, loss, misuse, or alteration. These measures include:

• Encrypted connections (HTTPS/TLS) across all platform communications
• Secure authentication with session-based tokens
• Access controls limiting data access to authorised personnel only

While we take data security seriously, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of your information.

Crowdify uses cookies and similar technologies for the following purposes:

Essential Cookies:
• Authentication session cookies to keep you logged in
• Security tokens to protect against cross-site request forgery

Functional Cookies:
• User preferences and settings

We do not currently use third-party advertising or tracking cookies.

You can manage cookie preferences through your browser settings. Disabling essential cookies may affect your ability to use the platform.

Under the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs), you have the following rights:

Access:
• You may request access to the personal information we hold about you

Correction:
• You may request correction of any inaccurate, incomplete, or out-of-date information

Complaint:
• You may lodge a complaint if you believe your privacy has been breached
• We will investigate and respond to complaints within 30 days
• If you are unsatisfied with our response, you may escalate your complaint to the Office of the Australian Information Commissioner (OAIC) at https://www.oaic.gov.au

Account Deletion:
• You may request deletion of your account and associated personal data by contacting us at support@crowdify.com.au
• We will process deletion requests within 30 days
• Some information may be retained where required by law or for legitimate business purposes (e.g. transaction records)

Data Portability:
• You may request a copy of your personal data in a commonly used electronic format

To exercise any of these rights, contact us at support@crowdify.com.au.

Crowdify is not intended for use by children under the age of 18. We do not knowingly collect personal information from children under 18.

If we become aware that we have collected personal information from a child under 18 without parental consent, we will take steps to delete that information promptly.

If you believe a child under 18 has provided us with personal information, please contact us at support@crowdify.com.au.

We retain your personal information for as long as necessary to:

• Maintain your active account and provide our services
• Comply with legal and regulatory obligations
• Resolve disputes and enforce our agreements

When your account is deleted:
• Profile information and user-generated content will be removed within 30 days
• Transaction records may be retained for up to 7 years as required by Australian tax and financial reporting laws
• Anonymised or aggregated data that cannot identify you may be retained indefinitely for analytics purposes

Inactive accounts may be flagged for review after 24 months of inactivity.

The platform may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties.

We encourage you to review the privacy policies of any third-party services you interact with, including:
• Stripe (payment processing): https://stripe.com/privacy
• Supabase (infrastructure): https://supabase.com/privacy
• Brevo (email): https://www.brevo.com/legal/privacypolicy/

Your data may be stored or processed in jurisdictions outside of Australia where our service providers operate (including the United States and the European Union).

Where data is transferred internationally, we ensure that appropriate safeguards are in place in accordance with the Australian Privacy Act 1988 and applicable data protection laws.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.

• Material changes will be communicated via email or a prominent notice on the platform
• The "Last Updated" date at the top of this page will be revised accordingly
• Continued use of the platform after changes are posted constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically.

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

Crowdify
ABN: 47 692 719 305

Email: support@crowdify.com.au
Website: https://crowdify.com.au

For privacy complaints, you may also contact the Office of the Australian Information Commissioner (OAIC):
Website: https://www.oaic.gov.au
Phone: 1300 363 992