Legal · Privacy
Privacy, handled with operational clarity.
Effective April 22, 2026. This notice explains how Story handles personal data across the website, tours, memberships, bookings, events, visitor workflows, billing, and member-facing digital tools.
Fast wifiBottomless Quills coffeeCommunity24/7 accessPhone boothsWellness roomEventsElixir kombucha on tapFast wifiBottomless Quills coffeeCommunity24/7 accessPhone boothsWellness roomEventsElixir kombucha on tap
What Story collects
Information tied to people, places, and the services they use.
- Names, emails, phone numbers, company details, billing contacts, and account-profile information.
- Tour requests, event registrations, membership applications, agreements, support messages, and marketing preferences.
- Bookings, room usage, guest preregistration, visitor records, check-ins, and other operational activity tied to Story services.
- Invoice records, payment status, and transaction metadata. Full payment-card data is typically handled by payment providers rather than stored directly by Story.
- Browser, device, cookie, network, and product-usage signals collected automatically from the website and digital tools.
- Access logs, security records, and facility-related information where needed to keep the space, staff, and members safe.
Why Story processes it
To run the workspace, support the relationship, and protect the room.
Story uses personal data to answer inquiries, schedule tours, manage memberships, administer bookings, coordinate guests and visitors, support billing and payments, troubleshoot issues, improve digital services, and communicate with members, prospects, and guests.
Depending on context, Story relies on contract performance, legitimate operational interests, consent, or legal obligations. Marketing messages are permission-based where required, and operational communications can still be sent when they are necessary to deliver a requested service or manage an active relationship.
Depending on context, Story relies on contract performance, legitimate operational interests, consent, or legal obligations. Marketing messages are permission-based where required, and operational communications can still be sent when they are necessary to deliver a requested service or manage an active relationship.
Roles and responsibility
Sometimes Story decides the purpose. Sometimes a member company does.
Story is usually the data controller for the public website, tours, memberships, billing, events, facility operations, visitor handling, safety practices, and direct communications.
If a member company, team admin, or host submits employee, contractor, or guest data through Story tools to manage access, bookings, or invitations, that organization remains responsible for its own notices and instructions. Story processes that information to deliver the requested service and applies the processor terms described in the Data Processing Addendum.
If a member company, team admin, or host submits employee, contractor, or guest data through Story tools to manage access, bookings, or invitations, that organization remains responsible for its own notices and instructions. Story processes that information to deliver the requested service and applies the processor terms described in the Data Processing Addendum.
Core privacy commitments
The operating rules behind sharing, retention, cookies, and individual rights.
Internal accessStory limits personal-data access to team members and contractors who need it for memberships, bookings, billing, events, support, visitor operations, or space security.
Trusted vendorsStory may use vetted vendors for payments, scheduling, email, hosting, analytics, access control, support, and similar operational functions.
Cookies and analyticsStory uses cookies and similar tools to keep the website working, understand traffic, remember preferences, and improve digital experiences.
RetentionStory keeps data only as long as reasonably needed for the relationship, workspace operations, accounting, security, dispute resolution, and legal compliance.
TransfersSome Story vendors may process data outside your state or country. Story uses reasonable contractual and operational safeguards when those transfers occur.
Your rightsYou can ask to access, correct, delete, or limit certain uses of your data where applicable, and you can opt out of marketing messages at any time.
Questions and requests
Need a copy, correction, or deletion request? Start with the team.
Story may update this notice as its services, vendor stack, or legal obligations evolve. When the changes are material, Story will update the public version of this notice and use the effective date above to show when it changed.
If you have a privacy question, want to access or correct information, or need help understanding how Story handles personal data, contact:
info@storylouisville.com
Story Louisville
828 E Market St.
Louisville, KY 40206
If you have a privacy question, want to access or correct information, or need help understanding how Story handles personal data, contact:
info@storylouisville.com
Story Louisville
828 E Market St.
Louisville, KY 40206