Privacy Policy

This Privacy Policy applies to NightList, operated by NightList, and to the NightList services that link to this policy. NightList helps venues, promoters, door teams, and guests manage guestlists, event access, QR passes, guest applications, and related communications.

We collect the information needed to provide NightList and keep event access reliable and secure.

• Account information: name, username, email address, phone number, password credentials in protected form, Google account identifier, and profile details you provide.
• Guestlist and event information: event invites, applications, guest names, plus-one names, phone-based guestlist entries, approvals, attendance, check-ins, arrival status, QR pass tokens, and task proof submissions.
• Venue, promoter, and team information: venue memberships, roles, permissions, staff assignments, event configuration, camera or entry rules, and operational activity.
• Communications: emails, verification codes, support requests, notification preferences, and messages related to guestlist activity.
• Technical data: device, browser, IP address, usage logs, authentication events, API activity, crash diagnostics, and security signals.

If you choose to continue with Google, we use Google OAuth to verify your identity and receive basic profile information such as your email address, name, and Google account identifier. We use this only to create or sign in to your NightList account, protect your account, and connect you to eligible NightList features. We do not sell Google account data or use it for advertising.

• Create, authenticate, and protect user accounts.
• Match verified phone numbers to promoter guestlist entries and event invitations.
• Generate and validate guest QR passes, door access, attendance, and check-in records.
• Allow venues, promoters, and door teams to manage events and guest activity.
• Send welcome emails, verification codes, notifications, support messages, and service updates.
• Prevent fraud, misuse, duplicate access, unauthorized entry, and security incidents.
• Debug, maintain, analyze, and improve NightList.
• Comply with legal obligations and enforce NightList policies.

We share information only when needed to operate NightList, support events, or meet legal requirements.

• Venues, promoters, and door teams: guestlist, application, pass, attendance, and profile information may be visible to authorized event operators.
• Service providers: hosting, database, email, authentication, analytics, crash reporting, security, and support vendors may process data for NightList under appropriate safeguards.
• Legal and safety: we may disclose information if required by law or to protect users, venues, NightList, or the public.
• Business changes: information may be transferred as part of a merger, acquisition, financing, reorganization, or sale of assets.

We do not sell personal information.

We keep personal information while your account is active or as needed to provide NightList, maintain event records, resolve disputes, prevent fraud, comply with law, and enforce agreements. Some operational records, such as check-ins, audit logs, guestlist history, and security records, may be retained for legitimate business, safety, or legal reasons after an account deletion request.

You can request account deletion through the Account Deletion page or by emailing privacy@nightlist.app.

We use administrative, technical, and organizational safeguards designed to protect personal information, including protected credential storage, access controls, HTTPS in production, token-based authentication, and operational monitoring. No system can be guaranteed completely secure, so users should keep passwords private and contact us if they suspect unauthorized access.

• You can update account details in NightList where available or through support.
• You can choose not to use Google sign-in and use email/password sign-in instead where available.
• You can request access, correction, deletion, or restriction of your personal information, subject to applicable law.
• You can opt out of non-essential communications, though service and security messages may still be sent.

NightList is not directed to children. Guests must meet the age, identification, entry, and venue rules for the event they attend. Venues and promoters are responsible for setting and enforcing applicable event requirements.

NightList may process and store information in countries other than where you live. Where required, we use appropriate safeguards for cross-border processing.

For privacy questions or requests, email privacy@nightlist.app.