Privacy Policy

1. Introduction

1.1. Purpose of this Policy

At VibeQueue, we are committed to protecting the privacy and personal data of our users. This Privacy Policy is designed to inform you—in a clear, transparent, and detailed manner—about how and why we collect, use, store, and, when necessary, share your personal information.

As part of our mission to create an interactive music experience at live events, we recognise that safeguarding your data is not only a legal obligation, but also a fundamental element in building trust with our community of DJs, event organisers, and attendees. This document aims to explain your rights, our responsibilities, and the measures we have implemented to ensure your data is handled in accordance with the highest standards of data protection.

Whether you are creating an event, managing a queue, or simply requesting a song at a party, we want you to feel confident and informed about what happens with your data while using VibeQueue.

1.2. Scope of the Policy

This Privacy Policy applies to all users of the VibeQueue platform, including but not limited to:

  • DJs and event organisers who register an account and use the system to manage musical queues;
  • Attendees who interact with the platform by scanning a QR code or entering an event code;
  • Any user who accesses the VibeQueue website or mobile application.

The Policy covers all personal data that we collect, whether actively provided (e.g., during registration) or passively gathered through the use of our services. It also explains how we process that data in relation to account management, service functionality, event participation, communications, and fraud prevention.

Please note that this Policy does not govern how third parties—such as Stripe, our payment provider—handle your information. These third parties operate under their own privacy policies and terms of service.

1.3. Data Controller Identity

The data controller responsible for processing your personal information in connection with the VibeQueue platform is:

VibeQueue
Winkel 2
8224 Löhningen, Schaffhausen, Switzerland
Email: support@vibequeue.com

As the data controller, VibeQueue determines the purposes and means of processing your personal data. We operate under Swiss and European data protection laws, ensuring your rights are respected regardless of where you access our platform.

2. Data We Collect

2.1. Account Information

To provide access to key functionalities of the platform—such as event creation, queue management, and payment processing—VibeQueue requires users in roles such as DJs or event administrators to register an account. During this registration process, we collect the following personal information:

  • Username: A public-facing identifier used to personalise your profile and event listings.
  • Password: Stored in encrypted format for authentication purposes.
  • Email Address: Used for account verification, communication, and password recovery.
  • Date of birth: Used to ensure age compliance.

This information is necessary for the creation and security of your account. We also use it to authenticate your identity and provide access to services that are not available to anonymous users.

2.2. Optional Information

We may also request the following additional information to improve the quality of service:

  • Profile photo (optional)

2.3. Technical and Usage Data

When you interact with the platform—whether through the website or mobile app—we automatically collect certain technical data related to your usage. This data includes:

  • Device information (e.g., device model, operating system)
  • IP address and approximate geolocation
  • Timestamps and duration of sessions
  • Interactions within the app (e.g., events visited, songs voted)

We use this information to maintain the security of our system, monitor service performance, prevent abuse, and improve functionality. For instance, we may analyse how users engage with the request queue to refine the interface or identify bugs.

Note: At this time, VibeQueue does not use external analytics providers (such as Google Analytics), but we reserve the right to do so in the future, in which case this policy will be updated accordingly.

2.4. Payment Information

When you make a payment for a song request, we collect basic transactional data, including your name, email address, the amount paid, and the transaction date. This data is used solely for verification, dispute resolution, and compliance with payment processing regulations. No credit card or sensitive financial information is stored by VibeQueue, as all payment operations are handled securely by Stripe.

2.5. Transaction Data Collected During Payment

By proceeding with a payment, you consent to the collection of your name, email address, transaction amount, and date for the purpose of processing and dispute resolution.

3. Purpose of Data Processing

In line with our commitment to transparency and user privacy, this section explains the specific reasons why we collect and process personal data on the VibeQueue platform. All processing activities are carried out in accordance with applicable data protection laws and are limited to the scope necessary for the operation and improvement of our services.

3.1. Account Creation and Management

The primary purpose for collecting personal data is to allow DJs, event administrators, and other registered users to create and manage their accounts. This includes:

  • Verifying your identity and granting access to restricted features.
  • Maintaining a secure environment through authentication processes.
  • Enabling features such as profile customisation, event listings, and password recovery.
  • Provide password recovery support in case users forget their login credentials.

Without this information, core features such as creating or editing events would not be available.

3.2. Event Management and Song Requests

Once an account is created, users can organise or participate in events using various tools provided by VibeQueue. We process data to:

  • Facilitate the creation, configuration, and management of musical events.
  • Allow attendees to browse events, vote for songs, and submit song requests with a mandatory minimum payment amount defined by the event organiser.
  • Ensure each request is associated with the correct user and event context.
  • Handle the logic required for accepting, rejecting, or confirming the playback of requested songs.

Data collected in this context allows the platform to deliver a seamless, real-time interaction between attendees and DJs.

3.3. Abuse Prevention

To maintain a respectful and secure environment, we use both account data and technical metadata (such as IP address and device type) to:

  • Detect suspicious activity, such as payment manipulation, spam, or fake requests.
  • Enforce age restrictions and protect the experience of all users.
  • Investigate and resolve reported violations of our terms of service.

This processing helps us prevent fraudulent behaviour and ensures the integrity of interactions within the platform.

3.4. Notifications and Updates

We may use the email address provided during registration to send you important communications related to:

  • Updates on your request status (e.g., accepted or rejected songs).
  • Changes to the event queue or event settings you manage.
  • Security-related notices or feature announcements.

We do not send promotional emails unless you have explicitly opted in. Notifications may also be delivered via push (mobile) if you enable them, in which case we may process device identifiers in accordance with your device's permissions.

4. Data Storage and Security

Protecting your data is a core priority at VibeQueue. We implement appropriate technical and organisational measures to safeguard your information against unauthorised access, accidental loss, or malicious misuse. This section outlines how and where your data is stored, and the protective measures we have in place.

4.1. Location of Data Storage (Azure in Europe)

All personal data collected through the VibeQueue platform is securely stored on Microsoft Azure servers located within the European Union. Azure is a highly secure, industry-standard cloud service provider that offers robust data protection mechanisms, ensuring compliance with European data protection regulations.

By storing our data in the EU, we benefit from one of the world's most advanced legal frameworks for data privacy. This means your information is handled according to the strict guidelines set forth by the General Data Protection Regulation (GDPR) and other applicable laws.

We do not transfer your personal data outside of Europe unless required by law or with your explicit consent.

4.2. Security Measures

To ensure the security and confidentiality of the personal data we process, VibeQueue has implemented a comprehensive set of protective measures, including but not limited to:

  • Encryption: All data is transmitted over encrypted channels (HTTPS) to prevent interception by third parties.
  • Access Controls: User data is accessible only by authorised personnel within our organisation, and only when necessary to perform their duties.
  • Authentication Protocols: Passwords are stored using industry-standard hashing techniques. We do not store plain-text passwords at any time.
  • Activity Monitoring: Systems are monitored regularly for signs of unauthorised access or unusual behaviour.
  • Regular Backups: Encrypted backups of essential data are maintained to allow recovery in case of a critical incident.

Despite our best efforts, no system is immune to all potential threats. However, we remain committed to promptly addressing any security incidents, informing affected users if necessary, and continuing to evolve our defences in line with best practices and regulatory developments.

5. Data Access and Sharing

VibeQueue is committed to limiting access to your personal data to only those parties who truly need it for legitimate and clearly defined purposes. We do not sell your data, nor do we share it indiscriminately. This section explains how access is granted within our organisation and what third parties may be involved in data processing.

5.1. Internal Access

Access to your personal information within VibeQueue is restricted to a limited number of team members who require it in order to operate, maintain, or improve the platform. These individuals may include developers, administrators, and support staff, all of whom are contractually bound by strict confidentiality agreements.

The primary reasons for internal access include:

  • Account troubleshooting and technical support.
  • Security monitoring and abuse prevention.
  • Managing event configurations and platform enhancements.
  • Responding to user inquiries or data requests.

We apply role-based access controls and rigorous internal protocols to ensure that only the minimum necessary amount of data is accessed by any team member, and always for legitimate operational needs.

5.2. Third-Party Services (Stripe)

VibeQueue integrates with Stripe, a globally recognised payment processing platform, to handle all transactions related to song requests and DJ payouts. When a user initiates a payment or links their account for withdrawals, they interact directly with Stripe's systems.

Stripe operates independently of VibeQueue in terms of data collection and compliance. The only information shared between VibeQueue and Stripe includes technical identifiers that allow us to track the status of transactions, link Stripe accounts to DJs, and confirm whether a payment has been successfully authorised, captured, or refunded.

Importantly:

  • VibeQueue does not collect, process, or store your credit card information, bank details, or other sensitive financial data.
  • All such information is managed entirely within Stripe's secure infrastructure and subject to their own Privacy Policy and regulatory obligations (such as PCI DSS compliance).

Users are encouraged to consult Stripe's privacy terms when using their payment services, as Stripe becomes a separate data controller once a transaction is initiated.

6. User Rights

At VibeQueue, we respect your fundamental rights regarding your personal data. As a user of our platform, you have several rights that allow you to maintain control over how your personal information is processed. Below, we outline your key rights and how you can exercise them.

6.1. Access, Rectification, and Deletion

You have the right to:

  • Access the personal data we hold about you, including details on how it is processed.
  • Request rectification if any of the data is inaccurate, outdated, or incomplete.
  • Request deletion of your personal information, provided there are no legal or contractual obligations requiring us to retain it.

Requests for access, correction, or deletion can be submitted by contacting our support team at support@vibequeue.com. We will respond to all such requests within a reasonable timeframe, typically within 30 days.

6.2. Account Deletion

You may delete your VibeQueue account at any time. This can be done in two ways:

  • Directly from the app, where a dedicated option will be available in the user settings.
  • By contacting support, in case of technical issues or if you are unable to access your account.

Once your account is deleted, all associated personal data will be removed from our active systems, except for information that we are legally required or permitted to retain (e.g., for fraud prevention or dispute resolution purposes).

Please note that deleting your account is irreversible and any associated event or payment data will no longer be recoverable.

6.3. Right to Object and Restriction of Processing

You also have the right to:

  • Object to certain types of data processing, particularly in cases involving marketing communications or non-essential features.
  • Request restriction of data processing if you believe your data is inaccurate, unlawfully processed, or no longer needed, but you wish us to retain it for legal claims or dispute resolution.

To exercise these rights, simply contact our support team with a clear description of your request, and we will assess your case in accordance with applicable data protection laws.

7. Data Retention

We are committed to retaining personal data only for as long as it is necessary to fulfil the purposes for which it was collected, or to comply with legal, regulatory, or contractual obligations.

7.1. How Long We Keep Your Data

We retain your personal data according to the following guidelines:

  • Account Information (username, email, password, date of birth) is kept for as long as your account remains active. If you delete your account, this data is securely erased from our active systems unless we are legally obligated to retain it.
  • Event and usage data including song requests and interaction logs, are retained for analytical and support purposes for a limited time after the event concludes, unless deletion is requested.
  • Audio recordings (if applicable) are kept for a maximum of 30 days after the end of the event, or until the dispute period expires, whichever is longer. These recordings are deleted automatically unless they are needed for an ongoing investigation or claim.
  • Technical and device information is typically stored temporarily and used only to maintain system integrity and prevent abuse. It is not associated with your identity for longer than needed.
  • Backups containing residual data may be retained securely for a longer period but are not used for any active processing.

Once the retention period expires, data is either deleted or anonymized in a secure and irreversible manner.

8. Minors Policy

VibeQueue is designed for an adult audience and aims to provide a responsible and legally compliant environment for users engaging with live music events. We take the privacy and safety of minors seriously and have implemented clear restrictions regarding their participation on the platform.

8.1. Minimum Age Requirement

To use VibeQueue, users must be at least 18 years old. By creating an account or interacting with features intended for DJs, organisers, or collaborators, you confirm that you meet this age requirement. We do not knowingly collect personal data from individuals under the age of 18.

If we become aware that a minor has provided us with personal information without verified parental or legal guardian consent, we will take immediate steps to delete such information and disable any associated accounts.

Parents or legal guardians who believe that their child may have accessed the platform and submitted data are encouraged to contact us at support@vibequeue.com to request deletion or further assistance.

9. Changes to This Privacy Policy

At VibeQueue, we are committed to keeping our users informed about how their data is used and protected. As our platform evolves—whether through new features, regulatory changes, or updates to our data processing practices—we may revise this Privacy Policy to reflect those developments.

Any changes to this policy will be clearly communicated and made accessible through our platform. In most cases, this will include:

  • Updating the "Last Updated" date at the bottom of the policy.
  • Displaying a notice on our website or app home screen for a reasonable period.
  • Requesting renewed consent if the changes materially affect your rights or how we process your data.

We encourage users to periodically review this Privacy Policy to stay informed about our data protection practices. Continued use of the platform after changes have been posted constitutes acceptance of those changes.

If you disagree with any future modifications, you may choose to delete your account or contact us for more information before continuing to use the service.

10. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, you can contact us at any time using the information below:

VibeQueue
Winkel 2,
8224 Löhningen, Schaffhausen, Switzerland
Email: info@vibequeue.com

We strive to respond to all inquiries in a timely and respectful manner. Whether you want to exercise one of your data protection rights, need clarification about how your data is processed, or wish to provide feedback about our privacy practices, we are here to help.

For users within the European Union or under GDPR protection, if you feel that your data has not been handled correctly or that your rights have been infringed, you also have the right to lodge a complaint with your local data protection authority.

Last updated: May 19, 2025