Privacy Policy

DC After Dark cares about your privacy. This Policy explains what we collect, why we collect it, who we share it with, and the choices you have. It covers the website, the mobile app, and any paid subscriptions offered through the service.

• Account data — email, display name, and (optional) profile image.
• Activity — reviews, check-ins, followed venues, curated lists, and photos you upload.
• Payment data — if you subscribe to DealPass or a venue tier, Stripe handles your card details. We never see your card number. We store a Stripe customer ID, a subscription ID, the plan tier, and the current billing-period end date.
• Venue claims — if you claim a venue, we store the claim request and link it to your account until an admin approves or rejects it.

• Click tracking. When you click a ticket or reservation link, we log the event ID or venue ID, the outbound URL, the provider (Eventbrite, DICE, etc.), a user-agent string, and a one-way salted hash of your IP (for bot dedup). The salt rotates daily so the hash is not reversible back to an IP over time.
• Analytics. We use Google Analytics 4 to see which pages are popular and how users arrive at the site. Google sets cookies for this purpose. You can opt out at tools.google.com/dlpage/gaoptout.
• Device info. Standard server logs — IP, browser, device type, timestamps — kept for security and debugging.

• Stripe — payment processing. Subject to Stripe's Privacy Policy.
• Google Analytics, Google Places — traffic analytics and venue photos. Subject to Google's policies.
• Mapbox — interactive maps. Subject to Mapbox's privacy terms.
• OpenAI — powers AI Concierge chats. Messages you send are forwarded to OpenAI to generate a response. We do not use your prompts to train anyone's model.
• Affiliate networks (Eventbrite, DICE, Ticketmaster, OpenTable, Resy) — when you click an outbound ticket link, we may add an affiliate identifier. Those providers track the click on their side; see their privacy policies for details.

• Run the service — log you in, show recommendations, process payments.
• Send transactional email (receipts, password resets, claim approvals).
• Detect abuse, fraud, and bots.
• Measure what content works and improve the product.
• With your consent, send occasional product emails. You can unsubscribe any time.

We don't sell personal data. We share only with vendors listed above, law enforcement when legally required, and potential acquirers in due diligence (under confidentiality).

Account data stays until you delete your account. Click-tracking rows are retained for up to 24 months, then deleted or fully anonymized. Payment records are retained for the period required by tax and accounting law (generally 7 years).

You can request a copy of your data, correct inaccuracies, or ask us to delete your account by emailing privacy@thescenedc.com. California, EU, and UK residents have additional rights under CCPA / GDPR / UK GDPR, including the right to object to processing and the right to data portability.

The service is for adults (18+) and is not directed at children under 13. If we learn we've collected data from a child under 13, we delete it.

We'll update this policy when our practices change. The “Last updated” date at the top reflects the last change. For material changes, we'll notify you by email if you have an account.

Questions or a privacy request: privacy@thescenedc.com.