Privacy policy

Effective date: May 13, 2026. This policy describes how GoDo treats information when you use godosite.com (the public web companion), including when your browser calls the GoDo API from that site. The native GoDo mobile app uses the same API. Settings you choose in the app (for example language or age-related options) are handled in the app; this page focuses on the website and API requests sent from godosite.com.

Who we are

The site godosite.com is operated on behalf of GoDo. For privacy requests about this site or the API as used from the web, contact us at legal@godosite.com. General messages can also start from the Contact page.

What we collect and why

Information you submit on godosite.com

• Find ideas (home): when you run a search, your browser sends a request to the GoDo API with the fields you see on the form — for example location text, date and time preferences, experience types, budget, travel range, mood, group size, optional notes, whether you indicated 21 or older (optional; affects how we frame alcohol and adult-only venues; search still runs if you leave it unchecked), and related parameters. That full request is processed on the server to generate results (including calls to mapping / places providers and, where enabled, an automated curation step). The static site itself does not create a login account or a saved “trip history” database in the browser beyond what your browser always stores (see below).
• Location autocomplete: as you type in the Location field, partial text may be sent to the GoDo API for suggestion lists; the server uses Google Places–style autocomplete with keys it controls.
• Verify on map / verify flows: when you use verification actions tied to a place, the browser may send minimal identifiers (such as title and nearby location text) to the API so the server can return an appropriate maps or search link.
• Sponsor inquiries: if you use contact paths published for sponsors, whatever you include in email or forms is received like ordinary business correspondence.

Information collected automatically

• Hosting and CDN: our hosting and content delivery providers (for example Cloudflare in front of godosite.com) receive technical data typical of HTTPS requests, such as IP address, approximate region derived by the network, user agent, requested URL, and time. Those providers process data under their own terms and privacy policies as well as our configuration.
• API and application servers: when your browser calls the GoDo API, our application servers may record technical metadata for security, rate limiting, reliability, and debugging. What appears in logs and how long logs are kept depend on how our systems are configured; we use this information to run and protect the service.
• Local storage on your device: the site may store non-sensitive UI preferences in your browser (for example theme, color palette, your chosen language for find suggestions, whether you completed the first-visit language prompt, and optional saved find criteria if you opt in on Home). If you use optional troubleshooting or support features that show extra technical detail in your browser, avoid that on shared devices if you do not want others to see that output.

Aggregated “search demand” metrics (API)

To understand which regions and interest mixes are popular (including for sponsor planning), the GoDo API may append one aggregate analytics row when your search is not satisfied from the API’s in-memory response cache for an identical prior request (a “cache miss”). That row is stored in a private database on our infrastructure and includes: a UTC timestamp; a coarse area bucket derived from your location text (when geocoding succeeds: country, first-level region where available, and a rounded ~0.25° latitude/longitude grid — not a street address); when geocoding does not succeed: a short one-way hash of the trimmed location text (still not the raw text stored in that column); your selected experience types as a list; mood; and exploration tier. The row may be written early in processing on that cache-miss path. Your free-text location as typed may still appear in ephemeral processing and server logs as part of the live search, but the dedicated analytics row is limited to the fields above.

How we use information

• Operate, secure, and improve the website and API.
• Generate and rank experience suggestions, including sponsored placements where configured.
• Enforce rate limits, fraud prevention, and abuse detection.
• Comply with law and respond to lawful requests.

Sharing and subprocessors

We share information with service providers who help us run GoDo, under agreements or terms that fit their role. Examples of categories include hosting / CDN (delivering the site), cloud or dedicated servers (running the API), Google (Places and mapping-related services used from our servers), LLM providers when automated curation is enabled, and Sentry or a similar vendor if we turn on in-browser error reporting. We do not sell your personal information in the “data broker” sense. Sponsored cards are paid placement in results, not a separate sale of profiles.

Optional error reporting (Sentry)

The home page may load Sentry JavaScript only when a public browser DSN is configured for your deployment. If enabled, Sentry may receive error events and diagnostic context (such as stack traces and device/browser metadata). See Sentry’s privacy policy. If Sentry is disabled (default in the public repo: empty DSN), no such script runs.

Analytics scripts

We do not load third-party marketing analytics (for example Google Analytics or Plausible) on godosite.com by default. If we add audience or marketing analytics later, we will update this policy to name the tool, describe what it collects, and explain any choices you have.

Cookies

We do not use non-essential first-party cookies on this static site for tracking. Essential or functional storage may still occur through your browser’s localStorage for UI preferences as described above.

Sponsored results and affiliate links

Results may include sponsored cards when a sponsor is configured for your area and interests. Those are paid or business placements, not independent editorial rankings. If we use affiliate links in the future, we will label them clearly where they appear.

Retention

Web server, CDN, and API logs — and any vendor-side copies — are retained according to each system’s settings and our operational needs. Search-demand aggregate rows are kept until they are removed by automated limits or routine maintenance.

Security

We use HTTPS for the site and API in production. No security practice is perfect; use GoDo as a planning aid at your own discretion.

Your rights and choices

Depending on where you live, you may have rights to access, correct, delete, or export personal data, or to object to certain processing. Because the web experience does not use a logged-in account today, the most reliable way to exercise rights is to email us from the address you used to interact with us and describe the request. We may need to verify you before acting.

Children

GoDo is not intended for children under 13. The web home form includes an age attestation aligned with filtering alcohol-forward and adult-only suggestions (21+). If you believe a child has provided personal information, contact us and we will take appropriate steps.

International users

If you access the service from outside the United States, your information may be processed in the United States or other countries where we or our vendors operate.

Changes to this policy

We will post an updated policy on this page and revise the effective date when we make material changes. Continued use of the site after changes become effective constitutes your acceptance of the revised policy where permitted by law.

Contact

Privacy questions about godosite.com: legal@godosite.com

Related: Terms of use · FAQ · For choices that exist only in the GoDo mobile app, use that app’s settings or help.