Privacy Policy

This policy explains how Wilderness Queers (“we”, “us”) collects, uses, retains, and shares your personal information when you use wildernessqueers.com. We’re a small community group, so the policy is short and tries to be readable. If anything is unclear, email hello@wildernessqueers.com.

Information you give us:

• Your email address when you sign in (we use a magic-link login, so we don’t store passwords).
• Your display name, if you set one in your profile.
• A profile photo, if you upload one. Stored on Vercel Blob with a random URL.
• Application responses if you apply to an application-based event — this can include transportation availability, gear, days attending, a public social media profile link, and free-text answers about your experience and goals for the trip.
• Acknowledgement and signature data when you sign event waivers (handled by Documenso for events that require it).
• Carpool listing details if you post on an event’s carpool board (departure area, contact info, optional notes).

Information collected automatically:

• Your IP address at specific moments — sign-in (rate limiting), waiver acceptance (legal record), application submission (anti-spam).
• Anonymous, aggregated analytics via Umami Cloud — no cookies, no individual user tracking, no cross-session identifiers.
• Standard server logs (request URL, status code, timestamp).

What we don’t collect: tracking cookies, advertising identifiers, location data beyond your IP, or demographic data beyond what you choose to share in an application.

• To let you sign in, RSVP, and apply to events.
• To send you transactional email about events you’ve signed up for (event details, waiver requests, application updates).
• To screen application-event applicants (we ask about transportation, gear, and goals so the host can plan logistics).
• To meet legal obligations — for example, retaining waiver records that document your acceptance of the risk associated with outdoor activity.
• To enforce our community guidelines (e.g., remove someone who violates the Terms of Service).

We don’t sell your data. We don’t share it with advertisers. We don’t profile you to send you marketing.

We use the following third-party processors to operate the site. Each receives only the data they need to do their job, and none of them are permitted to use your data for their own purposes:

• Vercel — hosts the website; stores uploaded profile and event images via Vercel Blob.
• Neon — runs our PostgreSQL database (hosted in the AWS US-West-2 region).
• Resend — sends our transactional email (sign-in links, application updates).
• Umami Cloud — cookieless analytics; sees aggregate page views only, never individual users.
• Documenso — collects e-signatures on event waivers when applicable.

We may also disclose information if we’re required to by law (subpoena, court order) or in good faith to investigate fraud or protect someone’s safety.

We enforce these retention windows automatically: a nightly job runs every day and deletes records that have passed their cutoff. The schedule is checked into the repository.

• Account data (name, email, profile photo): for as long as your account is active. Deleting your account from your profile removes your account and cascades to your RSVPs, applications, badges, carpool listings, and avatar.
• Carpool listings: deleted automatically by the nightly job 24 hours after the event ends. The buffer leaves contact info available the morning after for return-trip coordination, then it’s gone.
• Application data (responses to private-event applications): deleted by the nightly job 24 months after the event ends.
• RSVP records without a signed waiver: deleted by the nightly job 24 months after the event ends.
• RSVP records with a signed waiver: retained for up to 7 years after the event ends, then deleted by the nightly job. We hold these to honor the California personal injury statute of limitations.
• IP addresses: kept alongside their parent record (RSVP, application, waiver) and deleted at the same time as that record. Vercel may retain server access logs separately for up to 30 days as part of standard hosting operations.
• Analytics data: aggregated only; never tied to an individual.

• Access — review your account, RSVPs, applications, and badges from your profile page.
• Correct — update your name and avatar from your profile. To change the email address on your account, email us at hello@wildernessqueers.com and we’ll handle it manually (we don’t expose email-change in the UI yet because the email is also your sign-in identifier).
• Delete — remove your account and associated data via the “Delete account” button on your profile.
• Anything else — email hello@wildernessqueers.com and we’ll respond within a reasonable time.

We’re below the size and revenue thresholds that trigger CCPA / CPRA, but we follow the spirit of those laws because some of the data we collect (in particular, voluntary disclosures about sexual orientation in applications) qualifies as Sensitive Personal Information under California law. As a California resident you can:

• Request a copy of the personal information we hold about you.
• Request that we correct any inaccurate personal information.
• Request deletion of your account and associated personal information.
• Ask us to limit how we use sensitive personal information.

Most of these requests are self-service from your profile. For anything else, email us.

The site is intended for adults (18 and over). We don’t knowingly collect personal information from minors. If you believe a minor has signed up, email us and we’ll remove the account.

We use HTTPS everywhere, store passwords nowhere (magic-link login), and rate-limit sensitive endpoints. Vercel, Neon, Resend, and Documenso all maintain industry-standard security practices for the data we hand them. No system is perfectly secure; if we ever experience a breach involving your personal information, we’ll notify affected users by email as required by California law.

We’ll post any changes here with an updated effective date. For material changes (e.g., new categories of data collected, new third-party processors), we’ll email registered users.

hello@wildernessqueers.com