Privacy Policy
What data Pvent collects, why, and what rights you have.Contact: Impressum.
Version 1 · 01. Mai 2026
We don't sell your data
Your data is never sold, shared with advertisers, or used for profiling outside Pvent.
Location stays private
Pvent never reveals your GPS position. Others only see whether you're inside a geofence — nothing more.
You're in control
Delete your account any time. You have 30 days to change your mind. And with Ghost mode you're invisible to everyone anyway.
What we collect and why
Account data
When you register, we store your email address and the display name you choose. This is used to identify you and let you log in.
Legal basis: contract performance (GDPR Art. 6(1)(b))
Location — geofence presence only
Pvent detects whether your device is physically inside a geofenced event area. We receive only an enter/leave signal — your GPS coordinates are never received, stored, or shared. With your permission, this geofence check runs in the background, so you are checked in and out of events even when the app is closed. Background location is optional — you can choose foreground-only and still use Pvent. Either way, only the enter/leave signal is processed, never your location.
Legal basis: contract performance (GDPR Art. 6(1)(b)) — detecting event presence is the core product function
Attendance records
We record which events you check into and which you save. This powers your personal event history.
Legal basis: contract performance (GDPR Art. 6(1)(b))
Push notifications
If you enable push notifications, your device token is stored so we can send you alerts. You can revoke this at any time in your device or Pvent app settings.
Legal basis: consent (GDPR Art. 6(1)(a))
Cookies
The web portal sets two cookies, both strictly necessary to operate the service. No consent banner is required under Austrian TKG §165 and the EU ePrivacy Directive.
| Cookie | Purpose | Duration |
|---|---|---|
| sb-* | Authentication session — keeps you logged in | Until logout |
| NEXT_LOCALE | Remembers your language preference | 12 months |
No analytics cookies. No advertising cookies. No third-party tracking of any kind.
Who can access your data
Two companies help us run Pvent. Neither sells your data or uses it for advertising.
Supabase — Frankfurt, Germany
Supabase stores your account, profile photo, and event attendance. Think of them as the secure vault where your personal data lives — on servers in Frankfurt, Germany.
Contracted under EU data protection law (Standard Contractual Clauses). Supabase Inc. is a US company; your data remains in the EU.
netcup — Karlsruhe, Germany
netcup runs our app server and this website. They only see the same information any web server sees: your IP address and which page you requested. None of your Pvent account data or event history is stored there.
Contracted under EU data protection law. German company — no transfer outside the EU.
We do not sell your data or share it with advertisers.
What other users can see
Three groups can see information about your attendance — each in a different form. If you activate Ghost mode, nobody can see you.
All app users
Anyone on Pvent sees the total crowd count at an event (e.g. “34 people here now”). By default you appear anonymously — your identity is not visible, only the number.
Your friends
Friends can see that you are attending the same event, which lets them find you. Activating Ghost mode hides you from everyone — including friends. You are still counted in the crowd total.
Event organisers
Organisers with an analytics subscription receive aggregated participation statistics for their own events. Individual users are never identifiable: data is only released once at least 5 participants are counted (k ≥ 5). No personal data is ever passed to organisers.
GPS coordinates are never shared with anyone. Blocked users cannot see your presence in any geofence.
How long we keep your data
Account data
Personal details (name, photo) permanently removed 30 days after deletion. You can cancel within that window.
Attendance records
Anonymised and kept after account deletion — no name or identity is attached, only the fact that someone attended.
Location
Never stored — geofence detection is computed in the moment; no location history or coordinates are kept on our servers.
Push tokens
Until you revoke notification permission.
Session cookie
Deleted when you log out.
Your rights
Under the GDPR, you have the right to:
Access
See the data we hold about you.
Correction
Fix inaccurate data.
Deletion
Delete your account and all associated data.
Portability
Receive your data in a machine-readable format.
Restriction
Ask us to pause processing.
Objection
Opt out of processing based on legitimate interests.
Withdraw consent
For push notifications, at any time, without penalty.
We respond within 30 days (GDPR Art. 12(3)).
Supervisory authority
If you believe we are handling your data incorrectly, you can lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde — DSB), Barichgasse 40–42, 1030 Wien, dsb.gv.at.
Age
Pvent is for users aged 16 and over. We do not knowingly collect data from anyone under 16. If you believe someone under 16 has created an account, reach out and we will remove it.
Changes to this policy
We will notify you of material changes at least 30 days before they take effect. The version number and date at the top of this page always reflect the current version.
Contact
Privacy (GDPR)
privacy@pvent.appGeneral
servus@pvent.app