The Shindig

Privacy Policy

Effective Date: March 21, 2026

The Shindig ("we," "us," "our") operates theshindig.io. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data. We believe in being straightforward — no hidden trackers, no selling your information, no nonsense.

1. What Data We Collect

From Hosts (Account Holders)

  • Name — so we know what to call you
  • Email address — for account access and notifications
  • Password — stored securely using one-way hashing (we can't see your password)
  • Event data — event titles, dates, locations, descriptions, cover images, and settings you create
  • Payment information — processed by Stripe; we never see or store your full card number

From Guests

  • Name — provided by the host or during RSVP
  • Email address — if provided by the host or during RSVP
  • Phone number — if provided by the host for SMS invitations
  • RSVP status — your response (attending, maybe, declined)
  • Messages — any notes or messages you include with your RSVP

2. How We Use Your Data

  • Sending event invitations via email and SMS on behalf of hosts
  • Processing and tracking RSVPs
  • Sending event reminders and updates
  • Processing payments for subscriptions and credit packs
  • Notifying hosts about new RSVPs
  • Improving the service (aggregate, anonymized usage patterns)

We do not sell your data. We do not use your data for advertising. We do not share guest lists between events or hosts.

3. Third-Party Services

We use the following third-party services to operate The Shindig:

4. Data Retention

  • Guest data is kept for as long as the associated event exists.
  • When a host deletes an event, all guest data for that event is permanently deleted.
  • When a host deletes their account, all events and all associated guest data are permanently deleted.
  • We do not keep backups of deleted data beyond our standard 30-day database backup window.

5. Cookies

We use cookies only for authentication (session cookies). That's it. No tracking cookies, no analytics cookies, no third-party advertising cookies. Your browser, your business.

6. Your Rights

You have the right to:

  • Delete your account — and all associated data — at any time from your account settings
  • Export your data — request a copy of all data we hold about you
  • Request data deletion — email us and we'll delete specific data or your entire account

7. GDPR (European Users)

If you're in the European Union, you have additional rights under GDPR:

  • Right of access — request a copy of your personal data
  • Right to rectification — request correction of inaccurate data
  • Right to erasure — request deletion of your data
  • Right to data portability — receive your data in a machine-readable format
  • Right to object — object to processing of your data

To exercise any of these rights, email support@theshindig.io. We'll respond within 30 days.

8. CCPA (California Users)

If you're a California resident, the CCPA gives you the right to:

  • Know what personal information we collect and how it's used
  • Request deletion of your personal information
  • Opt out of the sale of personal information (we don't sell your data, so this doesn't apply)
  • Non-discrimination for exercising your rights

Contact support@theshindig.io to make a request.

9. Children

The Shindig is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us at support@theshindig.io and we'll delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make significant changes, we'll notify you via email or through the app. The "Effective Date" at the top of this page will always reflect the latest version.

11. Contact Us

Questions or concerns about your privacy? Email us at support@theshindig.io. We take this stuff seriously and we'll get back to you promptly.

Terms of Service · Back to Home