Privacy Policy

How FollowTo handles your data as an organizer, community member, event attendee, or visitor. Last updated: June 2026.

← Back to FollowTo

This Privacy Policy applies to the FollowTo platform and all services operated by Mantra Solventure(“we”, “our”, “us”). FollowTo is a community and events platform at followto.io. This policy explains how we collect, use, store, and protect personal data for organizers, community members, event attendees, and visitors.

Who this policy covers

  • Organizers: Users who create communities and events, manage RSVPs, and use the dashboard.
  • Event attendees: People who RSVP to events, confirm via OTP, and may auto-follow communities.
  • Community members: Users who follow communities and appear in organizer dashboards.
  • Visitors: Anyone who browses public community pages, event pages, or discovery pages for events and communities.

Platform features covered

  • Public community pages and event RSVP pages
  • Events and Communities discovery (browse by city and area)
  • OTP email confirmation for RSVPs
  • Organizer dashboards, attendee lists, follower management, and CSV export (Pro and Enterprise)
  • Featured attendees display on public event pages (organizer-controlled, attendee opt-out available)
  • Per-community pricing and billing through Paddle
  • Optional online meeting integrations (Zoom, Google Meet, Microsoft Teams) for organizers
  • Public page analytics for organizers (aggregate visitor and session metrics)
  • Referral programme attribution

Data we collect

Organizer accounts: Email, name, password hash (if using password auth), sign-in OAuth tokens (Google, GitHub, LinkedIn), optional online-meeting integration tokens (Zoom, Google Calendar/Meet, Microsoft Teams) when you connect those services, community and event content, billing data.

Event attendees (RSVP): Name (required), email (organizer-configured), phone (optional), interests, food and drink preferences, custom form responses. Email is used to send an OTP confirmation code. We create or match a user account by email to enable community membership and future notifications.

Discovery and usage data: IP address, device, browser, pages visited, search queries on discovery pages (when analytics consent is given), approximate location for area suggestions, and analytics events on public community and event pages.

How we use data

  • To operate the FollowTo platform (accounts, events, RSVPs, discovery)
  • To send transactional emails (OTP confirmation, event notifications)
  • To populate organizer dashboards with attendee lists and page analytics
  • To auto-follow communities when attendees confirm RSVPs
  • To improve event and community discovery based on anonymous search signals
  • To process payments via Paddle (Pro and Enterprise plans)
  • To create and manage online meetings on your behalf when you connect Zoom, Google Meet, or Microsoft Teams and publish online events
  • For security, fraud prevention, and legal compliance

We do not sell personal data. We do not use attendee data for advertising or profiling outside of the FollowTo service.

What community organizers can see about you

When you RSVP to an event or follow a community, the organizer of that community gains access to certain information about you. This section explains exactly what organizers can and cannot see.

Profile-level data organizers can access: Organizers can see the following information that you provided when registering for their events: your name, email address, designation (job title), company name, LinkedIn URL, and bio. These fields are part of your FollowTo attendee profile and may be shared with any organizer whose event you attend.

Activity visible to organizers: An organizer can see how many of their own events you have attended, and a platform-wide count of how many communities you are following across all of FollowTo (count only, not which specific communities). They cannot see which communities you follow, which other events you have attended, or any personal data you shared with a different organizer.

Event-specific custom responses: Some organizers add extra questions to their RSVP forms (for example, food preferences or an Instagram handle). Those responses are visible only to the organizer who asked for them and are not shared with other organizers, even if both organizers host events on FollowTo.

Featured attendees:An organizer may choose to display a list of “featured attendees” on their public event page. If you are designated as a featured attendee, your name, photo, designation, company, LinkedIn URL, and bio (if provided) may be visible to the general public. When registering, you can uncheck “Add me to Featured Attendees” if you prefer not to appear in that list, or contact the organizer at any time.

Removal by organizer: An organizer can remove you as a follower of their community. This removes only the community-follow relationship and does not delete your FollowTo account or data from other communities or events.

Organizer CSV export: Organizers on Pro and Enterprise plans can export a CSV of their community followers. This export includes name, email address, designation, company, LinkedIn URL, bio, and the date you followed, drawn from RSVPs to their own events only.

Online meeting integrations (Zoom, Google Meet, Microsoft Teams)

Organizers may optionally connect a third-party meeting account in Settings → Integrations. This is separate from using Google, GitHub, or LinkedIn to sign in to FollowTo. You choose whether to connect, and you can disconnect at any time.

When you connect Zoom: We receive and store your Zoom user ID, Zoom account email, OAuth access token, refresh token, token expiry, and granted scopes. We use these only to create, update, and delete Zoom meetings or webinars for your published online events, and to add confirmed guests as webinar registrants when applicable. On Pro and Enterprise communities, we may also fetch post-event participant reports (attendance counts, session duration, and per-guest attendance metadata) after an online event ends. Organizers may upload YouTube links and event photos to the event archive and optionally send update emails to OTP-verified registrants. We do not receive Zoom cloud recordings, chat, or participant audio/video through the OAuth integration.

When you connect Google Meet: We receive and store your Google user ID, Google account email, OAuth access and refresh tokens, token expiry, and granted scopes (including Google Calendar event access needed to create Meet links). We use these only to create and update calendar events with Meet links for your published online events.

When you connect Microsoft Teams: We receive and store your Microsoft user ID, account email, OAuth access and refresh tokens, token expiry, and granted scopes (including permission to create Teams online meetings). We use these only to create and update Teams meetings for your published online events.

Integration OAuth tokens are stored server-side in our encrypted database (Turso/libSQL). They are not exposed in client-side code, public event pages, or guest join links. Event guests receive FollowTo-controlled join links after RSVP confirmation; guests do not receive your OAuth tokens.

When you edit an event schedule, we update the linked meeting in the connected service. When you unpublish or delete an event, we remove the linked online meeting where the integration supports it. When you disconnect an integration or delete your FollowTo account, we delete the stored tokens and related integration records for that service.

Google Meet and Microsoft Teams integrations may be rolled out gradually. Availability may vary by account or region until fully launched.

User rights (GDPR, CCPA, DPDP)

Depending on your jurisdiction, you have the right to:

  • Access: Request a copy of your personal data.
  • Correction: Request correction of inaccurate data.
  • Deletion: Permanently delete your account and all associated data instantly from Settings → Privacy & data. No waiting period.
  • Portability: Download a JSON copy of your personal data from Settings → Privacy & data. Organizers on Pro and Enterprise can also export attendee registrations as CSV per event.
  • Disconnect integrations: Remove stored Zoom, Google Meet, or Microsoft Teams tokens at any time from Settings → Integrations.
  • Opt-out (CCPA): California residents may opt out of any sale of personal information (we do not sell personal data).
  • Grievance (DPDP): Indian residents may contact our Data Protection Officer at privacy@followto.io.

Self-service export: Logged-in users can download a JSON export of their personal data from Settings → Privacy & data at any time.

Self-service deletion: Logged-in users can permanently delete their data from Settings → Privacy & data → Delete my data permanently and forever. Deletion is processed immediately upon confirmation.

Inactive accounts (DPDP): If you have not used your account for an extended period (default three years), we email you at least 48 hours before permanently deleting inactive free accounts. Sign in or export your data to keep your account. Paid Pro and Enterprise subscriptions are excluded while active.

To exercise other rights, or if you cannot use the in-app control, email privacy@followto.io. We will respond within 30 days.

Data storage

FollowTo stores account, community, and event data on Turso (libSQL) with encryption in transit and at rest. We document subprocessors and security practices in this policy and support common privacy rights (including GDPR, DPDP, and CCPA) through the controls described above.

Cookies and tracking

We use essential cookies for authentication and to remember your cookie consent choice. Optional cookies for preferences, analytics, and referral attribution are set only after you accept them in our cookie banner. We do not use third-party advertising cookies. See our Cookie Policy for details and to manage your choices via Cookie settings in the footer.

Third-party processors

We share data with the following processors under data processing agreements:

  • Turso - database hosting
  • Resend - transactional email delivery
  • Paddle - payment processing
  • Vercel - application hosting (edge network)
  • Zoom - online meetings and webinars (when organizers connect their Zoom account)
  • Google - sign-in and, when connected, Google Calendar / Google Meet for online events
  • Microsoft - Microsoft Teams online meetings (when organizers connect their Microsoft account)

When you connect Zoom, Google Meet, or Microsoft Teams, your use of those services is also subject to their privacy policies. We act as a processor on your behalf for meeting creation tied to your events; the third-party provider processes meeting participation data according to its own terms.

Children's privacy

FollowTo is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has provided data, contact us at privacy@followto.io.

Policy updates

We may update this policy. Significant changes will be notified by email or in-app banner. Continued use after notice constitutes acceptance.

Contact

Mantra Solventure
FE-3, 3rd Floor, Shivaji Enclave
Delhi
India - 110027
Email: privacy@followto.io