What we store and why.

Your email address (via Clerk), your Clerk user ID, your hold history (which live sessions you joined, what price was owed, which add-ons you selected, and when), and any I’d Go interest signals you send. If you’re a host: the spaces you created and the live sessions you activated.

No payment information — CafeClub doesn’t process payment. No contact list, no location history, no tracking across other sites. We don’t read your device location in the background; the map is a canvas, not a live GPS feed.

Hosts of sessions you hold: see your Clerk display name (or email, if no display name is set) on their HOLDING A SPOT panel, along with your short verification code and the amount you owe. They see this so they can verify your pass at the door and settle payment.

Clerk stores your authentication identity.clerk.com/privacy. We don’t share auth state beyond what Clerk’s SDK handles.

Neon (Postgres host) stores our database.neon.tech/privacy-policy. Standard infrastructure provider — they don’t query your rows.

Vercel hosts the app.vercel.com/legal/privacy-policy. They see HTTP logs, not your database.

That’s the list. No analytics trackers, no advertising pixels, no affiliate networks.

Clerk, Neon, and Vercel are US-based cloud providers, so some of your data — auth identity, database rows, HTTP logs — is stored on servers in the United States and may transit through other countries those providers operate in. We pick providers that publish privacy standards comparable to Canadian law, but if you’d rather not have your data leave Canada, CafeClub isn’t the product for you right now.

We collect and use personal information with your consent under Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA). Creating an account and using CafeClub is your consent; closing your account withdraws it for future processing (past check-in receipts are retained — see below — but de-identified).

If we have a breach that creates a real risk of significant harm to you, we’ll notify you and the Office of the Privacy Commissioner of Canada as required by PIPEDA — without unreasonable delay, usually within 72 hours of confirmation.

Clerk sets a session cookie so you stay signed in. That’s the only cookie in use. No third-party cookies.

Auth identity: while your account is active. InterestSignal (I’d Go) rows: 12 months, then pruned. CheckIn rows (the revenue truth for hosts — who paid what, when): kept indefinitely while the product is live, as host bookkeeping. If you delete your account, your auth identity is removed from Clerk; your CheckIn rows are retained but de-identified (the Clerk user ID is redacted, so the row can no longer be traced to you).

Email nowhereventures@gmail.com and ask us to:
— export everything we have on you (JSON dump);
— delete your account and de-identify your CheckIns;
— correct anything that’s wrong;
— tell us to stop contacting you.

We’ll respond within 30 days. We don’t charge for any of these.

CafeClub is for people who can legally enter the cafes, bars, and breweries that host sessions. That means adults in Ontario. We don’t knowingly take signups from minors.

We’ll update this page and bump the date below when we change what we collect or how it’s used. Material changes will be announced on the landing page for at least two weeks before taking effect.

nowhereventures@gmail.com