Privacy Policy

Effective date: April 27, 2026

1. Overview

BYOPA.us ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share information when you use our Service.

2. Information We Collect

Account information: When you register, we collect your name, email address, and password (stored as a secure hash). If you sign in via Google or another identity provider, we receive only the information that provider shares with us.

Phone number: If you choose to register or sign in using a phone number, we collect your mobile phone number solely to send a one-time passcode (OTP) for identity verification. You must affirmatively check a consent checkbox before submitting your phone number. Your phone number is stored in your account record and used only for account verification SMS. Message and data rates may apply. You may opt out at any time by replying STOP to any message.

Event data: We store details about events you create, including event title, date, location, panelist assignments, and selected features.

Usage data: We may collect information about how you use the Service, including pages visited, features used, and error logs, to improve reliability and performance.

Payment data: Payment card details are collected and processed solely by Stripe, Inc. We receive and store only transaction metadata (amount, date, Stripe session ID). We do not store full card numbers or CVV codes.

Communications: If you contact us for support, we retain those communications to assist you.

3. How We Use Your Information

• To create and manage your account and deliver the Service.
• To process payments and apply credits to your account.
• To send transactional emails (account verification, password reset, event invitations) via Postmark.
• To send SMS one-time passcodes for phone-based account verification via Twilio, when you have provided explicit consent.
• To send service announcements and billing notifications.
• To monitor and improve the performance, security, and reliability of the Service.
• To comply with legal obligations.

We do not sell your personal information to third parties.

4. Information Sharing

We share your information only with the following categories of service providers, who process data on our behalf under confidentiality obligations:

• Google Firebase / Google Cloud: Real-time database, authentication, and cloud infrastructure. Google Privacy Policy.
• Stripe, Inc.: Payment processing. Stripe Privacy Policy.
• Postmark (ActiveCampaign): Transactional email delivery. Postmark Privacy Policy.
• LiveKit: Real-time audio streaming infrastructure. LiveKit Privacy Policy.
• Twilio, Inc.: SMS delivery for account verification one-time passcodes. Your phone number is transmitted to Twilio solely to send OTP messages you have consented to receive. Twilio Privacy Policy. No mobile information is shared with third parties or affiliates for marketing or promotional purposes. SMS opt-in data and consent are never sold.

We may disclose information if required by law, court order, or governmental authority, or to protect the rights, property, or safety of BYOPA.us, our users, or the public.

5. Data Retention

We retain your account and event data for as long as your account is active. After account deletion, we may retain anonymized or aggregated data. Billing records are retained as required by law (typically 7 years).

6. Security

We implement industry-standard technical and organizational measures to protect your data, including encrypted data transmission (TLS), secure password hashing, and access controls. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access or download a copy of your personal data.
• Correct inaccurate information.
• Request deletion of your account and associated data.
• Object to or restrict certain processing activities.

To exercise these rights, contact us at support@byopa.us. We will respond within 30 days.

8. Cookies

We use session cookies to keep you logged in and to remember your preferences. We do not use third-party tracking cookies or advertising cookies. You can disable cookies in your browser settings, but some features of the Service may not function correctly without them.

9. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it promptly. Contact us at support@byopa.us if you believe a child under 13 has provided us with personal information.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated policy on this page and updating the effective date. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

11. Contact

Questions or concerns about this Privacy Policy? Contact us at support@byopa.us.