Privacy Policy

Undefined is committed to meeting its legal and ethical obligations around data privacy, community safety, and nonprofit transparency. This policy explains what information we collect, why we collect it, and the safeguards we rely on to remain compliant with applicable U.S. privacy and consumer-protection laws.

Who We Are

Undefined is a 501(c)(3) nonprofit headquartered at 119 1ST AVE NW # 370, Ephrata, WA, USA 98823. We serve as the data controller for personal information collected through our websites, ticketing tools, and community operations. Questions about this policy can be directed to contact@undefined.charity.

Personal Data We Collect

We collect, process, store, and use personal data when you book tickets or purchase event-related products and services, including your name, address, email, and payment information. You may also provide information about other attendees; by doing so you confirm they understand this policy and that you have any consent required for us to process their data.

All personal data you provide must be true, complete, and accurate. If you supply false information and we suspect fraud, we will record it and may refuse service.

Data We Automatically Collect

When you visit our event ticket shop, we (and service providers acting on our behalf) automatically log device and usage data such as device identifiers, browser and operating system details, language, time zone, and anonymized statistics about browsing actions. We capture this information through cookies in line with the Cookie section of this policy and use it to improve our services, analyze trends, and secure our systems.

Marketing Communications

If you opt in to receive updates, you consent to us processing your data to send newsletters, surveys, campaign information, or invitations to new events. We store a record of your consent. You may withdraw at any time by emailing contact@undefined.charity or clicking unsubscribe in an email. Please allow up to five business days for changes to take effect.

Lawful Processing of Your Personal Data

We process your personal data to fulfill contractual obligations (e.g., delivering tickets, contacting you about an event, or providing add-on services). We also rely on our legitimate interests to deliver customer support, enforce agreements, satisfy regulatory or audit requirements (including anti-money laundering obligations), and notify you about policy updates.

Who We Share Your Data With

We may share personal data with vetted service providers that perform functions on our behalf, including payment processors, event ticketing vendors, email and IT providers, accountants, auditors, and legal counsel. They act under our instructions and must provide appropriate safeguards. We may also disclose data when required by law or to protect a third party’s rights, property, or safety.

Where We Hold and Process Your Personal Data

Your data is primarily stored and processed in the United States but may be transferred to other countries for operational reasons. We only transfer data to organizations that provide adequate safeguards and agree to comply with applicable U.S. privacy laws.

Cookies

Our ticket shop uses cookies so we can recognize returning visitors and personalize preferences. Most browsers accept cookies by default, but you can change your settings to be notified when a cookie is set or to block cookies. Blocking cookies may cause parts of our ticket shop to operate incorrectly.

We also use Google Analytics, which places persistent cookies on your device to understand how visitors use the shop. If you disable persistent cookies, Google Analytics will stop tracking your visit.

Security

We implement technical and organizational measures designed to keep personal data secure and guard against accidental loss, unlawful processing, or destruction. All information you provide is stored on secure servers, and payment transactions are encrypted via SSL. If you receive or create a password for our services, you are responsible for keeping it confidential.

No system is perfectly secure, and while we strive to protect your data we cannot guarantee absolute security.

Your Privacy Rights

You may request a copy of the personal data we hold, ask us to correct inaccuracies, or request deletion at any time by emailing contact@undefined.charity. We may charge a reasonable administrative fee if a request is manifestly unfounded or excessive.

You can also escalate concerns to U.S. consumer protection agencies or state attorneys general. Depending on your jurisdiction you may have additional rights, including under the California Consumer Privacy Act (CCPA) if you reside in California.

Data Retention

If you create an account with us, we retain your personal data until you close it. If you have booked tickets, purchased services, or contacted us with a question, we retain the associated data for six months after the relevant interaction in case follow-up is required. Marketing contact data is retained until you opt out.

Event-Specific Privacy Practices

We publish photography opt-out procedures, safety expectations, and other event-specific notices in our Community Event Guidelines within the Terms & Conditions. Review those guidelines before each event to understand how on-site privacy requests are handled.

Policy Updates

We may update this policy to reflect operational or legal changes. Check this page regularly to remain informed. Historic versions are available at: https://github.com/undefined-charity/undefined-site/commits/main/src/content/privacy/-index.md.

Governing Law

This policy is governed by the laws of the State of Washington and the United States. You agree to submit to the exclusive jurisdiction of courts located in Washington State for disputes arising from this policy.

---

Last updated: December 7, 2025