Keenup
Privacy Policy
This app is still evolving, but the privacy expectations should be clear from the start.
What Keenup stores
- Account details: email address, display username, and timezone
- Friend relationships and friend-code activity
- Availability windows and manual availability overrides
- Event details, RSVPs, and chat messages
- Authentication tokens used for magic-link sign-in
Infrastructure
Hosted on DigitalOcean App Platform with a managed PostgreSQL database. Authentication is magic-link only — no passwords are stored. Transactional email is delivered via Mailgun.
Automatic data retention
A background cleanup job runs daily and removes stale data according to the windows below. These windows reflect what is currently implemented in the application.
| Data type | Retention window | Notes |
|---|---|---|
| Magic-link authentication tokens | 30 days after expiry | Expired and consumed tokens only |
| Friend codes | 90 days after creation | Inactive or expired codes only; active codes are kept |
| Availability windows | 180 days after the window ends | Past windows only; future windows are kept |
| Events and RSVPs | 18 months after the event ends | RSVPs are removed when their event is removed |
| Deleted chat threads | 30-day grace period after deletion | Messages and participants cascade |
| Archived chat threads | 12 months after archiving | Messages and participants cascade |
Account deletion
You can request permanent account deletion at any time from your account settings. After confirming your request:
- You are signed out immediately.
- Your account enters a 30-day grace period. You cannot sign in during this time.
- After 30 days, the daily cleanup job permanently erases your account and all associated data, including friends, availability, events, RSVPs, and chat.
Deletion cannot be reversed after the grace period expires. If you need to cancel a deletion request within the grace period, contact support.