top of page

PRIVACY POLICY

Last Updated: October 6, 2025

EP Club LLC ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web services (collectively, the "Service").

1. Information We Collect

1.1 Personal Information You Provide

  • Account Information: Email address, password (encrypted), full name, username

  • Profile Information: Profile photo, Instagram handle, homebase city

  • User-Generated Content: Visit records, location ratings, notes, bookmarks, event attendance, AI assistant conversations

  • Communications: Messages you send to us (e.g., feedback, support requests)

1.2 Information Collected Automatically

  • Usage Data: Pages viewed, features used, time spent on the app, navigation patterns

  • Device Information: Device type, operating system, browser type, unique device identifiers

  • Location Data: GPS coordinates when you use map features (with your permission)

  • Analytics Data: Interaction data, feature usage metrics, performance data

  • Cookies and Tracking: Session cookies, preference cookies, analytics cookies

2. How We Use Your Information

We use the information we collect to:

  • Provide and Maintain the Service: Create and manage your account, enable core features (visits tracking, leaderboards, passport), process your interactions

  • Personalization: Customize your experience based on your preferences and activity, provide AI-powered recommendations and assistance

  • Analytics and Improvement: Analyze usage patterns to improve the Service, develop new features and content, monitor and analyze trends

  • Communication: Send you updates about the Service, respond to your inquiries and support requests, notify you about changes to our policies

  • Achievements and Gamification: Track your progress, award XP points, display leaderboard rankings

  • Security: Detect and prevent fraud, enforce our Terms of Service, protect the safety of users

2.1 Automated Decision-Making and Profiling

Our AI assistant uses automated processing to provide personalized recommendations based on your visit history, preferences, and location data. You have the right to opt-out of AI-powered recommendations by contacting us.

3. Data Storage and Security

We implement appropriate technical and organizational measures to protect your information:

  • Data Hosting: Your data is stored using Supabase, a secure cloud database platform built on PostgreSQL, with servers located in the United States

  • Encryption: All data transmitted between your device and our servers is encrypted using industry-standard TLS 1.2+ protocols. Passwords are hashed using bcrypt encryption algorithms

  • Access Controls: We implement Row Level Security (RLS) policies to ensure users can only access their own data. Our team follows the principle of least privilege for data access

  • Storage: Profile photos and other files are stored in secure storage buckets with appropriate access permissions and encryption at rest

  • Data Retention:

    • Active Accounts: We retain your information for as long as your account is active or as needed to provide you the Service

    • Deleted Accounts: If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required by law to retain certain information

    • Backup Data: Deleted data may persist in backup systems for up to 90 days before permanent deletion

    • Analytics Data: Aggregated and anonymized analytics data may be retained indefinitely for business purposes

4. Third-Party Services

We use the following third-party services that may collect information about you:

Supabase (Database & Authentication)

PostHog (Analytics)

Azure OpenAI (AI Assistant)

Mapbox (Maps & Location)

5. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

5.1 Access and Portability

You have the right to access and receive a copy of your personal data. Contact us to request your data export, which will be provided in JSON format within 30 days.

5.2 Correction and Update

You can update your profile information directly in the Settings page of the app.

5.3 Deletion

You have the right to request deletion of your account and associated data. Contact us at concierge@epclub.com to initiate account deletion. Your data will be deleted within 30 days of verification.

5.4 Opt-Out of Analytics

You can disable analytics tracking by adjusting your device settings or browser preferences. Note that this may limit certain features.

5.5 Location Data

You can control location permissions through your device settings. Disabling location access will limit map-related features.

5.6 Marketing Communications

You can opt-out of promotional emails by clicking the "unsubscribe" link in any marketing email or by updating your preferences in Settings.

 

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Essential Cookies: Required for authentication and core functionality (session duration: until browser closes)

  • Analytics Cookies: Used by PostHog to understand how you use the Service (duration: 1 year)

  • Preference Cookies: Remember your settings and preferences (duration: 1 year)

You can control cookies through your browser settings. Disabling cookies may affect Service functionality.

 

7. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at concierge@epclub.com and we will delete such information within 48 hours.

 

8. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws, including:

  • Standard Contractual Clauses approved by the European Commission for transfers to countries outside the EEA

  • Adequacy decisions by the European Commission where applicable

  • Your explicit consent where required by law

8.1 GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your data based on the following legal grounds:

  • Consent: When you have explicitly consented to processing (e.g., location data, marketing communications), which you may withdraw at any time

  • Contract Performance: To provide the Service you have requested

  • Legitimate Interests: To improve our Service, ensure security, and analyze usage patterns, provided these interests do not override your fundamental rights and freedoms

  • Legal Obligations: To comply with applicable laws and regulations

You have additional rights under GDPR, including the right to object to processing based on legitimate interests and the right to lodge a complaint with your local data protection authority.

8.2 CCPA Compliance (California Users)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: What personal information is collected, used, shared, or sold

  • Right to Delete: Request deletion of personal information

  • Right to Opt-Out: Opt-out of sale of personal information (we do not sell your data)

  • Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your privacy rights

To exercise these rights, contact us at concierge@epclub.com. We will respond within 45 days.

 

9. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • With Your Consent: When you explicitly authorize us to share information

  • Service Providers: With third-party vendors who perform services on our behalf (e.g., Supabase, PostHog, Azure OpenAI, Mapbox) under contractual obligations to protect your data

  • Public Information: Information you choose to make public (e.g., profile information, leaderboard rankings, visit records) is visible to other users of the Service

  • Legal Requirements: When required by law, court order, subpoena, or governmental authority

  • Business Transfers: In connection with a merger, acquisition, or sale of assets, where the acquiring party agrees to honor this Privacy Policy

  • Protection: To protect the rights, property, or safety of EP Club LLC, our users, or others, including detecting fraud and enforcing our Terms of Service

 

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy in the app with a new "Last Updated" date

  • Sending you an email notification to the address associated with your account

  • Displaying an in-app notification upon your next login

Material changes will take effect 30 days after notification. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

 

11. Data Protection Officer

For questions about data protection or to exercise your privacy rights, you may contact our Data Protection Officer at:

Email: privacy@epclub.com

 

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: concierge@epclub.com
Company: EP Club LLC
Address: 2108 N ST STE N SACRAMENTO, CA 95816

We will respond to your inquiries within 30 days and in accordance with applicable laws.

By using EP Club LLC's Service, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

bottom of page