The most immersive horror escape rooms in America.
Book now

Cookies, tracking technologies & online data

Privacy Policy

← Back to home

Privacy Policy – Cookies, Tracking Technologies, and Online Data Use

Last updated: March 30, 2026

At THE BASEMENT: A Live Escape Room Experience (“The Basement,” “we,” “us,” or “our”), we respect your privacy and are committed to being transparent about how we collect, use, disclose, and protect personal information when you visit our website, interact with our booking tools, submit forms, communicate with us, or otherwise use our online services.

This section describes how we use cookies, pixels, tags, scripts, session replay tools, local storage, SDKs, device identifiers, log files, and similar technologies (collectively, “Tracking Technologies”) on our website and related digital properties.

1. What Are Cookies and Tracking Technologies?

Cookies are small text files placed on your browser or device when you visit a website. Some cookies are set by us, and others are set by our service providers or advertising/analytics partners. We may also use similar technologies such as pixels, tags, local storage objects, and server-side identifiers to recognize browsers or devices, remember preferences, measure activity, improve site functionality, support marketing efforts, and protect our systems. Websites and apps commonly use these tools to collect information about user activity and device/browser characteristics.

2. Categories of Information We May Collect Automatically

When you use our website, we and our partners may automatically collect information such as:

  • IP address
  • browser type and version
  • device type, operating system, and settings
  • unique online identifiers
  • pages viewed, links clicked, and referring/exit pages
  • date/time stamps
  • approximate geolocation inferred from IP
  • booking funnel activity and interactions with forms, buttons, or widgets
  • transaction and reservation-related metadata
  • crash data, performance data, and diagnostic information
  • information about suspicious, abusive, or potentially unauthorized activity

We may combine automatically collected information with information you provide directly, such as your name, email address, phone number, reservation details, and customer service communications, to the extent permitted by law. California law requires disclosure of categories of data collected and the purposes for which they are collected or used.

3. How We Use Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes:

A. Marketing and Advertising Cookies

We may use marketing and advertising cookies, pixels, and related technologies to:

  • measure the effectiveness of our advertising campaigns
  • understand which ads, keywords, or referral sources led you to our website
  • build audiences for advertising campaigns
  • deliver ads that are more relevant to users who have visited our website or interacted with our content
  • limit repetitive ads and measure ad frequency
  • attribute bookings, leads, or other conversions to marketing channels
  • support remarketing, retargeting, and cross-channel campaign optimization

Depending on how these tools are configured and which vendors are used, this activity may constitute “sharing” under California law when information is made available for cross-context behavioral advertising. California consumers may have the right to opt out of this kind of sale or sharing.

B. Analytics Cookies

We use analytics cookies and similar tools to:

  • understand how visitors use our website
  • measure traffic and engagement across pages and features
  • identify which content, promotions, or booking paths perform best
  • diagnose usability issues
  • improve website design, performance, and customer experience
  • understand aggregate booking behavior, campaign performance, and audience trends

These tools help us understand site activity and make informed improvements to our services and marketing efforts. Websites commonly use cookies and similar technologies for these purposes.

C. Functional Cookies

We use functional cookies and similar technologies to:

  • remember your preferences and settings
  • keep you logged in where applicable
  • preserve session state as you move through the website
  • support booking flows, carts, forms, and embedded reservation tools
  • remember selections such as location preferences or previously entered information
  • improve load balancing, accessibility, and general site operation

These technologies help the website work properly and provide a smoother, more consistent user experience.

D. Security, Fraud Prevention, and Misuse Detection Cookies

We use certain cookies, logs, scripts, and related technologies to protect our website, our customers, our staff, and our business. These technologies may be used to:

  • detect, investigate, and respond to security incidents
  • identify bots, credential stuffing, brute-force attacks, scraping, and other automated abuse
  • identify suspicious booking behavior, payment abuse, chargeback patterns, or misuse of reservations, discounts, gift cards, promo codes, or other site features
  • detect attempts to bypass system rules, overload the booking system, access restricted areas, exploit technical vulnerabilities, or interfere with site integrity
  • distinguish legitimate users from bad actors, including customers, former customers, staff members, contractors, or other persons attempting to misuse our systems
  • preserve evidence, debug incidents, enforce our terms, and support internal investigations or legal claims
  • help protect the physical safety of natural persons where relevant to threats, harassment, stalking, or other dangerous conduct

We may use these technologies even where a user has limited certain other forms of tracking, to the extent permitted by applicable law, because security and fraud-prevention functions are necessary to protect our services, users, and systems. California law recognizes uses of personal information to detect security incidents and resist malicious, deceptive, fraudulent, or illegal actions.

4. First-Party and Third-Party Cookies

Some cookies are set directly by The Basement (“first-party cookies”), while others are set by third parties that provide services to us, such as analytics vendors, booking and payment providers, hosting providers, advertising networks, embedded content providers, security vendors, and fraud-prevention tools.

These third parties may collect information over time and across different websites or services depending on their technology and your settings with them. Their use of information is governed by their own privacy notices and contractual arrangements with us, where applicable. California privacy rules distinguish among service providers, contractors, and third parties, and businesses must describe categories of third parties with whom they disclose data.

5. How Long Cookies Stay on Your Device

Some cookies are session cookies, which expire when you close your browser. Others are persistent cookies, which remain for a longer period until they expire or are deleted. Retention periods vary depending on the purpose of the cookie, our operational needs, and applicable legal requirements. We seek to retain personal information only for as long as reasonably necessary and proportionate for the disclosed purposes.

6. Your Choices Regarding Cookies

You may have several options to control cookies and similar technologies:

  • Browser settings. Most browsers allow you to block, restrict, or delete cookies.
  • Cookie preference tools. Where available, you may use our cookie banner or preference center to manage non-essential cookies.
  • Global Privacy Control. If our processing is subject to California opt-out requirements, we will process qualifying opt-out preference signals, such as Global Privacy Control, as required by law.
  • Advertising platform controls. You may also be able to manage ad preferences through third-party advertising settings.

Please note that blocking or disabling some cookies may affect site performance, booking functionality, user preferences, or certain website features. California guidance explains that consumers may opt out of sale or sharing and that opt-out preference signals such as GPC can communicate that choice automatically.

7. Do Not Sell or Share / Cross-Context Behavioral Advertising

To the extent applicable under California law, you may have the right to direct us not to sell or share your personal information. In this context, “share” has a specialized meaning related to making personal information available for cross-context behavioral advertising.

If we use third-party advertising or marketing technologies that involve this type of data use, California residents may submit an opt-out request through Do Not Sell or Share My Personal Information or by using a recognized opt-out preference signal where required by law. California consumers have a right to opt out of sale or sharing, including via Global Privacy Control in appropriate circumstances.

8. Notice to California Residents

If you are a California resident, you may have the right to request that we:

  • disclose the categories of personal information we collected about you
  • disclose the categories of sources from which personal information was collected
  • disclose the business or commercial purposes for collecting, using, selling, sharing, or disclosing personal information
  • disclose the categories of third parties, service providers, or contractors to whom personal information was disclosed
  • provide access to specific pieces of personal information, subject to legal exceptions
  • correct inaccurate personal information
  • delete personal information, subject to legal exceptions
  • opt out of the sale or sharing of personal information
  • limit the use and disclosure of sensitive personal information, where applicable

We will not discriminate against you for exercising applicable privacy rights. California authorities state that consumers may have rights to know, delete, correct, opt out of sale or sharing, and in some cases limit use of sensitive personal information.

9. How to Exercise Privacy Rights

To exercise applicable privacy rights, please contact us at:

We may need to verify your identity before processing certain requests. Authorized agents may also submit requests on your behalf where permitted by law. California guidance states businesses must explain their verification methods and instructions for authorized agents, and must generally confirm receipt of requests within 10 business days and respond within 45 calendar days, subject to extension where allowed.

10. Sensitive Information and Security-Related Processing

We do not use information collected through security and anti-abuse tools for unrelated purposes where prohibited by law. Information collected for security, fraud prevention, system integrity, and misuse detection may be used to investigate incidents, protect our customers and staff, enforce our policies, preserve evidence, and cooperate with law enforcement or legal process where appropriate.

Where applicable, we seek to limit our collection, use, retention, and disclosure of personal information to what is reasonably necessary and proportionate for the purposes described in this Policy. California law requires collection, use, retention, and sharing to be reasonably necessary and proportionate to disclosed purposes.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or business operations. When we do, we will update the “Last Updated” date above. If required by law, we will provide additional notice or obtain consent.

Last updated: March 30, 2026