Privacy Policy

Account data

Name and email address, collected when you create an account. Your email is used to authenticate you via one-time code (OTP).

Profile data

Profession, country, and date of birth (birthday). These fields are optional but help us form compatible dinner groups and enable group stats reveals after events.

Preference data

Preferred city, spoken languages, dietary restrictions (e.g. vegetarian, vegan, halal), food allergies, allergy notes, and budget tier. This data is used to match you with suitable events and to inform hosts of dietary needs.

Billing data

Stripe customer ID and subscription status. We do not store full payment card details — these are held by Stripe. We retain records of subscription activation dates and billing history for accounting purposes.

Technical / session data

IP address and user-agent string, stored as part of your session record when you sign in. This data is used for security purposes (detecting unauthorised access) and expires when your session ends.

Participation data

Records of events you have joined or cancelled, participation status, and any strikes recorded against your account.

Stripe, Inc. — payment processing

Stripe processes subscription payments and stores your payment method. Stripe acts as a data controller for payment data under their own privacy policy. See stripe.com/privacy.

SMTP provider — transactional email

We use an SMTP service to deliver sign-in codes and billing notifications. Your email address is transmitted to this provider only for the purpose of email delivery.

Database host — data storage

Your personal data is stored in a PostgreSQL database hosted on a cloud infrastructure provider. Data is encrypted at rest and in transit.

Meta Platforms, Inc. — advertising measurement

When you give your consent, we send conversion events to Meta using the Meta Conversions API. This allows us to measure the effectiveness of our advertising campaigns on Facebook and Instagram. The following data is shared with Meta:

• Your email address, irreversibly hashed with SHA-256 before transmission (we never send it in plain text).
• A hashed user identifier (SHA-256 of your internal Locale user ID).
• Browser identifiers: the _fbc and _fbp cookies set by the Meta Pixel, where present.
• Conversion events: account creation and subscription purchase.

Purpose:Advertising optimisation — to help Meta's algorithm identify users similar to Locale subscribers.

Retention:Hashed identifiers are transmitted in real time and not stored by Locale beyond your account lifetime. Meta's own retention policy applies to data held on their servers; see Meta's Privacy Policy.

Opt-out: You can withdraw your tracking consent at any time on this page. For the server-side conversion events (account creation, subscription), data sharing is based on our legitimate interest in measuring our advertising return. To request exclusion, email [email protected].

GDPR (EU / EEA residents)

Under the General Data Protection Regulation you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Deleteyour personal data ("right to be forgotten").
• Portability — receive your data in a structured, machine-readable format.
• Object to processing based on legitimate interests.

To exercise any of these rights, email [email protected]. We will respond within 30 days.

CCPA (California residents)

Locale does not sell personal information as defined under the California Consumer Privacy Act. You have the right to know what personal data we collect, to request deletion of your data, and to non-discrimination for exercising your rights. Contact [email protected] to submit a request.