OpenMicList

Privacy Policy

Effective date: 2026-05-19

OpenMicList is a community directory of open mics, jam sessions, and comedy nights across Barcelona, Madrid, Berlin, London, and New York. This page explains what we collect when you use the OpenMicList website (openmiclist.net) or the OpenMicList mobile app, why we collect it, and what rights you have. We try to keep the wording plain and short.

Who we are

The service is operated by Manuel Carbonell, a sole trader based in Barcelona, Spain. For any privacy question, data request, or complaint, contact manuel.carbonell.nunez@gmail.com.

What we collect and why

  • Approximate device location. If you grant the location permission in the mobile app or the browser, we use your coarse coordinates to sort nearby venues and to centre the map. We do not store your location on our servers and we do not build a location history.
  • Push notification token. If you opt in to push notifications in the mobile app, the operating system gives us an anonymous device token that we store on our server so we can send you reminders about events you signed up for or local listings. Notifications are optional, you can deny the permission or revoke it later in your device settings.
  • User-submitted content. Venue submissions, event signups, reviews, ratings, and any photos you upload are stored so we can show them in the app and on the website. Submissions are public by design.
  • Account data. If you sign in with Google, we receive your name, your email address, and your Google profile picture from Google so we can create your OpenMicList account and attribute your submissions to you.
  • Server logs. Our web server keeps short-lived logs of IP addresses and request paths for security and debugging. We do not run any third-party analytics SDK (no Google Analytics, no Mixpanel, no PostHog, no Sentry, no Firebase Analytics) at the time of this policy.

Cookies and local storage

We use a session cookie to keep you signed in if you choose to create an account. The progressive web app caches static assets (icons, fonts, the offline fallback page) in your browser or device storage so the app keeps working when you lose connectivity. We do not use advertising cookies or cross-site tracking cookies.

Third parties we rely on

  • Google OAuth (Sign in with Google). Only used if you choose to sign in. Google privacy policy.
  • Google Maps. Used to render the venue map and to let you pick a venue location when submitting one. Google privacy policy.
  • Firebase Cloud Messaging (FCM) and Apple Push Notification service (APNs). Used to deliver push notifications if you opt in. Firebase privacy, Apple privacy.
  • Cloudflare. Used as a CDN and edge security layer in front of our servers, so Cloudflare sees the IP and request metadata of every visit. Cloudflare privacy policy.
  • Stripe. If you choose to support the project with a one-off tip, the payment is processed by Stripe. We never see your card details. Stripe privacy policy.

Legal basis (GDPR)

For users in the European Economic Area, we rely on the following legal bases under the GDPR: your consent (push notifications, location, account creation via Google), the legitimate interest of running a usable directory (server logs, basic session cookies), and the performance of the service you requested (showing the events you signed up for).

Your rights

You can exercise the following rights at any time by emailing manuel.carbonell.nunez@gmail.com:

  • Access to the data we hold about you.
  • Rectification of inaccurate data.
  • Erasure (the right to be forgotten).
  • Portability of the data you provided to us.
  • Withdrawal of any consent you previously gave (for example, turning off push notifications).
  • The right to lodge a complaint with the Spanish data protection authority, the Agencia Española de Protección de Datos (AEPD, aepd.es), or with your local supervisory authority in the EU.

How to request deletion

Send an email to manuel.carbonell.nunez@gmail.com from the address linked to your OpenMicList account, with the subject line “Delete my data”. We will delete your account, your push token, your event signups, your reviews, and any photos you uploaded within 30 days. Venue listings you submitted may remain in the directory in an anonymised form, because they describe public venues rather than personal data. You will receive a written confirmation once deletion is done.

Data retention

We keep account data and content you submitted for as long as your account is active. Push tokens are deleted automatically when the platform reports them as invalid. Server logs are rotated and discarded within 30 days.

Children

OpenMicList is not directed at children. We do not knowingly collect data from anyone under 13, or under 16 in the European Union. If you believe a minor has created an account, contact us and we will delete it.

International transfers

Our servers are hosted in the European Union. Some of the third parties listed above (Google, Cloudflare, Stripe, Apple) may process data outside the EU under the Standard Contractual Clauses or equivalent safeguards.

Changes to this policy

We may update this policy from time to time. The effective date at the top reflects the most recent change. Material changes (for example, adding a new third party or a new data category) will be announced in the app and on the website at least 14 days before they take effect.

Contact

Manuel Carbonell, Barcelona, Spain. Email: manuel.carbonell.nunez@gmail.com.

Privacy Policy·Delete account