Skip to main content

Privacy & Security

Last updated: June 30, 2026

What we collect

We collect the minimum data needed to run your traditions and their gatherings:

Data Type Purpose Retention
Email address Sign-in and email notifications Until account deletion
Phone number (optional) Sign-in verification Until account deletion
Name & avatar So your groups know who you are Until account deletion
Tradition membership & notification choices Your durable groups and what updates you want Until you leave or delete
RSVP responses (status, guest count, optional note) Coordinating each occurrence Kept with the tradition's history

We do not collect passwords. Sign-in uses secure one-time codes sent to your email or phone number.

How we communicate with you

Email is the only channel Gatherlight sends. That includes your sign-in code (when you sign in by email) and the tradition updates you opt into — for example a new theme, a location change, or a host announcement. You choose, per tradition, which of these you want to receive.

Phone sign-in: if you sign in with your phone number, the verification code is sent by Firebase (Google) as part of authentication. We never see or store that code, and we do not send automated or marketing text messages.

Inviting people: when you share an invite, your device may open your own Messages or other apps. Those messages are sent by you, from your device — not by Gatherlight.

Privacy by design

A tradition's public page shows only summary information — its name, description, cadence, and aggregate longevity stats. The things that are personal stay protected:

Information Who sees it
Member list & full archive Members only — unlocked once you join
Who's attending a given occurrence Members only, never the public
Any sensitive signals an organizer reviews Aggregate counts only — never a name beside a value

Technical security measures

Transport security

All data transmitted between your device and Gatherlight is encrypted using TLS (HTTPS). We enforce encrypted connections in production — unencrypted HTTP requests are not accepted.

Authentication

  • Passwordless login: 6-digit one-time passcodes (OTP) sent via email or phone, with a 15-minute expiry
  • No password storage: eliminates risks from password database breaches
  • Phone verification: handled by Firebase, a trusted third-party service — Gatherlight never stores your verification codes
  • Rate limiting: authentication endpoints are protected against brute-force attacks

Application security

  • Content Security Policy (CSP): restricts which scripts, styles, and resources can load
  • Clickjacking protection: frame embedding is blocked
  • CSRF protection: cross-site request forgery tokens on all forms
  • Secure cookies: session cookies are HTTP-only and secure-flagged in production

Data handling

  • Filtered logging: sensitive parameters (emails, phone numbers, tokens, credentials) are automatically redacted from application logs
  • Encrypted secrets: API keys and credentials are stored using Rails encrypted credentials, never in plain text
  • Minimal data exposure: public share links and social previews contain no personally identifiable information

Third-party services

We use a short list of trusted services to operate Gatherlight:

Service What we share Why
Cloud hosting & storage Application data and uploaded images Reliable infrastructure
Firebase (Google) Your phone number Sending sign-in verification codes
Email delivery Your email + message content Sending sign-in codes and notifications
Maps (Google) Place searches and coordinates Location autocomplete and map previews

We do not share your phone number, email, or other personal data with any third party for marketing purposes.

What we don't do

  • Sell your data to third parties
  • Store passwords
  • Send automated or marketing text messages
  • Share your phone number or email with third parties for marketing
  • Show your individual attendance to non-members
  • Attribute sensitive signals to a named person
  • Include personal information in shareable links or previews
  • Track you across other websites

Your rights

You can:

  • Access your data through your profile settings
  • Update your information at any time
  • Leave a tradition, which removes your membership from that group
  • Delete your account and personal data by contacting us

Data retention

  • Traditions & occurrences: a tradition's page and history are meant to last — they persist as the group's shared memory for its members
  • Archived traditions: kept accessible to members, hidden from everyone else
  • Deleted accounts: your personal data is permanently removed

Contact

Questions about privacy or security? Contact us.

Want to report a security concern? Email us directly — we take security reports seriously and will respond promptly.

Policy updates

We'll notify you of significant changes to this policy by email. Continued use of Gatherlight after updates constitutes acceptance of the revised policy.