Privacy Policy

Host (you)

• Email and name
• Payment information (handled by Chip — we do not store your card details)
• Event information: event name, date, location, cover photo
• Account settings and preferences

Event Guests

• Name (as entered by the guest)
• Phone number OR Google account ID (for photo identification)
• Photos uploaded (after GPS is stripped)
• Guest Book messages (if used)

Automatic Data

• Anonymous usage statistics (PostHog)
• Error logs for bug fixes (Sentry — without sensitive data)
• Session cookies for auth and UI preferences

• Provide the service: gallery, guest identification, photo processing
• Send transactional emails: verification, receipts, period reminders
• Process payments via Chip
• Fix and improve the product (anonymous analytics)
• Comply with Malaysian legal requirements

When a guest uploads a photo, we automatically remove GPS location metadata, device model, and detailed capture time. This protects guest privacy and prevents exposure of location or personal patterns.

We practise the "data is not stored forever" principle:

• Event photos: stored for the duration of your plan (7-60 days), then automatically deleted
• Guest data (name, phone): stored only for the duration of the event
• Email logs and receipts: stored for 7 years for financial obligations
• Inactive host accounts >2 years: we will contact you before deletion

You may request earlier deletion at any time (see the Your Rights section).

We use third-party processors for specific operations:

• Supabase — database & authentication
• Cloudflare R2 — photo storage (zero-egress)
• Cloudflare Images — photo processing (HEIC→WebP, GPS stripping)
• Chip (chip-in.asia) — payment processing
• Resend — transactional email
• Sentry — error tracking
• PostHog — anonymous analytics

All processors are bound by terms protecting your data. They are not permitted to use your data for other purposes.

Gathrly event galleries can be viewed by anyone with the link or QR code. This is intentional — so guests can share easily without registering or PINs.

Guests are aware that their photos can be viewed by other guests during the upload process (no sign-up to view).

Privacy controls (PIN or event password) will be introduced in Phase 3. For now, hosts are responsible for safeguarding their links/QR.

As a user in Malaysia, you have the following rights under PDPA 2010:

• Right of access — request a copy of your personal data we hold
• Right to correction — correct inaccurate data
• Right to withdraw consent — withdraw consent for processing
• Right to erasure — request deletion of your data
• Right to restrict processing — limit how we use your data

To exercise any of these rights, email us at hello@gathrly.my. We will respond within 21 calendar days as required by PDPA.

• Row-Level Security (RLS) on the database — hosts only access their own data
• Encryption in transit (HTTPS/TLS)
• Hashed password storage (not plaintext)
• Restricted access for Gathrly team — only as needed for operations
• Periodic security audits

While we work hard, no system is 100% secure. If you suspect your account has been compromised, contact us immediately.

We use cookies for:

• Session cookies: for host login (essential)
• Preference cookies: your language (BM/EN), theme
• Analytics cookies: PostHog (anonymous) — you can opt out

Some of our processors operate outside Malaysia (e.g. Supabase, Cloudflare). Your data may be transferred to these countries for processing. We ensure all transfers comply with protection standards equivalent to PDPA.

Gathrly is not intended for use by children under 13. If you become aware that a child under 13 has provided personal data to us, please contact us for deletion.

This policy may be updated from time to time. Significant changes will be communicated via email to active host accounts.