Effective Date: July 1, 2025
This Privacy Policy describes how Nightrush Inc. (“Nightrush”, “we”, “us”, or “our”) collects, uses, discloses, and safeguards the personal data of users who interact with our services. Nightrush is a hospitality marketplace platform based in New York City, connecting suppliers (hospitality professionals) with buyers (event organizers, restaurants, venues, and individuals). This policy is structured to provide transparency in accordance with regulations including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and the New York SHIELD Act.
Nightrush Inc.,
Corporation Service Company
251 Little Falls Drive
Wilmington
DE, 19808
302-636-5401
privacy@nightrush.com
Personal Data collected includes: name, email address, phone number, address, location data, unique device identifiers, payment details, profile information, resume details (for suppliers), availability, usage data, cookies, and other tracking information.
Sensitive Data includes: background check results, identity documents, and in some cases, health-related certifications if required by clients.
We process Personal Data based on one or more of the following legal grounds:
- User consent
- Contractual necessity (e.g., service bookings)
- Legal obligation
- Legitimate interests (e.g., fraud prevention, product improvement)
Nightrush leverages a combination of Webflow (for website), AWS (for infrastructure), and Intercom (for communications). These services may collect and store data on geographically distributed servers.
Each service provider complies with privacy standards and is contractually bound by data protection obligations.
Our app is available on Apple App Store and Google Play Store. These platforms may collect usage statistics, diagnostics, and crash reports which may be shared with us in aggregate.
Users can opt out of analytics tracking through their mobile device settings.
Users may register via:
- Direct registration (form fields on app/website)
- Google OAuth (provided by Google LLC)
Data collected: name, email, phone number, login metadata.
We may allow users to invite others via address books or in-app links. This functionality requires permission and is opt-in.
Data used: contact information, names, and email addresses for invitation purposes only.
We use Intercom to manage user interactions, trigger help messages, and personalize onboarding.
Intercom may store user UUIDs, usage data, and session history for support purposes.
Nightrush uses cookies, web beacons, and similar technologies for:
- Authentication
- Preferences and personalization
- Analytics and diagnostics
- Advertising (where permitted)
You may manage cookie preferences in your browser settings or via banners provided in-app or on the website.
Third-party services used include:
- Stripe: payment processing and payouts
- Checkr: background verification
- Google Analytics: aggregate usage tracking
These services are governed by their own privacy policies.
Collected data is used to:Third-party services used include:
- Provide and improve our platform services
- Match buyers with suitable suppliers
- Communicate booking updates and operational notifications
- Conduct customer service and support
- Detect, prevent, and investigate security incidents
- Comply with legal and contractual obligations
Personal Data is retained for as long as necessary to fulfill service purposes or comply with legal obligations.
- Booking data: retained for 7 years (legal recordkeeping)
- Profile data: deleted upon account termination or 12 months of inactivity
- Communication logs: retained for support and dispute resolution
Users have the right to:
- Access their data
- Request corrections or deletions
- Withdraw consent at any time
- Object to processing for legitimate interests or marketing
- Request data portability
- File a complaint with a supervisory authority
Marketing emails include unsubscribe links.
Push notifications can be disabled in device settings.
Advertising tracking can be managed via settings on iOS, Android, or web opt-out tools (e.g., DAA, NAI).
Nightrush does not knowingly collect data from children under 18. If such data is discovered, it will be deleted immediately.
Nightrush uses TLS encryption, access controls, secure cloud infrastructure (AWS), and routine penetration testing to protect Personal Data.
Some Personal Data may be stored or processed outside the United States. We ensure all cross-border transfers comply with applicable legal safeguards, including Standard Contractual Clauses (SCCs) where required.
Your data may be disclosed to authorities when required by law or in response to subpoenas or legal proceedings.
We may update this policy from time to time. Material changes will be announced via email or app notification. Latest version will always be available on our website.
- Personal Data: any information that can identify an individual.
- Usage Data: technical data such as IP address, session info, and feature interactions.
- Controller: Nightrush Inc., responsible for determining the purposes of processing.
- Processor: Third parties who process data on our behalf.
If you have any questions or requests, contact us at:
privacy@nightrush.com
Nightrush Inc.,
Corporation Service Company
251 Little Falls Drive
Wilmington
DE, 19808
302-636-5401