Privacy is the foundation of our hearth.

At GatherIRL, we are on a mission to bring people together in the real world. We understand that your digital life is deeply personal, and the schedule you keep is private.

This Privacy Policy explains how GatherIRL ("we," "us," or "our") collects, uses, protects, and discloses your personal data when you interact with our website, application, SMS coordinator, and calendar synchronization tools.

We collect only the minimum necessary data to sync availability and suggest venues:

• Account Information: Your name, email address, phone number, and password (securely hashed) when you sign up or join the waitlist.
• Calendar Availability Metadata: When you connect a digital calendar, we access only the start and end times of slots marked as "busy" or "free." We do not download event details (see Section 3).
• Location Data: To recommend optimal venues, we ask for zip codes or general neighborhoods of participants. We do not track continuous or precise GPS locations.
• Communication Data: SMS text messages exchanged with our automated platform to coordinate RSVPs and details.

Our scheduling system relies on OAuth authorization to read calendar slots.

We use the collected information exclusively to facilitate real-world meetups:

• To compute joint availability overlaps among selected groups of friends.
• To calculate a geographic midpoint and recommend relevant public establishments.
• To dispatch invitations, updates, and reminders via SMS text messages.
• To monitor application performance, fix bugs, and prevent fraudulent abuse of our server resources.

We share information only under these specific conditions:

• With Group Members: Your friends in a specific group can see your designated free times to confirm plans, and your general RSVP status.
• With Service Providers: Trusted platforms that perform infrastructure operations (like Twilio for sending SMS, and database hosting providers) who are contractually bound to keep your data secure.
• Legal Requirements: If required by law, subpoena, or regulation to protect our users or comply with legal processes.

We implement industry-standard security measures, including HTTPS encryption in transit and AES-256 encryption at rest. We restrict internal data access to employees who require it for maintenance and engineering support. However, no digital transmission is 100% secure, and we cannot guarantee absolute security.

We retain account information and message logs for as long as your account remains active. Calendar free/busy metadata is dynamically queried from source integrations and generally kept in short-term cache for no longer than 30 days to process active scheduling iterations. Once plan coordination concludes, cached availability intervals are cleared.

You retain absolute control over your personal data:

• Calendar Disconnect: You may disconnect your calendar integrations at any time via dashboard controls to stop our read privileges immediately.
• SMS Opt-Out: Replying STOP to any text message unsubscribes you from SMS updates.
• Data Access & Deletion: You can request a summary of the data we hold, or request complete deletion of your account and related records by emailing our team.

Our platform contains links and integration portals to third-party services (such as Google or iCloud calendars, and suggested meetup spots' web domains). We are not responsible for the privacy practices, cookie handling, or terms of third-party platforms. We recommend checking their individual policies when connecting integrations or visiting outer links.

For questions about this Privacy Policy, or to request data access/deletion, please contact us at: [email protected].