The data controller is Butr Inc. (Québec enterprise no. 1174469701, Montréal, Canada), operating this page for the artists ARCH and Nico de Andrea. For anything privacy-related, write to noreply@arch.music.
| Data | When | Why |
|---|---|---|
| Phone number | You type it in and verify it with a code | Guestlist identity, texting you the event address, reminders, and the release link |
| Name | RSVP step 2 | Matching you against our personal invite list |
| RSVP step 2, confirmed by a click | Confirmation, calendar invite, presave + release updates | |
| Consent records | Each opt-in/opt-out | Legal proof of your consent (timestamp, IP, browser) |
| Usage data | Automatically while you browse | Page views and button clicks (aggregate), IP and browser type for security and de-duplication |
We collect nothing else. No payment data, no contact-list access, no precise location.
We process your data on the basis of consent (texts, emails — you opt in explicitly and can withdraw anytime), legitimate interest (running a secure, functional guestlist; measuring whether the page works), and legal obligation (keeping consent records that anti-spam laws like CASL and the TCPA require us to keep).
We don't sell or rent personal data, ever. A small set of service providers process it on our instructions, strictly to run this page:
Your mobile opt-in and consent data are never shared with third parties for their own marketing. Because these providers operate in the United States, your data may be stored or processed there, where privacy law differs from Canadian and EU standards; we limit what's shared to the minimum needed.
Guestlist data lives until shortly after the release campaign wraps, after which we either delete it or keep it only in our artist contact list if you opted into ongoing updates. Consent logs are retained as long as anti-spam law requires. Aggregate stats (counts, never identities) may be kept indefinitely.
Depending on where you live (Québec's Law 25, PIPEDA, GDPR, CCPA), you can ask us to: access what we hold about you, correct it, delete it, export it, or stop processing it. One email to noreply@arch.music does it — we answer within 30 days. You can also complain to your privacy regulator (in Québec: the Commission d'accès à l'information).
Quick exits, no email needed: reply STOP to any text · click unsubscribe in any email.
This site is nearly cookie-free, and entirely tracker-free:
Because we don't use optional cookies, there's no cookie banner: there's nothing to opt out of on our side.
Data lives in encrypted infrastructure (TLS in transit, encrypted at rest), access is limited to the people running the event, secrets are vaulted, and phone ownership is verified by code precisely so nobody can register a number that isn't theirs.
This event and site are not directed at children under 14, and we don't knowingly collect their data. If you believe a minor's data ended up with us, email us and we'll delete it promptly.
If we change this policy in a meaningful way, we'll update the effective date above and, for significant changes, tell you by text or email before the change applies to you.
Butr Inc. · Montréal, Québec, Canada · noreply@arch.music