What Data We Collect and Why
What data we collect and why
We collect only what's necessary to run Cloomba. Here's a plain-language breakdown.
Account data
| Data | Why |
|---|---|
| Name | Shown on your profile and guest lists |
| Email address | Sign-in via magic link, event notifications |
| Phone number | Sign-in via SMS code (if you use this method) |
| Profile photo | Shown on your profile and in comments |
| Username | Used for direct invitations |
| Bio | Optional; shown on your public profile |
Event data
When you create or attend events, we store the events you organised, your RSVPs, ticket purchases, and any content you post (comments, photos, videos).
Device and usage data
We collect standard technical data to keep the platform running: IP address, browser type, and basic usage logs. We do not build behavioural profiles or sell this data.
Firebase Authentication
Sign-in is handled by Firebase (Google). Firebase processes your authentication credentials — Cloomba receives only a verified user ID and basic profile info (name, email, photo) from your provider.
Third-party processors
| Processor | Purpose |
|---|---|
| Firebase (Google) | Authentication |
| Stripe | Payment processing |
| Cloudflare | Image/media CDN |
| Railway | Server hosting (EU West) |
None of these processors receive more data than necessary for their function.
How long we keep your data
We keep your data for as long as your account is active. When you delete your account, your personal data is removed. Some anonymised records (e.g. aggregate event statistics) may be retained.