Privacy Policy
Last updated: May 25, 2026.
This policy describes what data AnyExtras collects, why, how we use it, and the choices you have. AnyExtras is operated by Tilted Planet Ltd, an Illinois corporation. Plain English first, lawyer's English never.
What we collect
- Profile. First name, last name, optional display nickname, and either an email address or phone number (your choice). Used to identify you to potential matches and to deliver notifications you've asked for.
- Verification. When you sign up we send a 6-digit code by SMS or email to confirm you control the contact method you provided. Twilio handles delivery.
- Listings & matches. The events you've posted listings for, the tickets you've offered or requested, and the people you've matched with.
- Location, at the moment of action. When you post a listing, propose a match, or browse events with location enabled, the iOS app sends your current latitude and longitude to AnyExtras alongside that action. We use it to confirm you're near the venue and we log it server-side as a trust-and-safety record. We do not track your location in the background. Web users without "Use my location" enabled do not send coordinates.
- Chat messages. Messages exchanged through an in-app match are stored on AnyExtras servers and visible to both participants. Admins can review the transcript of any match flagged for ban (see the next section).
- Feedback. After an event, both parties can leave feedback (positive, neutral, negative) and optionally flag the other for admin review. We use this to keep the platform healthy.
- Push notification tokens. If you grant notification permission on iOS, Apple gives us an opaque per-device token we use only to send you matchmaking notifications (new match, accepted, cancelled, new chat message). We never use it for marketing.
- Device-check token (iOS only). The iOS app generates an Apple-provided per-device token via the standard DeviceCheck API. We store it so we can flip a device-level ban bit through Apple's API if your account is removed — it lets us recognize a banned device that tries to come back under a fresh account. We never see your device serial or any other identifier Apple doesn't share.
How long we keep things
Most match-related data — chat messages and the location pings above — is automatically deleted 90 days after the event ends. This window is administratively configurable; an admin may set it shorter or longer, and the current value is always whatever the server is configured to.
If you or the other party flag a match for ban, or if an admin bans either of you, we freeze a permanent trust-and-safety record of that match: the participants' contact info, the event, the listings, the chat transcript, the proximity records, and any feedback. These records are retained indefinitely so we can investigate disputes and re-identify banned users who try to come back under new accounts.
Profile data (name, email, phone, completed-match counter, push tokens, device-check token) is kept until you delete your account.
What we don't do
- No advertising. No ad networks, no SDKs, no third-party tracking pixels.
- No selling or renting your data, ever.
- No background location, no continuous tracking.
- No analytics service collecting personal data. We may keep aggregate server-side metrics (e.g. how many listings were posted yesterday).
Sign-in links and long-distance invites
If you make a sign-in link to use your account on another device, anyone with that URL is signed in as you for 60 minutes. You're responsible for who you share it with. Long-distance invites (for letting a friend or family member share tickets for one event) work only once and only for that event — you can cancel an unused one any time.
In-app tips
Tips are processed by Apple via in-app purchase. We never see your payment details. Apple does charge Apple's standard fee on tips.
Where data is stored
AnyExtras runs on Fly.io with a Postgres database in the United States. Twilio (SMS verification + phone-line-type lookup) and Brevo (email delivery) are subprocessors. Apple is a subprocessor for in-app purchases (tips), push-notification delivery (APNs), and the device-check ban-enforcement path (DeviceCheck).
Your choices
- You can sign out from the app at any time, which revokes your session on the device.
- You can delete your account from Profile → Delete account in the iOS app, or by emailing helper@anyextras.com. We anonymize your profile (names replaced with "Deleted User," email + phone wiped), cancel active listings, end active matches, revoke sessions, and drop your push + device-check tokens. Past matches and their messages remain subject to the retention windows above; any match in the trust-and-safety vault (because you or a counterparty flagged it, or because an admin banned an account) is kept indefinitely.
- You can download a full JSON export of your data anytime from Profile → Download my data on iOS.
- You can decline location access. AnyExtras will let you browse but won't let you post or commit matches.
- You can decline notification permission. We won't be able to send you push alerts about new matches or chat messages, but the rest of the app works as normal.
Children
AnyExtras is for users 13 years and older. We don't knowingly collect data from anyone younger.
Legal basis for processing (EU/UK)
If you're in the European Union, the United Kingdom, or another GDPR-influenced jurisdiction, here's the legal basis we rely on for each kind of processing:
- Contract — name, email/phone, listings, matches, in-app messages, feedback. Necessary to provide the matchmaking service you signed up for (GDPR Art. 6(1)(b)).
- Legitimate interest — proximity probes, device-check tokens, trust-and-safety vault retention, push token storage. Necessary to keep the platform safe and to enforce bans (Art. 6(1)(f)). You can object via helper@anyextras.com.
- Consent — notification permission, location access. You grant these at the OS level and can revoke them at any time in iOS Settings; declining doesn't break sign-in (Art. 6(1)(a)).
- Legal obligation — responding to lawful requests from authorities, complying with tax/accounting laws (Art. 6(1)(c)).
Refusing legitimate-interest processing may limit our ability to keep you on the platform — for example, we can't run a marketplace if we can't enforce bans on bad actors. We weigh that interest against your rights and try to minimize the data we keep, but for safety records (vaulted matches) the answer is that we retain them indefinitely.
Your GDPR rights (EU/UK residents)
- Right of access. Download a JSON export of everything we have on you — Profile → Download my data on iOS, or email helper@anyextras.com.
- Right to rectification. Edit your profile in the app; email us for anything else.
- Right to erasure. Delete your account from Profile → Delete account. Active listings + matches end, sessions are revoked, push tokens dropped, identifying fields wiped. Trust-and-safety vault rows survive deletion under the legitimate-interest basis above.
- Right to restriction / objection. Email us to pause specific processing.
- Right to portability. The export above is a machine-readable JSON file you can hand to anyone.
- Right to complain. You can lodge a complaint with your local data-protection authority.
We don't have an EU representative because we don't currently have an EU establishment and our processing is on an occasional, opt-in basis. If that changes we'll designate one and update this policy.
Your California rights (CCPA / CPRA)
If you're a California resident, the California Consumer Privacy Act gives you the right to know what we collect, the right to delete, the right to correct, and the right to opt out of "sale" or "sharing" of personal information.
- We don't sell your personal information. Ever. No ad networks, no data brokers, no analytics resellers.
- We don't "share" it for cross-context behavioral advertising (the CPRA's broader definition). Same reason.
- Right to know / access. Use Profile → Download my data on iOS, or email helper@anyextras.com.
- Right to delete. Profile → Delete account in the app, or email us. Subject to the trust-and-safety vault carve-out described above.
- Right to correct. Edit your profile in the app; email for anything else.
- Right to non-discrimination. Exercising any of these rights doesn't affect your access to AnyExtras.
Authorized agents may submit requests on your behalf with written authorization.
Changes
If this policy changes materially we'll surface it in the app on next launch. The most recent version always lives at this URL.
Contact
Questions, requests, or complaints: helper@anyextras.com.