Skip to main content
Yoink
Legal

Privacy Policy

Last updated: May 14, 2026

This Privacy Notice for Yoink Events Inc. (“Yoink,” “we,” “us,” or “our”) describes how we collect, use, and share personal information when you use our services (the “Services”), including when you:

  • Visit our website at yoink.events or any site of ours that links to this Privacy Notice.
  • Download and use our mobile application (Yoink for iOS).
  • Engage with us in other related ways, including support, feedback, or marketing communications.

Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use the Services. Questions or concerns? Contact us at compliance@yoink.events.

Where we operate: Yoink is operated from Canada and offered in Canada and the United States only. Our Services are not directed at, and not offered to, residents of the European Economic Area, the United Kingdom, or Switzerland. We do not knowingly collect personal information from individuals located in those regions; if we become aware that we have, we will delete it.

Summary of key points

A quick read; full detail follows in the numbered sections.

  • What we collect: account info (email, sign-in identity), saved artists and event alerts, device push tokens, music-library OAuth tokens (only if you connect Apple Music or Spotify), feedback you send us, plus standard server logs and product analytics.
  • What we do not collect: sensitive personal information (race, religion, biometrics, sexual orientation, etc.), the Apple Identifier for Advertisers (IDFA), or cross-app tracking data.
  • What we do not do: we do not sell your personal information, do not run targeted advertising, and do not share your data with advertisers.
  • Who we share with: only the service providers we need to run the app — listed by name in §4.
  • Your rights: access, correction, deletion, and withdrawal of consent, exercisable by emailing compliance@yoink.events.

1.What information do we collect?

Personal information you provide to us

The information we collect depends on how you interact with us, the choices you make, and the features you use:

  • Account information. Email address, display name (if provided), and the linked identity you used to sign in (Apple, Google, or email via our authentication provider Clerk).
  • Activity in the app. Artists you follow, events you save alerts on, alert preferences, and any feedback you submit (free-text content plus the email you optionally include).
  • Music-library connections. If you connect Apple Music or Spotify to import artists, we store the OAuth access and refresh tokens those services issue so we can read your saved artists on your behalf. We store the artist names we use to populate your alert list — not your underlying listening history or playlists.
  • Push tokens.Your device's Apple Push Notification service (APNs) token, used only to deliver the alerts you've opted into.
  • Communications. If you email us, we retain that correspondence to respond and improve support.

Sensitive information. We do not collect sensitive personal information.

Information collected automatically

  • Device and log data. IP address, user agent, OS version, device model, app version, request timestamps, and crash diagnostics our servers automatically record.
  • Product analytics. Pseudonymous event data captured by PostHog — screen views, button taps, and feature usage. PostHog does not receive your name or precise location.
  • Approximate location. Derived from your IP address (city-level), used for region-aware event surfacing. Precise device GPS is requested only if you grant the iOS app permission for a feature that needs it, and you can revoke it at any time in iOS Settings.

App Tracking Transparency (iOS)

We do not use the Apple Identifier for Advertisers (IDFA), and we do not perform cross-app or cross-site tracking. The Yoink iOS app does not present the App Tracking Transparency prompt because no tracking occurs.

Google APIs

Where we receive data from Google APIs (for example, Sign in with Google through our authentication provider), our use of that data adheres to the Google API Services User Data Policy, including the Limited Use requirements.

2.How do we process your information?

We process your personal information only when we have a valid legal reason and only for the purposes described here:

  • To provide and operate the Services— account creation, authentication, surfacing events, and delivering the ticket alerts you've enabled.
  • To improve the product — aggregate analytics and crash diagnostics that help us identify bugs, regressions, and usage patterns.
  • To communicate with you— service-related notifications, responses to your support requests, and optional product updates you've opted into.
  • To protect the Services and our users — fraud and abuse detection, rate limiting, and incident investigation.
  • To comply with the law — when required by statute, regulation, court order, or other valid legal process.

What we do not do. We do not deliver targeted advertising, do not sell your personal information, and do not share it with third-party advertisers.

4.When and with whom do we share your information?

We share personal information only with the service providers we need to operate the Services, and only as needed for them to perform their function. Each provider operates under a written data-processing agreement and is bound to use the information only on our instructions.

Service providers

  • Clerk — user authentication. Receives your email, display name, and the social identifier (Apple ID, Google account) you signed in with.
  • PostHog — product analytics. Receives pseudonymous event data tied to a stable random identifier; does not receive your name or email.
  • Apple Push Notification service (APNs)— delivery of the alerts you've enabled. Receives your device push token and the notification payload.
  • Apple MusicKit and Spotify Web API — when you connect a music account. We receive the artists you authorize us to read; we do not transmit that data back to those services beyond standard OAuth lifecycle calls.
  • Ticketmaster Discovery API, StubHub, and SeatGeek — public event data sources. We send anonymous server-to-server queries on your behalf; these third parties do not receive your personal information from us.
  • Vercel — web hosting and web analytics for yoink.events.
  • Railway — backend application hosting.
  • Sentry (when enabled) — error and performance monitoring. Configured to scrub user-identifying fields from stack traces; receives request metadata and exception details.

Other disclosures

  • Legal requirements. We may disclose information when we believe in good faith that disclosure is required by law, regulation, court order, or to protect our rights, safety, or property, or those of our users or the public.
  • Business transfers. If Yoink is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such transfer and any material change to this Privacy Notice.

We do not sell or share your personal information for cross-context behavioral advertising. We have not done so in the preceding twelve (12) months and have no plans to do so.

5.How do we handle your social logins?

The Services let you sign in with Apple, Google, or an email-based credential (magic link or password), all managed through our authentication provider Clerk. The information we receive depends on the provider you choose, but typically includes a unique identifier and your email address.

If you use Sign in with Apple, you can choose “Hide My Email” to share a private Apple relay address instead of your real one. We never see your real email in that case.

We use information we receive from third-party identity providers only to operate the account features described in this notice. We do not control how those providers process your data on their own platforms; review their privacy policies (Apple, Google) for details.

6.How long do we keep your information?

We retain personal information only as long as necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law.

  • Account information — for as long as your account is active, plus up to 30 days after deletion to allow for backup propagation.
  • Push tokens — removed when you uninstall the app or disable notifications.
  • Music-library OAuth tokens — kept while the connection is active. You can revoke at any time from app Settings, which deletes our tokens immediately.
  • Server and application logs — up to 30 days.
  • Aggregate analytics — retained indefinitely in a form that does not identify you.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or isolate it (for example, in backup archives) until deletion is possible.

7.How do we keep your information safe?

We use reasonable technical and organizational measures designed to protect your information: TLS for all data in transit, encryption at rest for managed databases, least-privilege access controls, and audit logging of administrative actions.

No method of internet transmission or storage is 100% secure. While we work to protect your information, we cannot guarantee its absolute security. You should use the Services in a secure environment and choose a strong, unique password where applicable.

8.Do we collect information from minors?

The Services are intended for users 18 years or older. We do not knowingly collect, solicit, or market to children under 18, nor do we knowingly sell personal information of minors. By using the Services, you represent that you are at least 18.

If we learn that we have collected personal information from a user under 18, we will deactivate the account and delete that information promptly. If you believe we may have information from a minor, contact us at compliance@yoink.events.

9.What are your privacy rights?

Depending on where you live, you may have rights regarding your personal information. You can exercise any of the rights below by emailing compliance@yoink.events with the subject line Privacy Request. We will respond within the timeframes required by applicable law.

Canada

You have the right to (i) access and obtain a copy of your personal information, (ii) request correction or deletion, (iii) restrict processing, (iv) data portability where applicable, and (v) withdraw consent at any time. If we make a decision that produces legal or similarly significant effects based solely on automated means, we will inform you and offer a way to request human review.

United States

See §11 for state-specific rights.

Account information

You can review or change information in your account at any time from app Settings, or contact us. If you ask us to terminate your account, we will deactivate and delete it from active databases within 30 days. We may retain limited information where required to prevent fraud, comply with legal obligations, or enforce our Terms.

Marketing communications

You can unsubscribe from optional marketing emails at any time using the unsubscribe link in the email or by contacting us. You will continue to receive transactional messages necessary for your account (for example, security alerts and notifications you have explicitly enabled).

10.Controls for Do-Not-Track features

Most browsers and some mobile operating systems include a Do-Not-Track (“DNT”) signal. Because there is no uniform industry standard for recognizing or honoring DNT signals, we do not currently respond to them. If a standard is adopted that we are required to follow, we will update this Privacy Notice and the practice accordingly.

11.Do United States residents have specific privacy rights?

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have rights to request access, correction, deletion, a portable copy of your personal information, and to withdraw consent. These rights may be limited in some circumstances by applicable law.

Categories of personal information we collect

The categories below cover the past twelve (12) months. See §1 for the specific data elements behind each category.

CategoryExamplesCollected
A. IdentifiersEmail, account name, IP address, unique device identifier, push token, online identifierYES
B. Personal information under the California Customer Records statuteName, contact information, employment or financial informationNO
C. Protected classification characteristicsGender, age, race, ethnicity, marital status, demographic dataNO
D. Commercial informationTransaction history, purchase records, payment informationNO
E. Biometric informationFingerprints, voiceprints, facial scansNO
F. Internet or other similar network activityIn-app screen views, feature usage, search queries within the appYES
G. GeolocationApproximate (city-level) location derived from IP. Precise location only if you grant the iOS app permission.YES
H. Audio, electronic, sensory, or similar informationImages, audio, video, call recordingsNO
I. Professional or employment-related informationJob title, work history, professional qualificationsNO
J. Education informationStudent records, directory informationNO
K. Inferences drawn from other personal informationRecommended artists or events based on your saved-artist list and imported music-library dataYES
L. Sensitive personal informationNO

Your rights

  • Right to know whether we are processing your personal data.
  • Right to access your personal data.
  • Right to correct inaccuracies in your personal data.
  • Right to request deletion of your personal data.
  • Right to obtain a copy of the personal data you previously shared with us.
  • Right to non-discrimination for exercising your rights.
  • Right to opt out of the sale of personal data, targeted advertising, and profiling that produces legal or similarly significant effects. We do not engage in any of these.

How to exercise your rights

Email compliance@yoink.events with subject Privacy Request. To protect your privacy, we will verify your identity before acting on a request. If we cannot verify you from information already on file, we may ask for additional information for verification only.

You may also designate an authorized agent to make a request on your behalf, where applicable law permits. We may require proof of authorization.

Appeals

If we decline to act on your request, you may appeal by emailing compliance@yoink.events with subject Privacy Appeal. We will respond in writing with the action taken or our reasons for declining. If your appeal is denied, you may submit a complaint to your state attorney general.

12.Do we make updates to this notice?

We may update this Privacy Notice from time to time. The updated version will be indicated by a new “Last updated” date at the top of this page. If we make material changes, we will notify you by prominent in-app or in-site notice, or by direct message where appropriate. We encourage you to review this Privacy Notice periodically.

13.How can you contact us about this notice?

If you have questions or comments about this Privacy Notice, you can reach us at:

Yoink Events Inc.
British Columbia, Canada
compliance@yoink.events

14.How can you review, update, or delete the data we collect from you?

Based on the applicable laws of your country or state, you may have the right to request access to your personal information, correct inaccuracies, request its deletion, or withdraw your consent. To make a request, email compliance@yoink.events with subject Privacy Request. You can also delete your account directly from app Settings.