Privacy Policy

Last updated:

1. Introduction

This Privacy Policy explains how JamSpot ("JamSpot", "we", "us", or "our") collects, uses, shares, and protects your personal data when you use the JamSpot mobile application (the "App"). JamSpot is an events platform that lets people discover events near them and lets organizers create and promote events.

The data controller responsible for your personal data is:

Name: O.P. Technologies
Email: [email protected]

By creating an account or using the App, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with it, please do not use the App.

The App is currently offered to users in Serbia and Hungary. Because we serve users in the European Union (Hungary), we process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Serbian data-protection law.

2. Data We Collect

2.1 Information you provide directly

Account & authentication data

  • Email address and password (when you register with email), or
  • Identity data from Google Sign-In or Apple Sign-In if you choose those methods - this includes your email address, name, and a secure identity token from the provider. (With Apple, you may choose to hide your email; we then receive a private relay address.)
  • The sign-in method(s) associated with your account.

Profile data

  • First and last name
  • Profile photo (avatar)
  • Date of birth (optional)
  • Country and city
  • Language preference

Content you create

  • Events you create as an organizer: title, description, cover and gallery images, promotional PDFs, venue address, dates and times, category, ticketing/reservation links, and related details.
  • Organizer profiles: organization name, description, logo, contact email and phone number, website, and social-media links you choose to add.
  • Team data: if you invite people to an organization, we process the email addresses and assigned roles of invited members.
  • Interactions: events you save/favorite, organizers you follow, and your recent searches.

2.2 Information collected automatically

Location data

  • If you grant permission, we use your device's GPS location (latitude/longitude) only when you actively choose to find events near you or set your location. We do not track your location in the background. You can decline or revoke this permission at any time in your device settings; the App remains usable, and you can enter a city manually instead.
  • Addresses and cities you enter for events or your profile are stored as content.

Device & technical data

  • A push-notification token (via Firebase Cloud Messaging / Apple Push Notification service) and a device identifier, so we can send you notifications.
  • App version and device/operating-system information associated with diagnostics.

Diagnostics & analytics (see Section 6 for your choices)

  • Crash reports (via Firebase Crashlytics): error logs, stack traces, device model, and OS version, used to keep the App stable. We sanitize these reports to strip out emails, tokens, and similar sensitive values.
  • Usage analytics (via Firebase Analytics): aggregated, app-usage events such as screens viewed and features used. Analytics are off by default and only enabled if you opt in.
  • Engagement metrics: event views and impressions, which we aggregate to give organizers anonymous statistics about how their events perform.

We identify diagnostics and analytics records using your account's internal ID - not your name or email.

3. How We Use Your Data

We use your personal data to:

  • Create and manage your account and authenticate you;
  • Provide core features - discovering, creating, publishing, and managing events;
  • Show you events relevant to your chosen or current location;
  • Send push notifications you've enabled (e.g., about events or your account);
  • Display performance statistics to event organizers in aggregate form;
  • Maintain, secure, debug, and improve the App;
  • Communicate with you about your account, invitations, and service updates;
  • Comply with legal obligations and enforce our terms.

4. Legal Bases for Processing (GDPR)

Where GDPR applies, we rely on the following legal bases:

  • Performance of a contract - to provide the App and the features you request (account, events, notifications you enable).
  • Consent - for optional device location access and usage analytics. You may withdraw consent at any time.
  • Legitimate interests - to keep the App secure and stable (including crash diagnostics), prevent abuse, and improve our services, balanced against your rights.
  • Legal obligation - where we must process data to comply with the law.

5. How We Share Your Data

We do not sell your personal data. We share it only as described below.

Public content. Events you publish - including their title, description, images, venue/address, and the associated organizer profile - are visible to other users and may be shared publicly. Do not include private information in event content you intend to keep confidential.

Service providers (processors). We use trusted third parties to operate the App. They process data on our behalf under contractual safeguards:

ProviderPurposeData involved
SupabaseBackend, authentication, database, and file storageAccount, profile, event, and uploaded media data
Google FirebasePush notifications, crash reporting, optional analyticsPush token, device info, diagnostics, usage events, internal user ID
Google (Sign-In)Authentication, if you choose GoogleYour Google account email, name, and token
Apple (Sign-In)Authentication, if you choose AppleYour Apple ID email and name (first sign-in)
Google Maps / PlacesMap display and address/city autocompleteSearch text you type, approximate region, and language

These providers may process data outside Serbia or the EU (e.g., in the United States). Where required, such transfers are protected by appropriate safeguards such as the European Commission's Standard Contractual Clauses.

Legal reasons. We may disclose data if required by law or to protect the rights, safety, and security of our users or the public.

6. Your Privacy Choices and Controls

  • Location: Granting or revoking GPS access is controlled in your device settings. Location is used only on demand.
  • Push notifications: You can disable notifications in your device settings at any time.
  • Analytics: Usage analytics are off unless you opt in, and can be turned off again in the App's settings.
  • Crash reporting: You can opt out of crash diagnostics in the App's settings.
  • Photos & camera: Access is requested only when you upload an image and can be managed in device settings.

7. Your Rights

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you;
  • Rectify inaccurate or incomplete data (you can edit most profile data in-App);
  • Erase your data ("right to be forgotten");
  • Restrict or object to certain processing;
  • Data portability - receive your data in a portable format;
  • Withdraw consent at any time, without affecting prior processing;
  • Lodge a complaint with a supervisory authority - in Hungary, the Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH); in Serbia, the Commissioner for Information of Public Importance and Personal Data Protection.

To exercise these rights, contact us at [email protected].

8. Deleting Your Account and Data

You can delete your account directly in the App (Settings → account deletion). When you delete your account, we permanently remove your profile, uploaded media (avatar and event images), saved favorites and follows, registered devices, and events for which you are the sole organizer.

If you are the sole owner of an organization that has other members, you'll be asked to transfer ownership before deletion can complete. Organizers can also delete an organization and its associated events and media separately.

Some data may be retained for a limited period where necessary to comply with legal obligations, resolve disputes, or enforce our agreements.

9. Data Retention

We keep your personal data for as long as your account is active or as needed to provide the App. After account deletion, we remove or anonymize your data as described in Section 8, except where longer retention is required by law.

10. Data Security

We use industry-standard measures to protect your data, including encrypted connections (HTTPS/TLS), authenticated access, and database-level access controls (row-level security). Passwords are stored only in hashed form by our authentication provider and are never accessible to us in plaintext. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

11. Children's Privacy

JamSpot is not directed to children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us at [email protected] and we will delete it.

12. Third-Party Links and Services

The App may contain links to third-party websites or services (for example, external ticketing or reservation links added by organizers, social-media profiles, or map services). This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices. Please review their policies separately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and, where appropriate, notify you in the App. Your continued use of the App after changes take effect constitutes acceptance of the revised policy.

14. Contact Us

If you have questions or requests regarding this Privacy Policy or your personal data, contact us at:

[email protected]