Privacy Policy

GatherGrid is a Michigan-focused events and experiences platform operated by Modular Organization Studio LLC. We aggregate live events — concerts, festivals, craft shows, farmers markets, food festivals, auto shows, live music, theater, and family events — into a single discovery surface with calendar, map, search, vendor directory, and per-event detail pages.

Our mailing address is P.O. Box 177, Clio, MI 48420. The data controller for the purposes of this Policy is Modular Organization Studio LLC. Our Data Protection Officer (or equivalent contact for privacy matters) is Not applicable — Modular Organization Studio LLC does not designate a Data Protection Officer. Privacy inquiries can be sent to [email protected].

We collect three categories of information: information you give us, information we collect automatically as you use the Services, and information we receive from third parties.

We use the information we collect to:

• Provide, operate, and improve the Services;
• Create and maintain your account, authenticate you, and recover your password;
• Process payments, registrations, vendor subscriptions, and featured-listing transactions;
• Personalize what you see — for example by surfacing events near you or events similar to ones you have favorited;
• Send transactional emails such as registration confirmations, password resets, vendor invoices, and security notices;
• Reply to your feedback, support requests, and other communications;
• Measure how the Services are used, debug problems, and improve performance and accessibility;
• Detect, prevent, and respond to fraud, abuse, security incidents, and violations of our Terms of Service;
• Comply with legal obligations, respond to lawful requests, and enforce our rights.

We do not sell your personal information for money. See Section 8 for how state-specific “sale” and “sharing” definitions apply to the affiliate-tracking cookies we describe in Section 5.

We use three categories of cookies and similar storage technologies:

• Functional cookies are required for the Services to work — for example, remembering that you are signed in, remembering your theme preference, and protecting against cross-site request forgery. These cannot be disabled without breaking the site.
• Analytics cookies help us understand how the Services are used in aggregate. We anonymize and aggregate this data before reviewing it.
• Affiliate attribution cookies — when you click an affiliate link (for example a Ticketmaster ticket CTA), the affiliate network drops a cookie that tells the partner you came from GatherGrid. This is how we earn a commission if you complete a purchase. See Section 5 for the list of affiliate partners.

You can disable cookies in your browser settings. Disabling functional cookies will break key features (such as login). You can also disable affiliate attribution cookies without affecting site functionality — we will simply not be credited for the click.

GatherGrid participates in affiliate marketing programs. When you click certain outbound links on our site — for example, a “Purchase this event now” ticket CTA, a “Book a table” restaurant link, or a “Get a ride” transportation link — GatherGrid may earn a commission from the partner if you complete a qualifying purchase. There is no additional cost to you.

We use the following affiliate networks and partners. Each of these third parties has its own privacy policy that governs the data they collect through their tracking pixels, cookies, and redirect URLs. We encourage you to read their policies.

• Impact.com — our primary affiliate network. Impact drops a cookie on your device when you click an affiliate link so the eventual purchase can be attributed to GatherGrid. See impact.com/privacy-policy.
• Ticketmaster — ticket-purchase CTAs route through Impact to Ticketmaster.com. See Ticketmaster’s Privacy Policy.
• Eventbrite — certain ticket CTAs route to Eventbrite-listed events. See Eventbrite’s Privacy Policy.
• OpenTable — restaurant reservation CTAs in our “Plan Your Night” block route to OpenTable. See OpenTable’s Privacy Policy.
• Uber — rideshare CTAs route to Uber. See Uber’s Privacy Notice.

We do not share your name, email address, or other directly identifying information with affiliate partners. The partner sees the click event (with a partner-generated click reference and, in our case, the GatherGrid event id as a sub-identifier) and your standard browser data (IP, user agent) that any web request would transmit.

In addition to the affiliate partners above, we rely on the following service providers to operate the Services. Each of them is contractually limited to processing your data only on our behalf and only for the purposes described.

• Stripe, Inc. — payments. See stripe.com/privacy.
• Email delivery (SMTP / transactional email) — we use Gmail SMTP (and may use Resend or similar transactional email providers) to send registration confirmations, password resets, and other operational emails.
• Cloudflare and Cloudflare Turnstile — for DDoS protection, bot mitigation, and form-spam screening on certain public forms.
• Fly.io — hosting infrastructure.
• Neon — managed Postgres database hosting.

We share your personal information only in these situations:

• With other platform participants — if you message a vendor, your username and message content are visible to that vendor. If you register for an event, the coordinator can see your name and registration details. If you submit a public review or comment, the content is visible to everyone.
• With our service providers — the processors listed in Section 6, only as needed to operate the Services.
• With affiliate networks — as described in Section 5.
• For legal reasons — to comply with valid subpoenas, court orders, or legal process; to enforce our Terms; to investigate fraud or security incidents; or to protect the rights, property, or safety of GatherGrid, our users, or the public.
• In a corporate transaction — if GatherGrid is acquired, merged, or sold, your information may transfer to the successor entity, subject to a privacy policy at least as protective as this one.

The Services are not directed at children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please email [email protected] and we will delete it promptly.

For users between 13 and 17, certain venues, events, or vendor products surfaced on the Services may have age restrictions of their own (for example, 18+ or 21+ venues). Those restrictions are the event organizer’s, not ours.

We retain your personal information for as long as your account is active and for a reasonable period afterward in case you choose to reactivate the account. After account deletion, we retain only the minimum information needed to comply with legal obligations (such as financial records for tax and accounting purposes), resolve disputes, prevent fraud and abuse, and enforce our Terms of Service.

Aggregated and anonymized data — data that cannot reasonably be tied back to you — may be retained indefinitely.

We protect your information with appropriate administrative, technical, and physical safeguards: passwords are stored as salted hashes, transport-layer security (HTTPS) is required for all connections, payment card data is processed by Stripe and not stored on our servers, and access to production systems is restricted to authorized personnel and audited. We support two-factor authentication for all account types and strongly encourage you to enable it.

No system is perfectly secure, however. If we become aware of a security incident that materially affects your information, we will notify you as required by applicable law.

GatherGrid is operated from the United States and our service providers are primarily located in the United States. If you access the Services from outside the United States, your information will be transferred to and processed in the United States, which may have different data-protection rules than your home jurisdiction. Where we transfer personal information out of the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses or another lawful transfer mechanism.

We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page and, where appropriate, notify you by email or by a notice on the site before the change takes effect. Your continued use of the Services after the effective date of the updated Policy constitutes your acceptance of the changes.

If you have questions about this Policy or your privacy rights, email us at [email protected] or write to us at:

Modular Organization Studio LLC
Attn: Privacy
P.O. Box 177, Clio, MI 48420

You can also reach us through our Contact page.