Legal
Effective May 5, 2026 · Last updated June 21, 2026
BlockWalk is a place to organize and join walks in your city. We collect the minimum we need to make that work, and we do not sell, trade, or rent it. There are no ads here, no third-party trackers, no analytics SDKs, and no algorithmic feed grading what you see by what keeps you scrolling. This page explains what we hold, who can see it, what we do with it, and how you get rid of it. If anything below is unclear, email hello@blockwalk.org and we will answer.
We collect what you give us and nothing else. When you sign up: your email address, an age attestation that you are 18 or older, and the username and display name you choose. When you fill out your profile: your avatar image, a short bio, your Instagram handle, and a personal website link — all optional. When you host a walk: the title, city, date, meeting point, waypoints, and any notes you write. When you RSVP to a walk: a record that links your account to that event so the host knows you are coming. After a walk: any safety signal you choose to submit. That is the full list. We do not collect anything you have not typed in or uploaded yourself.
We do not fingerprint your device. We do not track which pages you visit before or after BlockWalk. We do not embed ad-tech identifiers, conversion pixels, social-share trackers, or session replay tools. We do not pull your contacts, calendar, or photo library. We do not record your location in the background. We do not collect a photo of you — the avatar on your profile is one you uploaded. There is no analytics SDK in the app. There is no third-party JavaScript loading from someone else's domain on any page that handles your data.
Public — visible to anyone on the internet without an account: your username, display name, avatar, bio, Instagram handle, website link, the public walks you host (title, city, date, and the general area shown on the map), and the date you joined BlockWalk. RSVP-gated — visible only after you RSVP to a specific walk: the exact meeting-point coordinates, the full waypoint route, any photo tips or notes the host attached, and the attendee roster for that walk. Private — visible only to you (and to BlockWalk staff when strictly necessary to operate the service): your email address, your age attestation, your account creation timestamp, the list of walks you have RSVP'd to, and any safety signals you have submitted. Hosts can see who has RSVP'd to their own walks, but never attendee email addresses.
Hosts never see attendee email addresses. When a host needs to message attendees — for example, to send a weather update or a meeting-point change — BlockWalk relays the message through our system, so the host writes once and we deliver it to each attendee's inbox without exposing their address. Attendees can choose to opt in to direct contact with a specific host on a per-walk basis; until they do, the relay is the only channel. Hosts who try to scrape, export, or otherwise circumvent the relay are subject to account suspension.
BlockWalk sets one cookie: the Supabase authentication session cookie that keeps you signed in. We also use Cloudflare Turnstile to prevent automated spam on our forms, which operates without tracking cookies. No advertising cookies, no third-party cookies, no consent banner because there is nothing to consent to beyond making the site work. We do not use Google Analytics, Mixpanel, Segment, Amplitude, Posthog, Hotjar, or any equivalent product. We do not have a Facebook Pixel, a TikTok Pixel, a LinkedIn Insight Tag, or any other ad-network identifier. If we ever add lightweight server-side request logging for debugging, it will be aggregate and unattributed, and we will say so here before turning it on.
We send three kinds of email and no others. (1) Magic-link sign-in codes, sent through Postmark when you ask to log in; the link expires within one hour. (2) Waitlist confirmations, sent through Postmark if you joined the waitlist. (3) Walk-related messages from a host you have RSVP'd to, relayed through Postmark — you can opt out of any host's relay at any time from your event page, and you can opt out of all host relays from your account settings. We never send marketing email. We never sell your address to a newsletter. If you enable Web Push notifications on your device, we store a push subscription token solely to alert you when a walk is about to start or a host sends a message. You can revoke push access at any time through your browser settings. Our outbound mailbox (hello@blockwalk.org) is hosted at Fastmail.
Running BlockWalk requires a small number of vendors, each handling a single piece of the service. Mapbox serves map tiles and runs reverse geocoding — when you open the map or a host taps a meeting point, your browser fetches tiles directly from Mapbox and we send Mapbox the coarse coordinates we need to look up a city name; we never send Mapbox your account, email, or username. Cloudflare Turnstile runs a no-tracker bot challenge on the sign-in form and the waitlist form; Turnstile sees your IP address and the request headers your browser sends to every site, and returns a yes/no signal — it does not set tracking cookies. Sentry receives crash reports when the app errors; each report is tagged with the environment (dev / preview / prod) and the deployed commit, and includes a stack trace plus the route that broke. We do not attach your account email or session token to Sentry reports. Postmark sends our transactional email — magic-link sign-in codes, waitlist confirmations, and host-relayed walk messages; every message we send through Postmark carries a List-Unsubscribe header so your mail client can offer a one-tap opt-out. When you opt in to walk notifications, your browser registers a push subscription with the platform's own push service (Apple, Google, or Mozilla, depending on your device); we store the endpoint URL plus the public key your browser issued, and we use them only to deliver messages tied to walks you have RSVP'd to. We also use Vercel to host the application, Supabase for the database and authentication, Cloudflare for DNS and CDN, and Fastmail for the hello@blockwalk.org mailbox. Each processor handles your data only as needed to deliver their part of the service, under their own privacy policies, and only on our instructions. We do not share data with anyone outside this list. We have no advertising partners, data brokers, affiliate networks, or marketing analytics vendors. If we add a processor, this section will be updated and the last-updated date will move.
Wherever you live, you can ask us for a copy of the data we hold about you, ask us to correct anything that is wrong, ask us to export it in a portable format, and ask us to delete your account and the data tied to it. To delete your account, use the "Delete account" option at the bottom of your profile page — this wipes your profile, email, RSVPs, and attendance records immediately. For a data export or any other request, email hello@blockwalk.org with the email address on your account and we will respond within 30 days, usually faster. We will never charge you a fee for a reasonable request, and we will never make you jump through hoops to exercise a right the law already gives you. If you are in the EU/UK and we cannot resolve a complaint to your satisfaction, you have the right to escalate to your local data protection authority.
Your account stays active until you delete it. When you delete your account, we immediately remove your profile, email address, RSVPs, and attendance records. Community walk routes you submitted to the atlas are anonymized — your email is removed from the submission record — though the route data itself stays in the atlas as part of the public record. Walks you have hosted (events you created) may stay visible as past events, but we will remove your name from them on request. Magic-link tokens expire automatically within one hour of issue. Server logs are kept for short rolling windows for operational debugging and are not used to profile you.
We will comply with valid US legal process — a subpoena, court order, or warrant served on BlockWalk by a US authority with jurisdiction. We will not voluntarily share your data with law enforcement without legal process, and we will not proactively monitor your activity for the benefit of any government, agency, or private investigator. When we receive a legal request, we evaluate it for validity and scope and push back on overreach. We publish an annual transparency report covering the requests we received, the requests we complied with, and the requests we resisted — see /transparency. If you are notified of a request that names you, that notification comes from us unless a court has gagged us from telling you.
BlockWalk is an 18+ platform. We require an age attestation at signup and we do not knowingly collect data from anyone under 18. If you are under 18, do not use BlockWalk. If you are a parent, guardian, or other adult who has reason to believe a minor has created an account, email hello@blockwalk.org with the username and we will close the account and delete the data within 30 days, faster if we can confirm the report quickly.
BlockWalk is operated from the United States and our infrastructure (Vercel, Supabase, Postmark, Cloudflare, Fastmail) is primarily US-based. If you use BlockWalk from outside the United States, you are agreeing that your data will be transferred to and stored in the US, where data protection law differs from your home jurisdiction. The rights described above (access, correction, export, deletion) apply regardless of where you live.
If we change this policy, we will update the effective date at the top of the page and, for material changes, post a notice in the app for at least 30 days before the change takes effect. We will not retroactively reduce protections on data we already hold. The history of this policy lives in the public Git repository for this codebase, so you can read every word that has ever appeared here.
Privacy questions, data requests, complaints, corrections, and reports of suspected minor accounts all go to hello@blockwalk.org. A human reads every message and we aim to reply within a few days.
Annual transparency report: government requests, takedowns, and what we held the line on. See /transparency.
Privacy questions or data requests: hello@blockwalk.org.