Privacy Policy

1. Introduction

Beat the Riff ("we", "our", or "the App") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application at flow-concerts.app/concerts/beattheriff.

By using Beat the Riff, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Account Information

When you create an account, we collect your email address, display name, and profile photo. If you sign in with Google, we receive your Google profile information (name, email, and profile picture) as authorized by you.

Concert Activity Data

We collect data about your concert activity, including saved shows, attended shows, favorite bands, followed cities, crowd reports, queue participation, spot goals, and media uploads (photos and videos).

Community Data

Messages sent in event chats, group chats, and direct messages are stored to provide the community features. Media shared in chats is also stored.

Usage Data

We automatically collect certain information when you access the App, including your device type, browser type, and general interaction patterns. We do not use third-party tracking cookies.

3. How We Use Your Information

• Provide and maintain the App and its features
• Generate your Metal Stats, Concert Identity badges, and Post-Show Timelines
• Deliver pit intelligence, arrival timing, and spot strategy recommendations
• Enable community features (Metalheads, chats, following)
• Process payments for Riff Pass and Riff Pro subscriptions
• Send notifications related to your account and activity
• Improve and optimize the App

4. Data Sharing

We do not sell your personal information. We may share data with:

• Service providers — Supabase (database & authentication), Vercel (hosting), Stripe (payments)
• Other users — Your public profile, display name, and community activity are visible to other users
• Legal compliance — When required by law or to protect our rights

5. Data Storage & Security

Your data is stored securely using Supabase with row-level security policies. All data is transmitted over HTTPS. We implement industry-standard security measures to protect your information, but no method of electronic transmission is 100% secure.

6. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your account and data
• Export your concert history data
• Withdraw consent for optional data processing

To exercise these rights, contact us at support@beattheriff.com.

7. Third-Party Services

The App integrates with third-party services including Google (authentication), Stripe (payments), and Supabase (data storage). Each of these services has its own privacy policy governing how they handle your data.

8. Children's Privacy

Beat the Riff is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at support@beattheriff.com.