Privacy Policy

1. Information We Collect

When you use Toss-up, we collect:

• Account Information: Email address, name, profile photo
• Event Data: Events you create, availability preferences, invitations
• Usage Data: How you interact with the app (via PostHog analytics)
• Technical Data: IP address, browser type, device information

2. How We Use Your Information

• Provide and improve our services
• Send event notifications and reminders
• Analyze usage patterns to improve user experience
• Prevent fraud and ensure security

3. Data Sharing

We do NOT sell your personal data. We may share data with:

• Service Providers: Vercel (hosting), Supabase (database), Resend (email), Sentry (error monitoring), PostHog (analytics)
• Legal Requirements: When required by law
• Event Participants: Name and availability (only with people you invite)

4. Your Rights (GDPR)

You have the right to:

• Access your personal data
• Correct inaccurate data
• Delete your account and data
• Export your data
• Opt-out of marketing emails

To exercise these rights, email: privacy@toss-up.app

5. Data Security

We protect your data using:

• HTTPS encryption for all connections
• Secure password hashing (bcrypt)
• Regular security audits
• Restricted access to personal data

6. Cookies

We use cookies for:

• Authentication (session management)
• Analytics (PostHog - with your consent)
• Security (CSRF protection)

You can manage cookies via our cookie consent banner.

7. Third-Party Services

• PostHog: Privacy Policy
• Sentry: Privacy Policy
• Resend: Privacy Policy

8. Children's Privacy

Toss-up is not intended for users under 13. We do not knowingly collect data from children.

9. Changes to This Policy

We may update this policy. Changes will be posted on this page with an updated date.

10. Contact Us

Questions? Email: privacy@toss-up.app