Privacy
OpenConcert is a public directory of ensembles, venues, concerts, composers, and works. The site, JSON API, and MCP endpoint are designed to make already-public community music information easier for people and AI assistants to find without scraping bespoke websites.
What is public
Directory records may include ensemble names, public contact emails, official websites, venue names and addresses, concert dates, programme details, composer and work names, ticket links, and source/provenance notes. Public ensemble contact emails and venue addresses are included only when they have been published by an ensemble, venue, organiser, or supplied for publication.
Using the website, API, or MCP tools
OpenConcert does not require accounts. Searches and MCP tool calls may include the details needed to answer your request, such as search terms, date filters, composer filters, ensemble slugs, event identifiers, locality text, and—when you use proximity search—latitude, longitude, and radius values (sent as lat, lng, and radius_km in API query parameters or MCP tool arguments). Do not send precise coordinates unless you want OpenConcert to use them for that search.
OpenConcert does not request or collect payment-card data, government identifiers, protected health information, passwords, API keys, MFA/OTP codes, or raw ChatGPT/chat transcripts.
Email updates and submissions
If you choose to email updates@openconcert.org, your email address, message, and attachments are received so we can verify or update listings. Messages and attachments may be read by maintainers and by AI assistants used to extract event or ensemble details. Attachments sent as private evidence are not republished unless you explicitly ask us to publish them or they are already public elsewhere.
Operational logs
OpenConcert runs on Cloudflare. Cloudflare and related infrastructure may process request metadata such as IP address, user agent, requested URL, timestamps, and error information for security, abuse prevention, analytics, and reliability. OpenConcert does not use these logs for behavioural profiling or advertising. Application-level operational logs that OpenConcert controls are retained for up to 30 days unless a longer period is needed to investigate abuse, security incidents, or reliability problems.
OpenConcert separately records aggregate counts of requests to Cloudflare Workers Analytics Engine. The dimensions kept are the request surface (HTML page, JSON API, or MCP endpoint), the matched route template (e.g. /events/:ensemble/:slug, never the resolved path or query string), the HTTP method and status, the MCP method and tool name when applicable, the User-Agent family bucket (e.g. claude, googlebot, browser), and the referer hostname only. No IP addresses, no full user agents, no event or ensemble identifiers, no query strings, and no referer paths are recorded. The resulting aggregates are published openly at openconcert.org/stats — concert listings are open data, and so is the count of who looks at them.
Third-party links and embeds
Some pages link to or embed third-party services such as venue maps, ticket pages, official ensemble pages, and Open Opus composer/work references. Those services receive information from your browser when you open or load their content, and their own privacy policies apply.
Source archiving
When OpenConcert cites a public website or PDF as the source for an ensemble profile, composer profile, or event listing, the cited URL is submitted to the Internet Archive's Wayback Machine via its Save Page Now service. The resulting snapshot URL is stored alongside the original in the OpenConcert record so the version we relied on stays accessible even if the upstream page later changes, moves, or disappears. Only the URL that is already cited is sent — never email contents, search terms, IP addresses, or other request metadata. The Internet Archive is an independent non-profit and its own terms of use apply to the snapshot itself. If you are an ensemble, venue, or site owner and would prefer a particular page not be archived, email updates@openconcert.org and we can drop the snapshot link from our records. Removing the snapshot itself is a separate request to the Internet Archive.
Your choices
- You can use the public website and API without creating an account.
- You can avoid optional email submissions if you do not want to send contact details or attachments.
- You can ask us to correct, remove, or review public data that concerns you or your ensemble.
Contact
For privacy questions, corrections, or vulnerability reports, email updates@openconcert.org.