Privacy Policy

Section 01Who We Are

This Privacy Policy describes how Sendoff Ventures LLC, a California limited liability company ("Sendoff Ventures," "we," "us," "our"), collects, uses, shares, and protects information about you when you visit sendoffventures.com or use our concierge booking service for bachelor parties and group events.

"Personal information" in this Policy means information that identifies, relates to, describes, or could reasonably be linked to a particular individual. The exact term varies by jurisdiction ("personal data" under GDPR, "personal information" under CCPA), but the substance is the same.

Section 02Information We Collect

Information you give us

When you submit a planning request, we collect:

• Identifiers: Your name, email address, phone number;
• Event details: Group size, event dates, package preferences, budget range, dietary or accessibility needs, special requests;
• Payment information: When you pay a deposit or balance, billing name, payment card number (transmitted directly to our payment processor — we do not store full card numbers), billing address;
• Communications: Messages you send us through the planning form, email, phone, or text.

When you apply as a Vendor, we additionally collect business formation documents, tax identification, insurance certificates, licensing documentation, and banking information for commission remittance.

Information we collect automatically

When you visit our website, we and our analytics providers automatically collect:

• Device and browser information: IP address, browser type and version, operating system, device type, screen size;
• Usage information: Pages viewed, time on each page, click paths, referring URL, exit pages, search terms used to find us;
• Approximate location: City/region derived from IP address (we do not collect precise GPS location);
• Cookies and similar technologies: See Section 5.

Information from third parties

We may receive information from:

• Vendors, regarding the status of bookings and any incidents that occurred during your event;
• Payment processors, regarding transaction success, fraud signals, or chargebacks;
• Social media platforms, if you interact with us via a social ad or messaging integration;
• Marketing partners who attribute referrals to us through tracking parameters.

Section 03How We Use Information

We use the information we collect to:

• Provide the Service: Respond to your planning request, build a proposal, coordinate bookings with Vendors, manage your event, process payments, handle refunds;
• Communicate with you: Confirm bookings, send itineraries, follow up after your event, respond to questions, send service announcements;
• Improve our service: Understand how customers use our website, identify popular packages, fix bugs, develop new features;
• Market our service: Send you promotional emails about new packages, seasonal availability, and tips (you can unsubscribe at any time); analyze which marketing channels work;
• Comply with law: Respond to legal requests, prevent fraud, enforce our Terms of Service;
• Protect ourselves and others: Investigate disputes, defend claims, prevent abuse of the service.

We do not sell your personal information in the traditional sense of the word, and we do not "sell" it for money under CCPA. The CCPA broadly defines "sale" to include some advertising-related data sharing; we describe our actual practices in Section 4 so you can decide for yourself.

Section 04Who We Share Information With

We share information only with the following categories of recipients, and only as needed:

Vendors

To execute your booking, we share information necessary for the Vendor to provide their service. This typically includes group leader name and contact information, group size, event date and time, special requests, and (where applicable) payment for the Vendor's portion. Vendors are bound by our Vendor Terms to use this information only for performing the booking.

Service providers

We use service providers who process information on our behalf to operate the business:

• Hosting: Netlify (website hosting);
• Analytics: Google Analytics 4 (anonymized usage analytics);
• Forms & communications: Netlify Forms (planning request submissions);
• Payment processing: Stripe (we use Stripe to process payments — they have their own privacy policy);
• Search Console: Google Search Console (search performance data);
• Email: Gmail / Google Workspace (business email);
• Search and indexing: Google, Bing, and similar search engines crawl our public pages.

Each of these providers receives only the information needed for their function and is bound by privacy commitments equivalent to or more stringent than this Policy.

Legal and protective disclosures

We may disclose information when required by law, in response to a subpoena or court order, or where we believe in good faith that disclosure is necessary to (a) comply with legal process, (b) protect our rights, (c) prevent fraud or abuse, or (d) protect personal safety. We will challenge overbroad requests and notify you where we are permitted by law.

Business transfers

If Sendoff Ventures is acquired, merged, or sells substantially all assets, personal information may be transferred to the acquiring entity, subject to commitments at least as protective as this Policy.

With your consent

We share information for any other purpose only with your consent. For example, if you give us a testimonial, we may publish it with your name and city; if you ask us to refer you to a friend's vendor, we share your information for that introduction.

Section 05Cookies & Tracking

We use cookies and similar technologies for the following purposes:

• Strictly necessary cookies: Session management, form security (CSRF protection), preference storage. These cannot be disabled without breaking the site.
• Analytics cookies: Google Analytics sets cookies (typically prefixed _ga and _gid) to measure unique visitors, returning users, and traffic sources. Data is aggregated and anonymized at IP level.
• Functional cookies: Remember whether you've dismissed certain modal prompts, your preferred package tier, etc.

Your control

You can configure your browser to block all cookies or notify you when cookies are set. Most browsers allow you to do this through Settings → Privacy. Blocking strictly necessary cookies may break parts of the site. You can also install browser extensions (like Privacy Badger or uBlock Origin) that block third-party tracking.

We honor the Global Privacy Control (GPC) signal where it is sent. If your browser sends a GPC signal, we treat it as a request to opt out of any "sale" or "sharing" of personal information under California law.

We do not currently respond to legacy "Do Not Track" browser signals because the standard was never finalized.

Section 06How Long We Keep Information

We keep personal information only as long as needed for the purposes described above, then we delete or anonymize it. Specific retention windows:

• Planning requests that don't result in a booking: 18 months;
• Booking records (proposals, itineraries, communications): 7 years (to meet tax record-keeping obligations and to respond to late-arising disputes);
• Payment records: 7 years;
• Marketing email subscribers: Until you unsubscribe, plus a short retention window to ensure unsubscribe is respected;
• Analytics data: Up to 14 months in Google Analytics by default;
• Server logs: 90 days.

When you request deletion of your information (see Section 7), we will delete it within 45 days, except where retention is required by law or for the establishment, exercise, or defense of legal claims.

Section 07Your California (CCPA) Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act and California Privacy Rights Act (together, the "CCPA"):

• Right to know: Request a list of the categories of personal information we have collected, used, disclosed, and "sold" or "shared" about you, along with the categories of sources, the business purposes, and the categories of third parties.
• Right to access: Request a copy of the specific personal information we have collected about you in the preceding 12 months (longer windows available on request).
• Right to delete: Request that we delete personal information we have collected about you, subject to legal retention obligations.
• Right to correct: Request that we correct inaccurate personal information about you.
• Right to opt out of sale/sharing: Direct us not to "sell" or "share" personal information about you, as those terms are defined under California law. (We do not currently sell or share for cross-context behavioral advertising in any case, but this right is preserved.)
• Right to limit use of sensitive information: We do not use or disclose sensitive personal information for purposes other than those permitted by law.
• Right to non-discrimination: We will not deny service, charge different prices, or provide a different level or quality of service because you exercised any of these rights.

How to exercise

Send a request to privacy@sendoffventures.com with "CCPA Request" in the subject line. Include your name, the email address you've used with us, and the specific right(s) you are exercising. We will verify your identity (typically by asking you to confirm details about an interaction we've had) and respond within 45 days. We may extend by an additional 45 days for complex requests and will notify you if we do.

Authorized agents

You may authorize an agent to make a request on your behalf. We will require written authorization and may verify directly with you that the request is legitimate.

Section 08Your European (GDPR) Rights

Sendoff Ventures is a U.S. business serving California-based events. We do not actively market to European Economic Area or United Kingdom residents. However, if you reach us from those regions and provide personal data, the following applies.

Legal bases

Under the General Data Protection Regulation (GDPR), we process personal data on the following legal bases:

• Contract: To provide the service you've requested (planning, booking, coordination);
• Legitimate interests: To operate the business, communicate with you, market our service to existing customers, and prevent fraud — balanced against your interests;
• Consent: Where we ask for it (e.g., marketing emails to non-customers);
• Legal obligation: Tax records, compliance with subpoenas.

Rights

EEA/UK residents have the rights to: access personal data, correct inaccuracies, delete data (subject to legal retention), restrict processing, object to processing, port data to another service, and withdraw consent at any time (without affecting prior processing). To exercise any of these, email privacy@sendoffventures.com.

International transfers

Personal data is stored on servers in the United States. By using our service, you understand that your data will be transferred to and processed in the U.S. Where required, we rely on Standard Contractual Clauses (SCCs) or similar transfer mechanisms approved by the European Commission.

Right to complain

You have the right to lodge a complaint with your local data protection authority (e.g., the UK's ICO, or the data protection authority of your EU member state).

Section 09Security

We implement reasonable administrative, technical, and physical security measures designed to protect personal information from unauthorized access, alteration, disclosure, or destruction:

• Transport encryption: All website traffic is served over HTTPS (TLS 1.2+);
• Payment security: Card data is never stored on our systems; it is transmitted directly to PCI-compliant payment processors;
• Access controls: Personal information is accessible only to Sendoff Ventures personnel who need it to do their jobs;
• Vendor controls: Service providers are bound by privacy commitments equivalent to or stronger than this Policy.

No system is perfectly secure. We cannot guarantee that personal information will never be accessed, disclosed, altered, or destroyed despite our reasonable efforts. In the event of a personal data breach affecting you, we will notify you and, where required, regulatory authorities within the timeframes set by applicable law.

Section 10Children

Sendoff Ventures' service is for adults. We do not knowingly collect personal information from anyone under the age of 18, and we restrict use of the service to those 21 and older. If we learn that we have inadvertently collected personal information from a child under 18, we will delete it.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at the address in Section 12 and we will investigate and act promptly.

Section 11Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. For material changes — meaning changes that materially affect how we collect, use, or share your information — we will post a notice on our homepage and, where we have a current email address for you, send notice by email.

Continuing to use the service after changes take effect means you accept the updated Policy. If you don't agree with a change, you may exercise your deletion rights and stop using the service.

Section 12Contact

Privacy questions, rights requests, and complaints should be directed to:

For non-privacy questions about our service, please use the Start Planning form or email hello@sendoffventures.com.