Legal
Privacy Policy.
Last updated · May 22, 2026
Workbird LLC ("Workbird", "we", "us") operates Hallflyers at hallflyers.com and any subdomain. This Privacy Policy describes the personal data we collect, why we collect it, how long we keep it, who we share it with, the legal bases on which we rely, and the rights you have. It applies to hosts who create programs, organization members, cast and crew, sponsors, audience members, and every other person accessing the Service.
01Data controller.
Workbird LLC is the data controller for personal data collected through the Service. Inquiries should be directed to privacy@hallflyers.com.
02What we collect from hosts and organization members.
Account data — email address (required for magic-link sign-in), display name if provided, organization affiliation, role within the organization, and timestamps of sign-in and session activity.
Organization data — organization name, slug, accent color, optional logo, the email of every member invited, and member-role assignments.
Program content — everything submitted to the editor or uploaded to a program: title, dates, schedule, cast and crew names, biographies, photographs, sponsor names and logos, dedications, notes, gallery images, theater identity, hours, and any other content you choose to publish.
Billing data — Stripe customer and subscription identifiers, tier, subscription status, trial end date, billing-period markers, and payment metadata necessary to invoice and tax-report. Full payment-card numbers are never seen or stored by Workbird; they are held by Stripe.
Operational metadata — IP address and user-agent at sign-in (for security audit), action timestamps, audit logs of app-owner moderation actions, and error / abuse signals.
03What we collect from audience members and visitors.
By design we collect as little as possible from audience members. When someone scans a QR code or visits a public program URL we record an anonymous scan event consisting of a per-browser session identifier (generated locally and held in localStorage), the section viewed, coarse user-agent class (mobile / tablet / desktop / unknown), the referring host if any, and a timestamp. We do not collect audience email addresses, names, precise location, advertising identifiers, or device fingerprints.
If a visitor posts in a host-enabled backroom chat, we store the display name they typed and the body of the message. If a visitor follows a token-protected cast invite link, we store the photo and bio they upload against the cast-member record they were invited to edit. If a visitor purchases a sponsorship or dedication, Stripe collects the data necessary to process that transaction and shares limited identifiers and contact information with the host.
04What we do not collect.
We do not build audience contact lists. We do not send marketing emails to audience members. We do not set advertising or retargeting cookies. We do not sell, rent, or share personal data with third parties for their own marketing purposes.
05How we use personal data.
To operate the Service: authenticate sign-ins, render programs, deliver QR codes and print sheets, run scan analytics for hosts, deliver transactional email (sign-in links, billing receipts, cast invites), process subscriptions and sponsorships, detect abuse, enforce the Terms of Service, and respond to legal process.
To improve the Service: aggregate, de-identified metrics about feature use. No individual-level profiling.
To protect Workbird, our users, and the public: investigate suspected fraud, abuse, or unlawful activity; preserve evidence; comply with applicable law and lawful requests from authorities.
06Legal bases for processing (EU / UK residents).
If you are in the EU or UK, the legal bases on which we process your personal data are: (a) performance of a contract for processing required to deliver the Service you have requested; (b) legitimate interests for security, fraud prevention, basic analytics, and operating the business, balanced against your rights and interests; (c) compliance with a legal obligation for tax, accounting, and law-enforcement matters; and (d) consent where required by law, which you may withdraw at any time without affecting prior lawful processing.
07Sub-processors.
We use the following sub-processors. Each has its own privacy and security commitments; data sent to a sub-processor is subject to that provider's terms.
- Supabase, Inc. · database, authentication, file storage (US)
- Vercel Inc. / Netlify Inc. · application hosting and CDN (US)
- Stripe, Inc. · billing, payments, Connect payouts (US)
- Resend, Inc. · transactional email delivery (US)
We may add or replace sub-processors as the Service evolves. The current list is maintained at this URL.
08Cookies and similar technologies.
We set a small number of strictly-necessary and functional cookies. We do not set advertising cookies. The current list is in our Cookie Policy.
09Retention.
Account and program data are retained for as long as the account is open. When you delete a program it is removed from public view immediately and purged from backups within thirty (30) days, except where longer retention is required for legal, accounting, security, or backup-integrity purposes. Audit logs and security records are retained as long as reasonably necessary to investigate incidents and to defend against legal claims, typically not exceeding twenty-four (24) months.
Closing your account triggers deletion of all organization content within thirty (30) days, subject to the same exceptions. Stripe retains billing records under its own policy and applicable tax law.
Chat messages are retained for the duration the host's account remains open; hidden messages remain in the database for moderation history and may be hard-deleted by the host or by Workbird at its discretion.
10Sharing and disclosure.
Workbird discloses personal data only as described below: (a) to sub-processors strictly to operate the Service; (b) to the host of a program — for example, sponsorship purchases include sponsor identity disclosed to the host; (c) to comply with applicable law, lawful subpoena, court order, or government request, and to enforce our rights or protect the safety of users; (d) in connection with a merger, acquisition, financing, or sale of assets, with notice to affected users where required by law.
11Your rights.
You may access, correct, or delete personal data we hold about you by editing your account or by emailing privacy@hallflyers.com. Depending on where you reside you may also have rights to data portability, restriction of processing, objection to processing, and the right to lodge a complaint with a supervisory authority. We will respond to verified requests within thirty (30) days, subject to extensions permitted by law.
California residents have the rights granted by the California Consumer Privacy Act and the California Privacy Rights Act, including the right to know, the right to delete, the right to correct, the right to opt out of the sale or sharing of personal information (we do not sell or share personal information for cross-context behavioral advertising), and the right to non-discrimination for exercising any of these rights.
EU and UK residents have the rights granted by the General Data Protection Regulation and the UK GDPR. Requests to exercise these rights should be sent to privacy@hallflyers.com.
12Security.
Row-level security is enforced at the database layer for every table containing personal data. Storage access is gated by organization membership. Service-role credentials are never exposed to the browser. TLS is required for all production traffic. Authentication tokens are rotated on a regular schedule. Workbird applies industry-standard administrative, technical, and physical safeguards proportional to the sensitivity of the data.
No system is perfectly secure. In the event of a personal-data breach that creates a real risk to your rights, Workbird will notify affected users without undue delay and as required by applicable law.
13Children.
The Service is not directed to children under thirteen (13) and Workbird does not knowingly collect personal data from children under thirteen. Hosts who include minors in cast lists are solely responsible for obtaining all necessary consents from parents or legal guardians and for complying with all applicable laws including the Children's Online Privacy Protection Act and the GDPR's rules on children's data.
14International transfers.
Our infrastructure is hosted in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States and other jurisdictions where our sub-processors operate. Where required, Workbird relies on Standard Contractual Clauses or equivalent transfer mechanisms.
15Changes.
Workbird updates this policy when its practices change. Material updates will be flagged in the Service or sent to the email address on file. The "Last updated" date at the top reflects the current version.
16Contact.
Privacy questions: privacy@hallflyers.com. Mailing address available on written request.