Privacy Policy

This Privacy Policy explains how Lore Experiences Inc. (“LORE,” “we,” “us”) collects, uses, shares, and protects personal information when you use the LORE mobile application, website, or any related services (the “Platform”).

This Privacy Policy is part of, and incorporated by reference into, our Member Terms of Service. Capitalized terms not defined here have the meanings given in our Terms of Service.

LORE is based in the United States and the Platform is intended for residents of the United States. By using the Platform, you confirm that you are located in the United States.

PLEASE READ THIS PRIVACY POLICY CAREFULLY. IT EXPLAINS WHAT INFORMATION WE COLLECT, HOW WE USE AND SHARE IT, AND THE PRIVACY CHOICES AVAILABLE TO YOU — INCLUDING SPECIFIC RIGHTS FOR RESIDENTS OF CERTAIN STATES.

1. Who we are and how to reach us

Lore Experiences Inc. is a Delaware corporation. We operate a curated experiences platform that introduces members to selected third-party suppliers (“Suppliers”).

If you have questions about this Privacy Policy or our privacy practices, you can reach us at:

Email: begin@joinlore.co

Postal mail: Lore Experiences Inc., 30 Crosby street #3B New York, NY, 10013

2. Information we collect

We collect information in three ways: information you give us directly, information we collect automatically when you use the Platform, and information we receive from third parties.

2.1 Information you provide

You provide information when you create an account, book Services, communicate with us, or otherwise use the Platform. This includes:

Account information — name, email address, phone number, password, profile photo, date of birth (for age verification), and account preferences.

Booking information — the Services you book, dates, locations, special requests, dietary preferences, accessibility needs, guest details, and any health-related information you provide that is relevant to a Service.

Payment information — payment card details, billing address, and similar information. Payment card numbers are collected and processed by our payment processor; we receive limited payment information (such as the last four digits, expiration date, and card type) for transaction support and fraud prevention.

Communications — messages you send to us or to Suppliers through the Platform, customer support inquiries, survey responses, feedback, and complaints.

Member Content — reviews, ratings, photos, videos, comments, or other content you submit through the Platform.

Verification and identity information — in limited cases, government-issued ID or other documentation for age verification or fraud prevention.

2.2 Information collected automatically

When you use the Platform, we (and our service providers) automatically collect:

Device information — device type, model, operating system, unique device identifiers, advertising identifiers, mobile network information, browser type, and language settings.

Usage information — pages or screens viewed, features used, clicks, taps, scrolls, search queries, session duration, referring/exit pages, and other interactions with the Platform.

Location information — approximate location based on IP address, and (with your permission) precise location from your device. Precise location is used to help you discover relevant nearby experiences.

Log and diagnostic information — server logs, IP addresses, timestamps, crash reports, performance metrics, and similar technical information.

Cookies and similar technologies — see Section 5 below.

2.3 Information from third parties

We may receive information about you from:

Suppliers — booking confirmations, fulfillment updates, attendance information, feedback about your experience, and information about complaints, damages, or incidents.

Payment processors — transaction status, fraud signals, chargeback notifications, and related payment information.

Service providers — analytics, security, fraud prevention, marketing, customer support, and communications providers (see Section 4).

Social media or sign-in services — if you choose to sign in using a third-party account (e.g., Apple, Google), we receive the information that service makes available to us, subject to your privacy settings on that service.

Advertising and marketing platforms — information about how you found us, the effectiveness of marketing campaigns, and audience attributes.

Other Members and referrals — if a Member refers you to LORE or invites you to a shared booking, we may receive your contact information from them.

Public sources — publicly available information from social media, professional networks, or other public sources, where relevant to our business.

2.4 Sensitive personal information

Some of the information we collect may be considered “sensitive personal information” under California law or similar information under other state privacy laws. This may include: precise geolocation, payment card information, government-issued identifiers (if you choose to provide them), and health or dietary information you provide for bookings.

We use sensitive personal information only as reasonably necessary to provide the Platform and the Services you request, to comply with law, to prevent fraud or harm, and for other limited purposes permitted by law. We do not use sensitive personal information for purposes that would require us to offer a right to limit such use under California law.

3. How we use information

We use the information we collect for the following purposes:

Providing the Platform and Services — creating and managing your account; presenting Services; facilitating bookings; processing payments and refunds; communicating booking confirmations, updates, and customer service messages; sharing necessary information with Suppliers to fulfill your bookings.

Personalization and curation — personalizing your experience; recommending Services that may interest you; providing editorial content; remembering your preferences and prior interactions.

Marketing and communications — sending you marketing emails, push notifications, SMS messages (where you have opted in), and in-app communications about new Services, LORE Originals, offers, events, and updates; measuring marketing effectiveness; running advertising campaigns.

Analytics and product improvement — understanding how the Platform is used; identifying trends; testing new features; debugging; improving the Member experience and Service quality.

Security, fraud prevention, and trust and safety — detecting and preventing fraud, abuse, unauthorized access, and prohibited conduct; investigating incidents; enforcing our Terms of Service and other policies; protecting our Members, Suppliers, and personnel.

Legal and compliance — complying with applicable laws, regulations, court orders, and lawful requests from government authorities; responding to legal claims; protecting our rights and the rights of others.

Business operations — internal reporting; financial management; tax compliance; auditing; corporate governance; investor reporting and due diligence; planning and execution of corporate transactions.

With your consent — for any other purpose disclosed at the time of collection or with your consent.

4. How we share information

4.1 With Suppliers

To fulfill your bookings, we share necessary information with the relevant Supplier. This typically includes your name, contact information, booking details, special requests, and any health, dietary, accessibility, or similar information relevant to the Service.

Suppliers are required, under our Supplier Agreement, to use Member information only as necessary to fulfill the Service and not for their own marketing, profiling, list building, or other unrelated purposes.

4.2 With service providers

We share information with service providers that perform functions on our behalf, including:

Payment processing and fraud prevention — [LIST, e.g., Stripe].

Hosting, infrastructure, and data storage — [LIST, e.g., AWS, Vercel, Cloudflare].

Communications and messaging — email, SMS, push notification, and customer support providers [LIST, e.g., Postmark, Twilio, Intercom].

Analytics and product measurement — [LIST, e.g., Amplitude, Mixpanel, Google Analytics, Sentry].

Advertising and marketing — [LIST, e.g., Meta, Google, TikTok, X, LinkedIn].

Security and fraud detection — [LIST, e.g., reCAPTCHA, fraud-screening providers].

Professional advisors — lawyers, accountants, auditors, insurers, and consultants.

Our service providers are contractually required to handle personal information consistent with this Privacy Policy and applicable law, and only for the purposes we authorize.

4.3 For legal, safety, and compliance reasons

We may disclose information when we believe in good faith that disclosure is necessary to:

(a) comply with applicable laws, regulations, court orders, subpoenas, or other legal process;

(b) respond to lawful requests from public authorities, including for national security or law enforcement;

(c) enforce our Terms of Service, this Privacy Policy, or other policies;

(d) protect the rights, property, safety, or security of LORE, our Members, Suppliers, personnel, or others;

(e) investigate, prevent, or address fraud, abuse, or other prohibited conduct; or

(f) defend against legal claims.

4.4 Corporate transactions

If LORE is involved in a merger, acquisition, financing, reorganization, sale of assets, or change of control, we may transfer or share personal information as part of that transaction or due diligence process, subject to confidentiality protections appropriate to the circumstances.

4.5 With your consent or at your direction

We may share information with other parties when you direct us to or otherwise consent.

4.6 Aggregated and de-identified information

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you, including for analytics, research, marketing, and business purposes.

4.7 “Sale” and “sharing” under California law

LORE does not “sell” personal information for money. However, like many digital businesses, we use third-party advertising and analytics technologies that may involve “sharing” personal information for cross-context behavioral advertising as those terms are defined under California law. This may include sharing identifiers, device information, and usage information with advertising platforms to measure and improve marketing effectiveness.

You can opt out of such sharing at any time — see Section 8 below.

We do not knowingly “sell” or “share” the personal information of consumers we know to be under 16.

5. Cookies and similar technologies

We and our service providers use cookies, SDKs, pixels, tags, web beacons, local storage, and similar technologies to operate the Platform, remember your preferences, analyze usage, personalize content, and deliver and measure advertising.

Categories we use:

Strictly necessary — required for the Platform to function (e.g., authentication, security, load balancing). These cannot be disabled.

Functional — remember preferences and improve usability.

Analytics and performance — measure how the Platform is used and how to improve it.

Advertising and marketing — deliver and measure relevant advertising on the Platform and on third-party services.

Managing cookies and tracking:

Your browser may allow you to block or delete cookies. Mobile devices may allow you to limit ad tracking or reset advertising identifiers in settings.

You can opt out of certain interest-based advertising through industry tools such as the Digital Advertising Alliance (optout.aboutads.info) and the Network Advertising Initiative (optout.networkadvertising.org).

We honor the Global Privacy Control (GPC) browser signal as an opt-out request for the sale or sharing of personal information where required by law.

6. Marketing communications

We may send you marketing emails, push notifications, SMS messages (where you have opted in), and in-app communications about LORE.

You can opt out of marketing emails by clicking the unsubscribe link in any email, and you can opt out of SMS marketing by replying STOP to any marketing SMS. You can manage push notifications in your device settings. Even if you opt out of marketing, we may still send you transactional, service, or account-related communications (e.g., booking confirmations, account changes).

7. Your privacy choices

7.1 Account information

You can review and update your account information in your LORE account settings. If you want to deactivate or delete your account, contact us at begin@joinlore.co or use the in-app account deletion option (where available).

7.2 Location services

You can enable or disable precise location services for the LORE app in your device settings.

7.3 Push notifications and SMS

You can manage push notifications in your device settings. You can opt out of SMS marketing by replying STOP.

7.4 Marketing emails

You can unsubscribe from marketing emails via the unsubscribe link in any marketing message.

7.5 Cookies and tracking

See Section 5 for cookie and tracking choices, including how to use Global Privacy Control.

8. Your state privacy rights

Depending on where you live, you may have specific rights regarding your personal information.

8.1 Rights available under state law

Residents of California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Tennessee, Delaware, Indiana, Florida, New Hampshire, New Jersey, Kentucky, Maryland, Minnesota, Rhode Island, and other states with comprehensive privacy laws may have some or all of the following rights, subject to applicable exceptions:

Right to know / access — request information about the categories and specific pieces of personal information we have collected about you.

Right to delete — request that we delete personal information we have collected from you.

Right to correct — request that we correct inaccurate personal information.

Right to opt out of sale or sharing — opt out of the sale or sharing of your personal information for cross-context behavioral advertising. LORE does not sell personal information for money but does share information for behavioral advertising as described in Section 4.7.

Right to limit use of sensitive personal information — in California, request that we limit our use of sensitive personal information to purposes specified by law. As described in Section 2.4, we do not use sensitive personal information for purposes that would trigger this right.

Right to opt out of profiling — opt out of profiling in furtherance of decisions that produce legal or similarly significant effects. We do not currently engage in such profiling.

Right to data portability — request a copy of your personal information in a portable format.

Right against discrimination / retaliation — we will not deny services, charge different prices, or provide a different level of quality because you exercise a privacy right.

8.2 California-specific disclosures (last 12 months)

The following table summarizes the categories of personal information we have collected, used, and disclosed in the preceding 12 months, as required by the California Consumer Privacy Act (as amended).

Sources of information — we collect personal information directly from you, automatically when you use the Platform, and from third parties as described in Section 2.

Business and commercial purposes — we use personal information for the purposes described in Section 3.

Retention — see Section 9.

8.3 How to exercise your rights

You can submit a privacy rights request by:

Emailing us at begin@joinlore.co with “Privacy Rights Request” in the subject line; or

Using the in-app privacy controls (where available).

We will verify your identity before responding to a substantive request. We may ask you to confirm information already associated with your account or to provide additional information needed to confirm your identity, depending on the nature of the request and the sensitivity of the information involved.

We respond to verifiable requests within the time required by applicable law. In some cases, we may decline or limit a request as permitted by law (for example, where we cannot verify your identity, where the request would compromise the privacy of others, or where applicable exceptions apply).

8.4 Authorized agents

You may designate an authorized agent to make a request on your behalf. We may require the agent to provide proof of authorization and may require you to verify your own identity directly with us.

8.5 Appeals

If we deny your request, you may appeal that decision by emailing begin@joinlore.co with “Privacy Appeal” in the subject line. We will respond within the time required by applicable law.

8.6 Shine the Light (California)

California residents may also request information about our disclosure of personal information to third parties for their direct marketing purposes under California Civil Code § 1798.83. We do not disclose personal information to third parties for their own direct marketing purposes.

9. Data retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Factors we consider when determining retention periods include:

the duration of your relationship with LORE and your continued use of the Platform;

the nature and sensitivity of the personal information;

legal, regulatory, accounting, tax, audit, dispute, and reporting obligations;

the existence and length of applicable statutes of limitations;

our legitimate business needs, such as fraud prevention, security, and analytics; and

your privacy choices and preferences.

When personal information is no longer needed, we will delete, de-identify, or aggregate it, except where we are required to retain it by law.

10. Data security

We use administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, loss, or destruction. We require our service providers to implement appropriate safeguards. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

If you believe your account or information has been compromised, please contact us at begin@joinlore.co

11. Children’s privacy

The Platform is intended for users aged 18 and older. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will delete that information promptly.

If you believe a child under 18 may have provided us with personal information, please contact us at begin@joinlore.co

12. International users

LORE is based in the United States and the Platform is intended for residents of the United States. We do not direct the Platform to users in the European Economic Area, the United Kingdom, or other jurisdictions outside the United States. If you access the Platform from outside the United States, your personal information will be processed in the United States and may be subject to laws different from those in your country.

13. Third-party links and services

The Platform may contain links to, or integrate with, third-party websites, apps, or services that have their own privacy practices. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party services you use.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated Privacy Policy on the Platform and update the “Last updated” date at the top. For material changes, we will provide reasonable advance notice by email, in-app notification, or another reasonable method. Your continued use of the Platform after changes become effective constitutes acceptance of the updated Privacy Policy.

15. Contact us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, you can reach us at:

Email: begin@joinlore.co

Postal mail: Lore Experiences Inc., 30 Crosby street #3B New York, NY, 10013