Privacy & Security

What we collect

We collect the minimum data necessary to coordinate your gatherings:

Data Type	Purpose	Retention
Email address	Authentication & email notifications	Until account deletion
Phone number	Authentication (SMS verification) & gathering notifications	Until account deletion
Availability dates	Finding dates that work for your group	Duration of gathering
Location preferences	AI-powered destination recommendations	Duration of gathering
Budget preferences	Ensuring recommendations fit everyone	Duration of gathering
Travel considerations	Safety-conscious destination filtering	Duration of gathering

We do not collect passwords. Authentication uses secure one-time codes sent to your phone number or email address.

SMS communications

When you provide your phone number, you may receive transactional SMS messages related to gatherings you participate in. These messages are limited to:

Sign-in verification codes
Reminders to share your availability for a gathering
Notifications when destination voting opens
Reminders to RSVP for a gathering

We will never send marketing, promotional, or advertising messages via SMS. Message frequency varies based on your gathering activity — typical usage is 1–5 messages per gathering. Message and data rates may apply.

Opting out: You can stop receiving SMS messages at any time by replying STOP to any message from Gatherlight. You will receive a one-time confirmation and no further SMS messages will be sent. You may still receive notifications via email.

Help: For questions about SMS messaging, reply HELP to any message, or visit our contact page.

For full details on how we collect consent and what messages we send, see our SMS Consent page.

How we protect sensitive information

Some information you share is deeply personal. We've built privacy protections directly into how Gatherlight works.

Travel considerations (LGBTQ+ safety, accessibility, dietary needs, etc.)

These preferences influence destination recommendations without exposing who indicated what:

What You Share	Who Sees It
Your individual selections	No one — not even organizers
Aggregate counts (e.g., "2 people need accessibility")	Organizers only
How it affects recommendations	Reflected in AI suggestions, never attributed

Budget preferences

Your budget range is completely anonymous:

Other participants never see your selection
Organizers see only the group's budget distribution, not individual responses
AI recommendations use aggregate budget data without attribution

Travel consideration notes

If you add a personal note (e.g., explaining a specific need), the organizer can see it with your name — because it's addressed to them. This is the only sensitive field where your identity is attached, and only to facilitate direct communication about your needs.

Technical security measures

Transport security

All data transmitted between your device and Gatherlight is encrypted using TLS (HTTPS). We enforce encrypted connections in production — unencrypted HTTP requests are not accepted.

Authentication

Passwordless login: We use 6-digit one-time passcodes (OTP) sent via SMS or email, with 15-minute expiry
No password storage: Eliminates risks from password database breaches
Phone verification: SMS-based authentication is handled by Firebase, a trusted third-party service — Gatherlight never stores your verification codes
Rate limiting: Authentication endpoints are protected against brute-force attacks
- 5 OTP requests per email per 15 minutes
- 10 verification attempts per IP per 15 minutes
- 30 total auth requests per IP per hour

Application security

Content Security Policy (CSP): Restricts which scripts, styles, and resources can load
Clickjacking protection: Frame embedding is blocked
CSRF protection: Cross-site request forgery tokens on all forms
Secure cookies: Session cookies are HTTP-only and secure-flagged in production

Data handling

Filtered logging: Sensitive parameters (emails, phone numbers, tokens, credentials) are automatically redacted from application logs
Encrypted secrets: API keys and credentials are stored using Rails encrypted credentials, never in plain text
Minimal data exposure: Public share links and social previews contain no personally identifiable information

Third-party services

We use trusted services to operate Gatherlight:

Service Type	What We Share	Why
Cloud hosting	Application data	Reliable infrastructure
Phone authentication	Your phone number	Sending sign-in verification codes via Firebase
SMS delivery	Your phone number + message content	Sending gathering notifications
Email delivery	Your email + login codes	Sending OTP and notifications
Maps	Destination coordinates	Displaying location information
AI processing	Anonymized group preferences	Generating recommendations

We do not share individual travel considerations, budget selections, phone numbers, or other sensitive preferences with any third party for marketing purposes or in identifiable form.

What we don't do

✕ Sell your data to third parties
✕ Store passwords
✕ Share your phone number with third parties for marketing purposes
✕ Send marketing or promotional SMS messages
✕ Share your individual preferences with other participants
✕ Include personal information in shareable links or previews
✕ Track you across other websites
✕ Retain data longer than necessary

Your rights

You can:

Access your data through your profile settings
Update your information at any time
Delete your account and all associated data by contacting us
Withdraw from any gathering, removing your preferences from that group
Opt out of SMS at any time by replying STOP to any message (see our SMS Messaging Terms)

Data retention

Active gatherings: Your preferences are retained for the duration of the gathering
Completed gatherings: Data is retained for reference until you delete your account
Deleted accounts: All associated data is permanently removed

Contact

Questions about privacy or security? Contact us.

Want to report a security concern? Email us directly — we take security reports seriously and will respond promptly.