← Back to Pertly

Privacy Policy

Last updated: 2026-06-29

The short version

Pertly recommends things to do near you. To do that we need a small amount of personal data — your account, your location, and what you've told us about your preferences. We don't sell it. We don't share it with advertisers. We do send small, de-personalised pieces of data to third-party AI services to write the editorial copy you see (more below). You can request account deletion at any time from settings. There is a 14-day grace period before irreversible deletion so you can cancel if it was a mistake.

What we collect

  • Account: email address and (optional) display name. If you sign in with Google, we may also receive your Google account name and profile photo from Supabase Auth.
  • Location: the postcode or English city you set, plus GPS coordinates when you grant the browser permission. Settings shows which source currently controls discovery. Used only to show nearby results and route plans.
  • Preferences: the activity types, travel radius, going-out times, and mood you set in onboarding or later in settings.
  • Cultural preferences:the cultural backgrounds you'd like to see represented in your recommendations (e.g. South Asian, Southern European). This is optional— you can skip it during onboarding or clear it in settings. We use it only to weight which venues we surface to you; we don't share it with the AI providers or any third party.
  • Activity: impressions of cards we show you, taps on detail pages, items you save, search queries, and the Surprise Me plans you generate. Used to improve the recommendations you see and (where you opt in) to mark plans as completed.
  • Group plans: saved items you turn into a group plan, invite links, guest names, and guest votes. Public group plan links can be opened by anyone who has the link.
  • Billing and referrals: your Plus access state, referral code/status, Stripe customer ID, subscription/pass status, and webhook records needed to prevent duplicate billing updates. Stripe handles payment card details; Pertly does not store full card numbers.
  • Feedback: bug reports, app feedback, and visit ratings you choose to send.

What we don't do

  • We don't sell your data.
  • We don't share it with advertisers or data brokers.
  • We don't track you across other sites or apps.
  • We don't knowingly collect data from children under 13. We ask whether you're 18 or over so we can hide age-restricted recommendations where needed.

AI processing

Some of Pertly's most editorial features are powered by third-party AI models. When AI is involved, here's exactly what we share:

  • Surprise Me itineraries are curated by DeepSeek, an AI provider based in China. When you generate a plan, we send your mood, the area you're in, and the names of candidate venues — never your account, email, or other personal information.
  • Editorial subtitles on feed cards and Surprise Me stops are generated by Groq, a US-based AI provider. We send the venue name, category, and your active mood.
  • Venue classification (tagging venues with moods, cultures, and indoor/outdoor flags) also runs on Groq, but this happens at our data-ingestion stage before any user interaction — no personal data is involved.
  • If the primary AI provider is unavailable for any feature, we may failover to the other. Either way, what we share is the minimal data described above.

AI-generated copy may occasionally contain errors or characterisations that don't perfectly match a venue. Treat it as editorial recommendation, not verified fact.

International data transfers

Because we use third-party services in the US and China (see above), some of your data crosses international borders. Where we do this we rely on appropriate safeguards under UK GDPR (the providers' standard contractual clauses and their own published security commitments). The data shared is the minimum needed for each feature and never includes account-identifying information.

Third parties we use

Beyond the AI providers named above:

Where Pertly runs

  • Supabase — authentication and database (data stored on EU servers).
  • Google OAuth — optional Google sign-in, handled through Supabase Auth.
  • Vercel — frontend hosting.
  • Railway — backend hosting.
  • Sentry — error monitoring and performance diagnostics. We use it to understand crashes and production issues, not for advertising.

Where venue and event data comes from

  • Google Places— venue photos, opening hours, ratings. Server-side enrichment; we don't share your data with Google.
  • Ticketmaster, council RSS feeds, Data Thistle— event listings. Server-side only; we don't share your data with them.
  • Mapillary, Wikipedia, Wikidata — venue imagery. Server-side fetched.

Where your location helps the feed

  • Postcodes.io — postcode validation. We send only the postcode you typed.
  • OpenWeatherMap — weather context. We send only your approximate location.
  • OpenRouteService— walking times for Surprise Me itineraries. We send the coordinates of the stops we're routing between.

Partner content

  • ClassBento — class booking links shown in the feed. When you tap a ClassBento card, you leave Pertly for their site under their terms.

Payments

  • Stripe — checkout, subscriptions, 7-day passes, receipts, payment recovery, and the customer billing portal.

Cookies and local storage

Pertly uses cookies and your browser's local storage to keep you signed in, remember your preferences (mood, last-seen tooltips, dismissed prompts), hold PWA install prompt state, and cache static app assets for install/offline support. We don't use third-party tracking cookies or advertising pixels.

Data retention

  • Account data is kept while your account is active. On deletion (see Your rights) it is removed or anonymised after the 14-day grace period expires.
  • Activity data (impressions, taps, searches) is kept for up to 90 days for personalisation, then aggregated.
  • Surprise Me itinerariesyou don't save expire or are cleaned up automatically. Saved plans stay until you remove them.
  • Group plan invite links and votes are kept long enough for the plan to run and for abuse/debugging protection, then archived or cleaned up.
  • Logs (server errors, request traces) are kept for up to 30 days for debugging and security.

Your rights

You can access, change, or delete any of the data we hold from your settings page. Account deletion has a 14-day grace period. During that window, the app shows a pending-deletion banner and you can cancel deliberately from the banner or settings. After the grace period, deletion is irreversible and account data is removed or anonymised. Under UK GDPR you also have the right to ask for a copy of your data or to object to certain processing — email us using the address below.

Contact

Questions? Email hello@pertly.app.