Privacy Policy

This Privacy Policy explains how 5AM collects, uses, stores, and discloses personal data when you use our nightlife talent marketplace. 5AM is intended for performers, venues, promoters, and other nightlife operators in Malaysia.

We handle personal data in line with the Personal Data Protection Act 2010 of Malaysia, including the 2024 amendments to the PDPA. By using 5AM, you acknowledge this policy together with our Terms of Service.

The data we collect depends on how you use the platform. This can include your name, email address, account login details, role, and contact information.

For performer and venue profiles, we may collect photos, profile media, bios, availability, genres, rates, booking preferences, reviews, and other performance or venue-related information you choose to upload or generate through the platform.

When a performer checks in for a gig, the mobile app may request foreground location permission and collect latitude and longitude alongside the arrival photo. Location capture is optional; denying permission does not prevent photo check-in.

We also collect platform activity and usage analytics, such as page visits, device or browser information, IP address, referral data, and feature interaction events needed to operate, secure, and improve 5AM.

We use personal data to operate the platform, create and maintain accounts, authenticate users, host profiles, support bookings, and manage communication between performers and venues.

We also use data to improve matching between performers and venues, personalise relevant platform experiences, monitor marketplace quality, analyse product usage, detect abuse or fraud, and maintain service reliability and security.

Check-in location is used for app functionality to help verify arrival at the booked venue and support booking, payout, no-show, or dispute review.

Where required, we may use or retain personal data to comply with Malaysian legal, regulatory, tax, accounting, or dispute-handling obligations.

When you create an account, submit your profile, upload media, or otherwise provide information to 5AM, you consent to our collection and use of that personal data for the purposes described in this policy.

Where cookies or analytics tools require consent, we will rely on the relevant notice, banner, or in-product control before activating non-essential tracking. If you withdraw consent, some features may no longer function as intended.

We do not sell personal data. We share personal data only where needed to run 5AM, meet legal obligations, or fulfil the service you asked us to provide.

Our core service providers may include Supabase for authentication, database, and file storage infrastructure, and Cloudflare for security, network delivery, and performance services. We may also introduce PostHog in the future for product analytics; if that occurs, this policy and any required consent flow will be updated before broader rollout.

Profile information and booking-related details may also be shared with other platform users where needed for marketplace operation, such as allowing venues to assess performers or allowing performers to review booking opportunities.

We keep account and profile data for as long as your account remains active or as needed to provide the marketplace service.

If you close your account, we generally aim to delete or de-identify profile data and user-generated content that is no longer required within 30 to 90 days, subject to backup cycles and operational constraints.

Booking records, invoices, support records, dispute materials, security logs, and other data required for legal, tax, fraud-prevention, or audit purposes may be retained for up to 7 years, or longer if Malaysian law or a live dispute requires it.

Optional check-in coordinates are retained with the related booking record under the same booking and dispute retention rules.

Subject to the PDPA, you may request access to your personal data, ask us to correct inaccurate or incomplete data, request deletion where retention is no longer necessary, or withdraw consent for certain processing activities.

Some requests may be limited where we must retain data for legal, security, accounting, or dispute-resolution reasons. We may also need to verify your identity before acting on a request.

5AM uses essential cookies and similar technologies to keep you signed in, maintain sessions, protect accounts, and support core site functionality.

If we enable non-essential analytics or product measurement tools, such as future PostHog usage, we will present an appropriate consent mechanism before those cookies or identifiers are used where required.

You can also manage cookies through your browser settings, but disabling essential cookies may affect your ability to log in or use parts of the platform.

For access, correction, deletion, consent withdrawal, or other privacy-related questions, contact us at [email protected]. You can also write to [email protected] for general support matters connected to your account or booking activity.

We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date on this page and may provide additional notice through the platform or by email where appropriate.