Privacy Policy

The privacy of your data is a big deal to us. We’ll only ever access your account to help you with a problem or fix a software bug. We log all access to all accounts, so we can always verify that no unauthorized access has happened for as long as the logs are kept.

Identity & access

When you sign up for /whereis #everybody?, we ask for your name, team or company name, and email address. That’s just so you can personalize your account, and we can send you invoices, updates, or other essential information. We’ll never sell your personal info to third parties. We won’t use your name or company in marketing statements without your permission.

When you pay for /whereis #everybody?, we ask for your credit card and billing address. That’s so we can charge you for service, and send you invoices. Your credit card is passed directly to our payment processor and doesn’t ever go through our servers. We store a record of the payment transaction, including the last 4 digits of the credit card number, for account history, invoicing, and billing support. We store your billing address to detect fraudulent credit card transactions, and to print on your invoices.

When you write us with a question or to ask for help, we’ll keep that correspondence, and the email address, for future reference. When you browse our marketing pages, we’ll track that for statistical purposes We also store any information you volunteer, like surveys, for as long as it makes sense.

The only times we’ll ever share your info:

Your Rights With Respect to Your Information

You may have heard about the General Data Protection Regulation (“GDPR”) in Europe. GDPR gives people under its protection certain rights with respect to their personal information collected by us on the site. Accordingly, we recognize and will comply with GDPR and those rights, except as limited by applicable law.

The rights under GDPR include:

If you have questions about exercising these rights or need assistance, please contact us at support@whereis-everybody.com.

Third party processor

As part of the services we provide, and only to the extent necessary, we may use certain third party processors to process some or all of your personal information. For identification of these processors, contact us at support@whereis-everybody.com.

Law enforcement

We won’t hand your data over to law enforcement unless a court order says we have to. We reject requests from local and federal law enforcement when they seek data without a court order. And unless we’re legally prevented from it, we’ll always inform you when such requests are made.

Security & Encryption

All data is encrypted via SSL/TLS when transmitted from our servers to your browser. The database backups are also encrypted.

Deleted data

When you cancel your account, we’ll ensure that nothing is stored on our servers past 30 days.

Location of site and data

This site is operated in the EU.

Changes & questions

We may update this policy once we see a pressing need — we’ll notify you about significant changes by emailing the account owner. You can access, change or delete your personal information at any time by contacting our support team.

Questions about this privacy policy? Please get in touch and we’ll be happy to answer them!


Adapted from the Basecamp open-source policies / CC BY 4.0.