EventsBETA

Privacy Policy

Effective date: March 30, 2026

1. Overview and Privacy-First Commitment

Privacy is a foundational requirement of this Platform, not an afterthought. We collect the minimum information necessary to operate the service, default to the most private option at every decision point, and never expose your personal data without your explicit consent.

This policy covers all users of the Events Platform, including registered users and unauthenticated visitors. There is a dedicated section (Section 11) for users under 18.

2. What We Collect

Required at registration

  • Email address — used for authentication and notifications. Never publicly visible.
  • Date of birth — used to enforce age-restricted features (18+) and verify minimum age (16+). Never publicly visible.
  • Alias / display name — the one profile field that is always visible, as it is needed for any public interaction on the Platform.

Optional profile information

All other profile fields — real name, bio, profile photo, and location — are entirely optional. Each has its own privacy control. You can set any field to private so it is visible only to you.

Activity data

When you use the Platform, we store records of your interactions: events you create or RSVP to, comments you post, check-ins, carpool posts, group memberships, and bookmarks. This data is used to power the features you use and is subject to the privacy controls described below.

Technical data

Standard server logs (IP address, browser user agent, timestamps) may be retained for security and debugging purposes for up to 90 days.

3. What We Do Not Collect

  • We do not sell your data to third parties.
  • We do not run advertising or tracking networks.
  • We do not collect precise location unless you explicitly share it (e.g., by creating an event at an address, or using the Hangouts feature with location sharing enabled).
  • We do not collect or store payment information. All payment coordination happens externally via third-party services chosen by event organizers.

4. Location Privacy

User location is never exposed unless you explicitly opt in. Specific rules:

  • Private event addresses are never shown on public maps, search results, or API responses.
  • For events with restricted location visibility, only a coarsened location (neighborhood or city level) is shown publicly. The precise address is shared only with approved attendees.
  • Hangout / Now Playing locations are only visible per your explicit privacy settings, and only to other authenticated users.
  • Radius search uses your coordinates internally for computation only and does not store or expose your search location.

5. Donation and Payment Privacy

Whether you have donated to or paid for an event is never publicly visible unless you explicitly authorize your name to be shown. Payment tracking (paid/unpaid status) is visible only to the event organizer, never to other attendees or the public.

6. Private Groups and Events

  • Private groups are not discoverable by non-members. Their existence and membership are hidden from unauthenticated users and non-members.
  • Private events are never visible in search results, public maps, or API responses. They are accessible only via a direct tokenized invite link.

7. How We Use Your Information

  • To authenticate your account and maintain your session.
  • To send notifications you have subscribed to (event reminders, change alerts, subscription matches). You control notification preferences.
  • To enforce age restrictions and platform rules (e.g., features limited to users 18+).
  • To detect abuse, spam, and clone fraud as described in our Terms of Service.
  • To operate, maintain, and improve the Platform.

8. Data Sharing

We do not sell, rent, or trade your personal information. We may share data with:

  • Infrastructure providers (hosting, database) as necessary to operate the Platform, under data processing agreements.
  • Law enforcement, when required by a valid legal order.

Public information you post (event listings, public comments, public profile) is, by definition, accessible to anyone visiting the Platform, including via our public API.

9. Your Rights — Data Access and Deletion (GDPR / CCPA)

You have the following rights regarding your personal data:

  • Right to access — You can export all of your personal data at any time from your account settings.
  • Right to erasure — You can fully delete your account and associated personal data from your account settings.
  • Right to know (CCPA) — This policy describes what we collect and how we use it. We do not sell your data.
  • Right to opt out of sale (CCPA) — We do not sell personal information. There is nothing to opt out of.

What happens when you delete your account

  • All personal profile data is permanently removed.
  • Events you created remain (other attendees depend on them), but the creator is shown as "Deleted User".
  • Private addresses on events you created are removed from the Platform.
  • Attendance records, comments, and other activity are anonymized and attributed to "Deleted User".

10. Data Retention and Security

We retain your data for as long as your account is active, or as required by law. Upon account deletion, personal data is removed within a reasonable time period (typically within 30 days). Anonymized activity data (event records, anonymized comments) may be retained indefinitely.

We implement standard security practices including encrypted connections (HTTPS), hashed passwords, and access controls. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

11. Users Under 18 (Ages 16–17)

Users aged 16–17 may create accounts and use most Platform features, subject to the following restrictions:

  • No Hangouts / Now Playing — broadcasting real-time location is the highest-risk feature for minors and is unavailable.
  • No Carpool / Ride Sharing — coordinating travel with strangers is unavailable.

Users under 13 may browse public events without an account but cannot register. We do not knowingly collect personal information from users under 13. If we become aware that a user under 13 has registered, we will delete the account promptly.

Restrictions for 16–17 year olds lift automatically when you turn 18.

12. Cookies and Tracking

We use minimal cookies: a session/authentication token stored in your browser to keep you logged in. We do not use third-party tracking cookies or advertising cookies.

European Union visitors: by logging in or interacting with the Platform, you consent to the use of the session cookie described above.

13. International Users

This Platform is operated from the United States. If you access it from outside the US, your information may be transferred to and processed in the US. By using the Platform, you consent to this transfer.

For European Union users, we process your data on the legal basis of contract performance (to provide the service you requested) and legitimate interests (security, fraud prevention, Platform improvement).

14. Changes to This Policy

We may update this policy from time to time. We will notify registered users of material changes by email. The effective date at the top of this page reflects the most recent revision.

15. Contact

For privacy questions, data access requests, or deletion requests, use the data management tools in your account settings or contact the platform administrators through the site.