November 18, 2026
00d:
00h:
00m:
00s

Legal

Privacy Policy

Last updated: March 5, 2026

Psych Safety Day (“we,” “us,” or “our”) is a virtual conference produced by Jason Eisner. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website, purchase a ticket, or participate in our event. We are committed to handling your data responsibly and transparently.

Information We Collect

We collect only the information necessary to deliver the event experience:

  • Account information: Name, email address, company, and job title — provided during registration or onboarding.
  • Payment information: Payments are processed by Stripe. We never see, store, or have access to your full credit card number. We receive only a confirmation of payment and basic transaction details (amount, last four digits, billing name).
  • Event participation data: Session attendance, chat messages, peer recognitions, community board posts, photo booth images, and schedule selections — all created by you during the event.
  • Technical data: Approximate geographic location (city/country level, derived from your IP address for the attendee map), browser type and Zoom SDK compatibility (for technical support), and page load performance metrics.
  • Support requests: Any messages you submit through the in-event help button.

What We Do Not Collect

  • We do not use tracking cookies, advertising pixels, or third-party analytics trackers.
  • We do not sell, rent, or share your personal data with third parties for marketing purposes.
  • We do not require a cookie consent banner because we only use a single essential authentication session token (Supabase auth) — no tracking cookies.
  • We do not collect precise GPS location. City-level geolocation is derived from your IP address and used solely for the attendee map visualization.

How We Use Your Information

  • Deliver the event: Authenticate your access, display your name in chat, track session attendance, and provide event features.
  • Send event communications: Registration confirmations, event reminders, post-event follow-ups, and recording access notifications via Resend (our email provider).
  • Provide technical support: Browser and connection data helps us troubleshoot issues during the live event.
  • Generate aggregate analytics: Attendance numbers, engagement patterns, and geographic distribution — used to improve future events. Individual-level data is never shared publicly.
  • Sponsor reporting: We share anonymized, aggregated data with sponsors (e.g., total attendees, session popularity, booth visit counts). We never share your personal information with sponsors without your explicit consent.
  • Warm introductions (opt-in only): If you opt in during onboarding, we use AI to suggest connections with other attendees who share similar interests, sending a mutual introduction email after the event. You can withdraw consent at any time.

Third-Party Services

We use a small number of trusted services to deliver the event:

  • Supabase — Database, authentication, and file storage. Data is stored with row-level security policies.
  • Stripe — Payment processing. Stripe handles all payment card data under their PCI-compliant privacy policy.
  • Resend — Email delivery for event communications.
  • Zoom — Video conferencing for live sessions, embedded within our platform via the Meeting SDK.
  • Vercel — Application hosting.
  • Anthropic (Claude AI) — Powers AI features such as email copy generation, content summaries, and attendee matching. Your individual data is not used to train AI models.

Data Retention

  • Event data (chat messages, attendance records, board posts, peer recognitions) is retained for 12 months after the event to support recording access and post-event features, then permanently deleted.
  • Account information (name, email, company) is retained as long as your account exists.
  • Payment records are retained for 7 years for tax and accounting compliance, as required by law.
  • Photobooth images are stored for the duration of the recording access period, then deleted.
  • Technical logs (heartbeats, support requests) are deleted 90 days after the event.

Your Rights

You have the right to:

  • Access your data: Request a copy of all personal data we hold about you.
  • Export your data: Receive your data in a structured, machine-readable format (JSON).
  • Delete your data: Request permanent deletion of your account and all associated data. This action is irreversible and includes all chat messages, event participation records, photos, and account information.
  • Correct your data: Request corrections to any inaccurate information we hold about you.
  • Withdraw consent: Opt out of warm introductions or non-essential communications at any time.

To exercise any of these rights, contact us at privacy@psychsafetyday.com. We will respond within 30 days.

Security

We take reasonable measures to protect your personal information. All data is transmitted over HTTPS. Database access is controlled through row-level security policies. Administrative access is limited to authorized personnel. Payment processing is handled entirely by Stripe under their PCI DSS certification. We do not store passwords in plaintext — authentication is managed by Supabase using industry-standard hashing.

Children’s Privacy

Psych Safety Day is a professional development event intended for adults. We do not knowingly collect personal information from anyone under the age of 16. If we become aware that we have collected data from a child, we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify registered users by email. The “Last updated” date at the top of this page indicates when the policy was last revised. The latest version is always available at this URL.

Contact Us

If you have questions about this Privacy Policy or how we handle your data:

Jason Eisner

Producer, Psych Safety Day

privacy@psychsafetyday.com