QuickEventStaff — Privacy Policy

Effective date: 29 April 2026 · Last updated: 29 April 2026

Operator: EventTitans (QuickEventStaff) · Contact: support@eventtitans.com

This Privacy Policy explains how the QuickEventStaff mobile application ("the App", "we", "our") collects, uses, stores, shares, and protects information when you use it. We comply with applicable Indian data protection laws (including the DPDP Act, 2023) and Google Play's User Data and Sensitive Data policies.

In short: We collect only the information needed to connect event organizers with workers, agencies, and managers; verify identity; pay workers; and operate the platform. We never sell your data and we never collect your UPI PIN, card details, or banking passwords.

1. Who is this app for

QuickEventStaff is a service marketplace for event staffing in India. Five user roles use the App:

Worker — applies to events, gets paid
Organizer — creates events and hires staff
Agency — manages a roster of workers and assigns them to events
Manager — runs operations on behalf of an organizer at an event
Admin — internal QuickEventStaff staff

The App is intended for users aged 18 and above. We do not knowingly collect personal information from anyone under 18.

2. What data we collect

2.1 Account & profile data

Type	Examples	Purpose
Identity	Name, profile photo, role	Display in the App, identify on events
Contact	Phone number, email (optional)	Authentication via OTP, account recovery, transactional messages
Location (precise)	GPS coordinates while the App is open	Find nearby events and verify check-in at event venues
Photos & media	Profile pictures, event cover images, KYC document photos, UPI QR images	Profile display, event branding, identity verification, payout setup
Camera	Live camera capture for face liveness verification and document scan	Confirm worker identity for high-trust events

2.2 Financial data

Type	Examples	Purpose
UPI identifier (VPA)	Public-facing address like `name@bank`	Sent to worker as a payout destination — the App never collects your UPI PIN
Bank account details	Account number, IFSC, account holder name	Alternative payout method when UPI is not available
Payment data	Payment confirmation IDs from Razorpay (incoming organizer payments)	Reconcile event payments. Card numbers, CVV, expiry, and OTPs are handled directly by Razorpay and never reach our servers.
Earnings ledger	Wallet balance, withdrawal history	Show your earnings and history

2.3 KYC / identity verification data

Workers and managers may be asked to verify identity through Setu's APIs:

Aadhaar number / Aadhaar OTP verification (issued by UIDAI; processed by Setu)
PAN number (issued by Income Tax Department; processed by Setu)
Face image and a live face encoding for liveness check

We use this data only to verify identity in line with KYC obligations imposed by financial-services providers and event organizers' compliance requirements.

2.4 App usage and device data

Type	Examples	Purpose
Device identifiers	Firebase Cloud Messaging (FCM) push token	Send notifications to your device only
App diagnostic data	Crash logs, error logs (no personal data attached)	Fix bugs and improve stability
App interactions	Which events you applied to, swipes in Discover, message activity	Power matching algorithms and dispute resolution

We do not collect: contacts list, SMS messages, call logs, browsing history outside the App, or precise location while the App is closed (no background tracking).

3. How we use your data

Provide the service. Match workers to events, process applications, run the chat between organizers and staff.
Authenticate you. Verify phone numbers via SMS OTP at sign-in.
Verify identity. Confirm KYC documents through Setu and run face liveness for high-trust roles.
Process payments and payouts. Accept event payments from organizers via Razorpay; deliver wages to workers via UPI or bank transfer initiated by our admin team.
Communicate. Send transactional push notifications about events, applications, payments, and reminders.
Operate & secure. Detect fraud, enforce platform rules, comply with tax and audit laws.

4. Who we share data with

We share the minimum data required, only with these third-party processors:

Service	What is shared	Purpose
Razorpay (Razorpay Software Private Limited)	Payment intent details, your name and email if entered at checkout	Inbound payment processing for organizers
Setu (Setu Technologies)	Aadhaar/PAN numbers and OTPs while verifying	KYC verification
Firebase / Google (Google LLC)	Device push token, anonymous app usage	Push notifications, optional analytics, crash reporting
Google Maps (Google LLC)	Address strings while geocoding event locations	Show event locations and search places
Amazon Web Services (Amazon Web Services, Inc.)	Profile photos, KYC document images, UPI QR images	Encrypted file storage
Expo (Expo, Inc.)	FCM push token (relayed to Firebase Cloud Messaging)	Cross-platform push notification delivery

We do not sell, rent, or trade personal data with anyone for advertising or marketing purposes.

We may share data when legally required (for example, in response to a court order or government request), or to protect our rights, our users, or the public.

5. How we protect your data

In transit: All connections between the App and our servers use HTTPS/TLS 1.2 or higher.
At rest: Database storage is on encrypted volumes; KYC documents and uploaded images sit in encrypted Amazon S3 buckets.
Access control: Backend access is restricted to authorized engineers via SSH key authentication. Application access requires authenticated sessions with role-based authorization.
Sensitive secrets: Payment credentials, API keys, and signing keys are stored in protected secret stores; never in source code or in your app.
Sanitization: We never log full payment instrument data, OTPs, or KYC numbers.

No system is 100% secure. If we ever detect a breach affecting your data, we will notify affected users via the App and email within a reasonable time and as required by law.

6. Data retention

Active accounts: Profile and transactional data is retained for as long as your account exists.
Closed accounts: When you delete your account, profile data is deleted within 30 days. Transactional records (event placements, payment history) may be retained for up to 7 years to satisfy tax and audit obligations.
KYC data: Retained as required under RBI and Indian financial regulations (typically 7 years from the last transaction).
Logs: Server logs retained for 90 days unless required for ongoing fraud or legal investigation.

7. Your rights

You can exercise these rights by writing to support@eventtitans.com from the email or phone number tied to your account:

Access: Request a copy of personal data we hold about you.
Correction: Update inaccurate information directly in the App, or by writing to us.
Deletion: Delete your account from inside the App (Profile → Settings → Delete account) or by emailing us. We will delete data within 30 days, subject to legal retention obligations.
Withdraw consent: Withdraw consent for optional data uses (e.g., marketing notifications) at any time in the App's notification settings.
Object & restrict: Object to or ask us to restrict certain processing.
Data portability: Receive your personal data in a portable, structured format.
Grievance: Lodge a complaint with the Indian Data Protection Board if you believe your rights are being violated.

8. Permissions used by the App

Permission	Why	When asked
Location (foreground only)	Find nearby events and verify check-in at event venues. We do not access location while the App is closed.	When you open Events / Discover
Camera	Capture profile photo, scan QR codes at events, perform face liveness verification	When you tap the camera icon or start verification
Photo library / media images	Pick a profile photo, upload KYC documents, upload UPI QR images	When you tap "Upload"
Notifications	Send event reminders, application updates, payment confirmations	On first launch (Android 13+)

9. Children

QuickEventStaff is not directed to children under 18. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us data, please email support@eventtitans.com and we will delete it promptly.

10. International data transfers

Our primary servers are hosted in India (AWS Asia Pacific — Hyderabad region). Some processors (e.g., Firebase, Google Maps) may process data outside India under industry-standard data protection agreements.

11. Changes to this policy

We may update this Privacy Policy to reflect new features, regulatory changes, or operational improvements. When we do, we will update the "Last updated" date above and notify users of material changes via in-app notice or email. Continued use of the App after changes constitutes acceptance of the updated policy.

12. Contact us

For privacy questions, data requests, or grievances:

Email: support@eventtitans.com
Website: https://quickeventstaff.com