Privacy policy

This page describes what data OpenSignup collects and how it is used. It is written in plain English and reflects what the code actually does — the source is open and you can verify any claim here against the schema at github.com/richshaw/OpenSignup.

The OpenSignup project is an open-source coordination tool released under AGPL-3.0. This page applies to this instance — the deployment you are currently using. The data controller for this instance is the operator of this instance.

What we collect from organizers

Organizers (people who create signups) sign in via a magic link sent to their email. We store:

• Email address (used to send magic-link sign-in emails).
• Optional display name and organization name.
• The signups, slots, and settings you create.
• An append-only activity log of organizer actions (sign-ins, creating and editing signups, sending magic links), participant commitments on your signups, and reminder dispatches. This exists so an organizer can audit what happened in their own workspace and so the operator can investigate abuse. The same log records anonymous view telemetry on the marketing home page and on your public signup pages (see “Logs and rate-limiting” below).

No password is ever stored — authentication is magic-link only.

What we collect from participants

Participants (people signing up for a slot) never create an account. When you commit to a slot we store only what is needed to honour your commitment:

• Display name.
• Email address. This is required so we can send you a confirmation, optional reminders, and a link to edit or cancel your commitment.
• Your slot selection, quantity, and any optional notes.

A short-lived browser cookie lets you return and edit or cancel your own commitment without re-entering your email. See the cookies page for details.

Logs and rate-limiting

To prevent abuse, the server records request IP addresses in short-lived rate-limit records (e.g. to throttle magic-link sends). These rows are scoped to individual buckets and are not joined to your account or commitment for analytics. Server-side application logs are standard request/error logs and do not include cookies, tokens, or magic-link URLs.

For each view of a public signup page, the server writes a single activity entry containing a user-agent class (browser, bot, or unknown), the host of the referring page (not the full referer URL), the signup's status, and whether the viewer is a returning participant on that signup. We do not record your IP address on this entry. Bot traffic and requests carrying a Do Not Track or Global Privacy Control signal are skipped. The same applies when you follow an “edit your commitment” link, when you load the marketing home page, and when you click the “Start a signup” button on it (where we record only the user-agent class and the referring host).

Email delivery

OpenSignup sends two kinds of email: organizer magic-link sign-in emails, and slot reminders to participants who provided an email address. Delivery uses whichever transport the operator has configured (SMTP, a transactional provider, or local console output in development). No marketing email is ever sent.

Third parties

OpenSignup is designed to have no required external dependencies beyond a Postgres database. Optional integrations (email provider, error reporting, product analytics, AI draft generation) are off by default and only enabled if the operator has configured them via environment variables. Where this instance has enabled any such integration, the operator will list it on request.

Your rights

You can request a copy of the data we hold about you, or ask us to delete it, by emailing hello@opensignup.org. Today this is a manual process — self-service export and deletion endpoints are on the roadmap. Organizers can already delete individual signups from their workspace settings, which removes the associated commitments.

Self-hosting note

If you are reading this on a self-hosted copy of OpenSignup, the operator of that instance — not the OpenSignup project — is responsible for how your data is handled. The OpenSignup project publishes source code only; it does not operate or have access to data on other people's deployments.

Contact

Questions about this policy or about data we hold: hello@opensignup.org.