How does Seatherder know who to seat together?

You tell Seatherder the departments and any constraints. It uses an AI algorithm to mix departments, respect constraints like keeping certain people apart, and optimize for networking and engagement.

Can I change the seating after Seatherder makes it?

Yes, you can manually adjust any seating assignments using the drag-and-drop editor. Seatherder remembers your changes and respects them.

What if someone doesn't show up to my event?

Seatherder includes QR code check-in that tracks attendance in real-time. You'll know exactly who has arrived and who hasn't.

What types of events does Seatherder work for?

Seatherder works for conferences, corporate events, team-building activities, weddings, galas, networking events, and any gathering where table seating matters.

Back to home

Privacy Policy

Last updated: January 2025

THIS PRIVACY POLICY DESCRIBES HOW SEATHERDER COLLECTS, USES, AND PROTECTS YOUR PERSONAL INFORMATION. PLEASE READ THIS POLICY CAREFULLY.

SEATHERDER IS AN EVENT SEATING MANAGEMENT TOOL. WE TAKE YOUR PRIVACY AND THE PRIVACY OF YOUR GUESTS SERIOUSLY.

1. Information We Collect

Information You Provide Directly

When you create an account, we collect:

Your name and email address
Account credentials (managed securely through our authentication provider, Clerk)
Optional profile information (phone number, organization name)
Payment information (processed securely by our payment provider, Stripe)

Event and Guest Data

When you use the Service to manage events, we store:

Event details (name, date, settings, theme preferences, custom terminology)
Guest information you provide (names, emails, phone numbers, dietary restrictions, seating preferences)
Guest attributes for matching (department, interests, job level, goals, custom tags)
Seating assignments, check-in records, and QR code identifiers
Communication logs (emails sent through the Service)
Seating history for cross-event optimization
Breakout room and session assignments

Automatically Collected Information

We automatically collect certain information when you use the Service:

Device and browser information (type, version, operating system)
IP address and general geographic location
Usage logs (pages viewed, features accessed, session duration)
Cookies and similar tracking technologies (see Section 9)
Error reports and performance data

Information from Third Parties

We may receive information from:

Authentication providers (Clerk) when you sign in
Payment processors (Stripe) for transaction verification
Analytics services for aggregated usage patterns

Sensitive Information

Guest data you upload may contain sensitive information such as:

Dietary restrictions that may reveal health conditions or religious beliefs
Contact information (phone numbers, email addresses)
Organizational hierarchy information (job levels, departments)
VIP status or special accommodation needs

You are responsible for ensuring you have appropriate consent from guests before uploading their personal information. Consider limiting the data you collect to what is necessary for your event.

2. How We Use Your Information

Service Delivery

We use your information to provide and improve the Service:

Account creation, management, and authentication
Processing subscriptions and payments
Generating intelligent seating arrangements using our matching algorithm
Enabling QR code check-in and real-time event management
Sending emails on your behalf to guests (invitations, confirmations, reminders)
Providing customer support and responding to inquiries
Personalizing your experience based on preferences

Communications

We may communicate with you for:

Transactional emails (account verification, password resets, payment confirmations)
Service updates and important notices about changes to the Service
Responses to your support requests and feedback
Optional marketing communications (only with your consent, which you can withdraw anytime)

Security and Compliance

We process information to maintain security and meet legal obligations:

Detecting and preventing fraud, abuse, and unauthorized access
Monitoring for security threats and vulnerabilities
Complying with applicable laws, regulations, and legal processes
Enforcing our Terms of Service and protecting our legal rights

Research and Improvement

We use aggregated and anonymized data to improve the Service:

Developing new features and functionality
Improving our matching algorithm using anonymized patterns
Analyzing usage trends and service performance
Conducting internal research and testing

We do NOT sell your personal information to third parties. We do not use guest data for marketing purposes. Guest data is processed solely to provide the Service on your behalf.

3. Guest Data Handling

As an event organizer, you upload guest information to the Service. In this relationship:

You are the data controller - responsible for ensuring you have proper consent from guests and comply with applicable laws
We are the data processor - we process guest data only on your behalf and according to your instructions

Guest data is used solely to provide the Service and is not sold, shared, or used for marketing purposes. Guests can access their information and update preferences through the self-service portal if you enable it for your event.

4. AI & Automated Processing

Seatherder uses automated processing to provide intelligent seating arrangements. This section explains how our algorithm works, its limitations, and your rights regarding automated processing.

How Our Algorithm Works

Our matching algorithm analyzes guest attributes (department, interests, job level, goals) to calculate compatibility scores
The algorithm considers your configured weights and constraints to optimize table assignments
Cross-event seating history is used to encourage new connections based on your novelty preference
Constraint satisfaction (pin, repel, attract) takes priority in all calculations
Multi-round seating uses repeat avoidance to prevent same tablemates across rounds

Important Limitations

You should be aware of the following limitations of our automated processing:

Seating suggestions are algorithmic recommendations, not guarantees of guest compatibility
The algorithm cannot account for factors not captured in guest data (personal relationships, recent conflicts, etc.)
Compatibility scores are based on attribute matching, not actual interpersonal dynamics
The algorithm may produce suboptimal results with incomplete or inaccurate guest data
No automated decisions are made that produce legal or similarly significant effects

Your Rights Regarding AI & Automated Processing

You have the following rights concerning our automated processing:

Manual Override: You can always manually adjust any seating assignment through the drag-and-drop editor
Preview Before Commit: You can preview algorithmic suggestions before applying them to your event
Configure Weights: You control how the algorithm prioritizes different factors through the matching configuration wizard
Opt-Out: You can choose not to use the automated seating feature and manually assign all guests
Challenge Results: Contact us if you believe the algorithm produced incorrect or unfair results

The algorithm is a tool to assist your decision-making, not replace it. You retain full control over all final seating assignments, and we encourage you to review and adjust suggestions based on your knowledge of your guests.

5. GDPR Legal Basis

For users in the European Economic Area (EEA), UK, and Switzerland, we process personal data under the following legal bases:

Processing Activity	Legal Basis
Account management and service delivery	Contractual necessity
Seating algorithm and event management	Contractual necessity
Security monitoring and fraud prevention	Legitimate interest
Service improvement and analytics	Legitimate interest
Legal compliance and record keeping	Legal obligation
Marketing communications	Consent (where required)

Where we rely on legitimate interests, we have conducted balancing tests to ensure our interests do not override your fundamental rights and freedoms.

7. Data Security

We implement comprehensive security measures to protect your data across our infrastructure.

Infrastructure Security

Backend database hosted on Convex with SOC 2 Type II compliance
Cloud infrastructure with geographic redundancy
24/7 system monitoring and alerting
Regular security audits and compliance certifications

Technical Safeguards

TLS 1.3+ encryption for all data in transit
AES-256 encryption for data at rest
Secure password hashing using bcrypt with salt
Multi-factor authentication available through Clerk
API rate limiting to prevent abuse
Automated malware and vulnerability scanning

Organizational Controls

Role-based access controls limiting data access to authorized personnel
Employee background checks and security training
Confidentiality agreements for all team members
Documented incident response procedures
Regular penetration testing and security assessments

Your Responsibilities

Security is a shared responsibility. You can help protect your account by:

Using a strong, unique password for your account
Enabling multi-factor authentication when available
Keeping your login credentials confidential
Logging out when using shared devices
Promptly reporting any suspicious activity to security@seatherder.com

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data using commercially acceptable means, we cannot guarantee absolute security. You acknowledge that you provide information at your own risk.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Below are our standard retention periods:

Data Type	Retention Period
Account information	Duration of account plus 90 days after closure
Active events	Until you delete the event
Deleted events	Removed within 30 days of deletion request
Guest data	Until event deletion or 30 days after account closure
Seating history	Until you delete your account (used for cross-event optimization)
Email logs	90 days after sending
Support communications	2 years after resolution
Payment records	7 years (required for tax and accounting purposes)
Usage analytics (detailed)	90 days, then aggregated indefinitely

Account Deletion

You can delete your account at any time through your account settings. Upon deletion:

Your account will be deactivated within 24-48 hours
Personal data will be deleted within 30 days
Some data may be retained in anonymized form for analytics
Backup copies may persist for up to 90 days before automatic removal
Data required for legal compliance may be retained longer as required by law

If you need data deleted sooner for legal or personal reasons, contact us at privacy@seatherder.com and we will work to accommodate your request where possible.

9. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience, maintain security, and improve our Service.

Types of Cookies We Use

Cookie Type	Purpose	Required
Essential	Authentication, security, session management, CSRF protection	Yes
Functional	Remember preferences, UI state, language settings, theme choices	No
Analytics	Usage statistics, performance metrics, feature adoption tracking	No

Managing Cookies

You can control cookies through your browser settings:

Most browsers allow you to refuse or delete cookies
You can set preferences for specific websites
Private/incognito browsing limits cookie persistence
Disabling essential cookies may prevent you from using the Service

Do Not Track

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to be tracked. There is currently no industry standard for how companies should respond to DNT signals. At this time, our Service does not respond to DNT signals. However, you can manage your privacy preferences through cookie settings as described above.

Third-Party Cookies

Our service providers (Clerk for authentication, Stripe for payments) may set their own cookies. These cookies are governed by their respective privacy policies. We do not control third-party cookies and recommend reviewing their privacy policies for more information.

10. Your Rights

Depending on your location, you may have the right to:

Access the personal data we hold about you
Correct inaccurate data
Delete your data
Export your data in a portable format
Object to certain processing
Withdraw consent

To exercise these rights, contact us at privacy@seatherder.com. We will acknowledge your request within 5-10 business days and provide a substantive response within 30-45 days.

11. California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with specific rights:

Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you
Right to Delete: You can request deletion of your personal information, subject to certain exceptions
Right to Correct: You can request correction of inaccurate personal information
Right to Opt-Out: You can opt out of the sale or sharing of your personal information
Non-Discrimination: We will not discriminate against you for exercising your privacy rights

Seatherder does not sell personal information for monetary consideration nor do we share personal information for cross-context behavioral advertising purposes.

12. EU Privacy Rights

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

Right of Access (Article 15): Obtain confirmation of whether we process your personal data and receive a copy of that data
Right to Rectification (Article 16): Have inaccurate personal data corrected without undue delay
Right to Erasure (Article 17): Request deletion of your personal data ("right to be forgotten") in certain circumstances
Right to Restriction (Article 18): Request restriction of processing while we verify accuracy or assess your objection
Right to Data Portability (Article 20): Receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller
Right to Object (Article 21): Object to processing based on legitimate interests, direct marketing, or research purposes
Right to Withdraw Consent (Article 7): Withdraw consent at any time where processing is based on consent, without affecting prior lawful processing
Automated Decision-Making (Article 22): Not be subject to decisions based solely on automated processing that produce legal or similarly significant effects

Supervisory Authorities

You have the right to lodge a complaint with your local data protection authority (Article 77):

EEA: European Data Protection Board (EDPB) - edpb.europa.eu - maintains a list of all national supervisory authorities
United Kingdom: Information Commissioner's Office (ICO) - ico.org.uk
Switzerland: Federal Data Protection and Information Commissioner (FDPIC) - edoeb.admin.ch

To exercise any of these rights, contact us at privacy@seatherder.com. We will respond to your request within one month, which may be extended by two additional months for complex requests.

13. Other Jurisdictions

We are committed to complying with privacy laws in the jurisdictions where we operate. In addition to GDPR and CCPA/CPRA, we recognize the following privacy frameworks:

Canada (PIPEDA): The Personal Information Protection and Electronic Documents Act provides Canadians with rights to access, correct, and challenge the handling of their personal information. Contact the Office of the Privacy Commissioner of Canada (priv.gc.ca) for complaints.
Brazil (LGPD): The Lei Geral de Proteção de Dados provides Brazilian residents with rights similar to GDPR, including access, correction, deletion, and portability. Contact the Autoridade Nacional de Proteção de Dados (ANPD) for complaints.
Australia (Privacy Act): The Australian Privacy Principles (APPs) govern how we handle personal information of Australian residents. Contact the Office of the Australian Information Commissioner (OAIC) for complaints.
Japan (APPI): The Act on the Protection of Personal Information provides Japanese residents with rights to disclosure, correction, and cessation of use. Contact the Personal Information Protection Commission for complaints.
Singapore (PDPA): The Personal Data Protection Act provides Singapore residents with rights to access and correct their personal data. Contact the Personal Data Protection Commission for complaints.

If you are located in a jurisdiction with specific privacy laws not listed above, please contact us at privacy@seatherder.com and we will work to address your specific requirements.

14. International Transfers

Your data may be transferred to and processed in countries other than your own, including the United States where our service providers operate. We ensure appropriate safeguards are in place for such transfers in compliance with applicable laws, including:

Standard Contractual Clauses approved by the European Commission
Encryption of data in transit and at rest
Contractual commitments from our service providers to protect your data

15. Security Breach Notification

In the event of a security breach involving your personal information that creates a risk of identity theft or fraud, we will:

Notify affected users promptly via email and/or prominent notice on the Service
Describe the nature of the incident and types of data affected
Explain the steps we are taking to address the breach
Provide guidance on protective measures you can take
Report to relevant authorities as required by applicable law

16. Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a person under 18, we will take steps to delete that information promptly. If you believe we have collected data from a child, please contact us immediately at privacy@seatherder.com.

17. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will provide at least 30 days advance notice by posting a prominent notice on the Service or sending you an email. Continued use of the Service after changes take effect constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

18. Dispute Resolution

If you have concerns about our privacy practices, we encourage you to contact us first to seek resolution:

Informal Resolution: Contact us at privacy@seatherder.com and we will work to address your concerns
Response Time: We aim to respond to privacy inquiries within 5-10 business days
Regulatory Complaints: If we cannot resolve your concern, you may file a complaint with your local data protection authority

19. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us through any of the following channels:

Privacy Inquiries

privacy@seatherder.com

Security Issues

security@seatherder.com

Additional Contact Methods

General Support: support@seatherder.com
Legal Inquiries: legal@seatherder.com

Response Times

We strive to respond to all inquiries within the following timeframes:

Privacy requests: Acknowledgment within 5-10 business days, substantive response within 30-45 days
Security issues: Acknowledgment within 24 hours for potential vulnerabilities
General support: Response within 2-3 business days

Effective Date: January 1, 2025 | Last Updated: January 2025