I'm In!

Privacy Policy

Last updated: 5/21/2026

1. Overview

This policy explains how I'm In! ("we", "us") collects and uses personal information across organizer accounts and participant sign‑ups. For practical guidance, see Help → Privacy & Data.

2. Data We Collect

2.1 Organizer Accounts

  • Name, email, and credentials (stored as hash). Optional profile info.
  • Event metadata (title, description, dates/times, time zone).

2.2 Participants

  • Name and email; selected slot; optional custom fields configured by the organizer.
  • Manage token (random string) to update/cancel a signup via a unique link.

2.3 Comments

  • Name and comment text posted on public event pages; optional parent/reply.

2.4 Technical & Safety

  • IP address/device info for security, abuse prevention, and rate limiting.
  • Verification tokens from security challenges (e.g., Cloudflare Turnstile).

3. How We Use Data

  • Provide and improve the Service (create/manage events, track capacity, reminders).
  • Send confirmations and organizer notifications; see Email Notifications.
  • Generate calendar links (Google/ICS) and display event times; see Timezones & Calendars.
  • Protect the platform (anti‑abuse, rate‑limits, CAPTCHA/Turnstile).
  • Analytics with consent to understand usage and improve UX.
  • Legal compliance and responding to valid requests.

4. How We Share Data

4.1 With Organizers

Participant information for an event is shared with that event’s organizer for event purposes only.

4.2 Service Providers

We use vendors for email delivery, analytics, hosting, and verification. They are obligated to protect data and use it only to provide services to us.

4.3 Legal / Transfers

We may disclose information to comply with law or during business transfers (e.g., merger/acquisition).

5. Security

We implement technical and organizational safeguards appropriate to risk. No method is 100% secure.

6. Retention

We retain data while accounts are active and as needed to provide the Service or meet legal requirements. Organizers can remove events; participants can cancel their signup. For help, see Privacy & Data.

7. Your Rights

Subject to applicable law, you may request access/correction/deletion, object, or restrict processing. We’ll respond within a reasonable timeframe.

8. Cookies & Analytics

  • Essential cookies for core functions and security.
  • Analytics via PostHog is initialized only after cookie consent. You can withdraw consent at any time.

9. Children

The Service is not intended for children under 13, and we do not knowingly collect their personal data.

10. International Transfers

Where data is transferred across borders, we rely on appropriate safeguards consistent with applicable law.

11. Changes

If we materially change this policy, we will provide notice in‑product or via email where possible.

12. Contact & Controller

I'm In! is the controller for personal data processed via the Service. Questions or requests? Visit the Help Center or reply to any email from im‑in.events.