Privacy Policy
Last updated: May 17, 2026
todoPR is operated by Alquimia Tech ("we", "us", "our"). This policy explains what personal information we collect through todopr.net and related services, how we use and share it, and the choices you have. It is written to reflect how the product actually works today, including account sign-in, producer submissions, moderation, and bilingual event publishing.
Information we collect
We collect information you provide directly, including your email address, municipality, and any optional profile details you choose to add such as your name, mobile phone number, age range, gender, communication preferences, public name preference, and organization details for producer accounts. We also collect the information you send through contact forms and producer submission tools, including event details, notes, and uploaded flyer or PDF files. When you use the service, we create records tied to your account or device such as saved events, shared plans, tutorial or onboarding state, login and verification records, and standard security logs like IP address, user agent, and request timestamps.
How we use information
We use personal information to operate the service, sign you in, maintain your account, remember preferences, let you save or share plans, respond to messages, review and moderate producer submissions, publish and translate event information, prevent fraud or abuse, troubleshoot problems, and improve the product. We do not sell personal information, and we do not use your information for third-party behavioral advertising.
How we share information
We share information only as needed to run the service, comply with law, or protect users and the platform. That includes service providers who host or support the app, store uploaded files, deliver transactional email, and help us process event materials and text workflows, such as Amazon Web Services for object storage, SendGrid for sign-in and operational email, and OpenAI for event-processing tasks like flyer extraction or translations when those features are used. We also publish event information and producer-submitted materials that are approved for the public catalog. Event pages and recommendations may include data sourced from third parties such as TMDB, OMDb, Yelp, venues, and ticketing platforms; if you click through to those services, their own terms and privacy policies apply.
Cookies and similar storage
We use a limited set of cookies and similar browser storage for functional purposes. These include the session cookie that keeps you signed in, a preview-gate cookie while private access is enabled, and a preferences cookie that remembers display settings. We also use local or session storage for things like tutorial dismissal state, cookie-banner dismissal, and sign-in flow helpers. We do not currently use advertising cookies. If we add non-essential analytics or marketing technologies, we will update this policy and any related site controls.
Security and incident response
We use reasonable administrative, technical, and organizational safeguards designed for a product at this stage, but no system is perfectly secure. Access to accounts depends in part on the security of your email account because sign-in uses magic links. If we experience a security incident that triggers notice obligations, we will provide notices required by applicable law, including Puerto Rico and U.S. breach-notification rules.
Data retention
We keep account information, submissions, moderation records, and operational logs for as long as reasonably necessary to run the service, maintain auditability, resolve disputes, prevent abuse, and meet legal obligations. If you ask us to delete your account, we will work to remove or de-identify personal information within a reasonable period, except where we need to retain certain records for security, legal, accounting, or moderation-history purposes.
Your choices
You can review and update some profile information from your account page. For account help, access requests, correction requests, deletion requests, or questions about how we handle personal information, email info@todopr.net. We will review and respond in line with applicable law and the practical capabilities of the service.
Children
todoPR is not directed to children under 13, and children under 13 should not create accounts or send us personal information through the service. Our age-range field is intended for teen and adult users, not to invite children under 13 to register. If we learn that we collected personal information from a child under 13 without legally sufficient authorization, we will delete it.
Changes to this policy
We may update this policy as the product evolves, as our service providers change, or as legal requirements change. When we make material changes, we will update the "Last updated" date above and, when appropriate, provide additional notice in the product or by email.
Questions? Email us at info@todopr.net.