Privacy Policy

AfterFive is a private membership platform that helps members discover curated restaurants, cocktail bars, live music venues, and nightlife experiences. This Privacy Policy explains how we collect, use, share, and protect information about you when you use our platform, website, and mobile applications (collectively, the “Service”).

We collect information in the following ways:

Information you provide directly

• —Account registration: email address, password (hashed — never stored in plaintext)
• —Member profile: first name, last name, display name, profile photo (optional)
• —Date of birth — collected for age verification; some venues and offers are age-restricted
• —Phone number — collected for member notifications and NFC check-in functionality; SMS features are opt-in
• —Payment information — processed by Stripe; AfterFive does not store full card numbers or bank account details

Information collected automatically

• —Usage data: pages visited, features used, click patterns, search queries within the platform
• —Device and browser information: browser type, operating system, screen resolution
• —IP address: used for fraud prevention and regional content; not linked to personal identity in analytics
• —Session recordings: we use PostHog session replay to record anonymized screen interactions (form inputs are masked and never recorded)
• —Error reports: we use Sentry to capture application errors, which may include browser state, URL, and device context at the time of the error
• —Location data: the map feature may request your browser geolocation permission; this is used only for map centering and is not stored

• —To create and manage your account and membership
• —To process payments and manage billing via Stripe
• —To personalize your experience and surface relevant venues and events
• —To enforce age restrictions for applicable content
• —To send transactional communications (account confirmation, billing receipts, password resets)
• —To send member notifications and updates via SMS (only with your opt-in consent)
• —To detect, investigate, and prevent fraudulent activity, abuse, or violations of our Terms
• —To monitor application performance and diagnose errors via Sentry
• —To analyze usage patterns and improve the Service via PostHog analytics
• —To comply with applicable legal obligations

We use PostHog for behavioral analytics. PostHog collects data about how members interact with AfterFive — including pages visited, features used, and session recordings. Session recordings mask all form input fields by default; we never record passwords, payment details, or other sensitive data entered into forms.

PostHog data is used solely to improve the platform. We do not sell this data or use it for third-party advertising. You may opt out of session recording by contacting us.

We use Sentry for error monitoring. Sentry may capture browser state, device context, and the URL where an error occurred. This data is used exclusively for diagnosing and fixing software issues.

We do not sell your personal information. We share data only in these circumstances:

• —Service providers: Supabase (database and authentication infrastructure), Stripe (payment processing), PostHog (behavioral analytics), Sentry (error monitoring), Cloudflare (bot protection and CDN), Twilio (SMS, when enabled). Each provider is bound by data processing agreements.
• —Legal requirements: if required by law, regulation, court order, or governmental authority
• —Business transfers: in the event of a merger, acquisition, or sale of assets, member data may be transferred as part of the transaction. You will be notified of any change in ownership affecting your data.
• —With your explicit consent

Venue partners do not receive your personal information. When you present your member pass at a venue, the venue sees only that you hold an active membership — not your name, email, date of birth, or payment information.

We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or fraud-prevention purposes (such as billing records, which may be retained for up to 7 years for tax and accounting compliance).

Analytics data collected by PostHog is retained according to PostHog's data retention settings. Error data collected by Sentry is retained for 90 days by default.

Depending on your jurisdiction, you may have the right to:

• —Access the personal information we hold about you
• —Correct inaccurate information in your profile
• —Request deletion of your account and associated personal data
• —Export your data in a portable format
• —Withdraw consent for optional processing (such as SMS notifications)
• —Opt out of analytics and session recording

To exercise any of these rights, contact us at the address below. We will respond within 30 days. Some rights may be limited where retention is required by law.

AfterFive is intended for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18. If you believe a minor has created an account, please contact us immediately and we will delete the account.

We use industry-standard security practices including encrypted data transmission (TLS), password hashing, and role-based access controls. Payment data is handled exclusively by Stripe, a PCI DSS-compliant payment processor — AfterFive never processes or stores full card numbers. No security measure is perfect; we encourage you to use a strong, unique password for your account.

We use cookies and similar technologies for authentication session management and security. See our Cookies & Analytics disclosure for full details.

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the platform before the change takes effect. Continued use of the Service after changes are posted constitutes acceptance of the updated policy.

For questions about this Privacy Policy or to exercise your rights, contact us:

AfterFive Privacy Team
Email: privacy@joinafterfive.com