Privacy Policy

posted.fyi is an event management platform for independent musicians and live music fans, operated by Peter Irving.

Questions about this policy? Contact us.

This policy covers two products:

1. The posted.fyi website — a public site where anyone can discover events and sign up for updates
2. The posted.fyi dashboard — a management tool for musicians to post events, manage venues, and run their business

If you visit the website

• Email address (if you sign up for updates) — to notify you about launches and send marketing updates. Kept until you unsubscribe.
• reCAPTCHA data — to prevent spam signups. Processed by Google reCAPTCHA.
• Basic analytics — page views and referrers, aggregated and not tied to your identity.

We do not use tracking cookies beyond what is essential for the site to function. Google reCAPTCHA may set its own cookies — see Google's Privacy Policy.

If you use the dashboard

• Account info (email + auth credentials via Firebase) — to authenticate you and secure your data
• Business profiles (band name, genre, description) — core product functionality
• Event data (title, date, time, venue, flyer images) — posting and managing your events
• Venue data (name, address, contact info, notes) — tracking venues you work with
• Touchpoints (notes, dates, follow-up reminders) — your private CRM data

Your business data is yours. We store it to provide the service. We do not sell, rent, or share it with third parties for their marketing purposes.

• Google Firebase / Google Cloud Platform — hosting, authentication, database, cloud functions
• Google reCAPTCHA — spam prevention on the website email signup
• Amazon Location Service — venue search and discovery in the dashboard. Venue details you import are stored with your permission under Amazon's "Stored" usage tier.

We use your data to:

• Provide the service — display your events, manage your data
• Communicate with you — marketing updates (if opted in), transactional emails
• Improve the product — usage patterns to make posted.fyi better
• Prevent abuse — spam prevention, rate limiting

We do not:

• Sell your personal data
• Use your data for targeted advertising
• Share your data with third parties for their marketing
• Use your event or venue data to compete with you

• Unsubscribe — if you signed up for email updates, you can unsubscribe at any time at posted.fyi/unsubscribe.
• Delete your data — request deletion of your account and all associated data by contacting us. We process deletion requests within 30 days.
• Access your data — request a copy of your data by contacting us. We will provide it in a reasonable format within 30 days.

• All data transmitted over HTTPS
• Authentication handled by Firebase Authentication
• Firestore security rules restrict access to authorized users
• API keys and secrets stored in Firebase Secret Manager
• Server-side functions verify authentication on every request

posted.fyi is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we learn we have, we will delete it promptly.

We may update this policy from time to time. Material changes will be reflected in the "Last updated" date above. For significant changes, we may also notify you by email if you have an account.

For privacy questions or data requests, contact us.