Privacy Policy

1. Information We Collect

Automatically Collected

• Device identifier: A random ID stored in a cookie to maintain your session
• IP address: Used temporarily for rate limiting and abuse prevention
• Messages: The content you post (automatically deleted after 30 days)

Optionally Provided

• Display name: Optional nickname shown with your messages
• Handle: Unique username if you claim an identity with a passkey
• Passkey credential: Public key for authentication (if claimed)

2. How We Use Information

• Display your messages to other users
• Prevent spam and abuse through rate limiting
• Moderate content for policy violations
• Authenticate claimed identities

3. Data Retention

Account Deletion Process

If a claimed account has no sign-ins or messages for 31 consecutive days, the following happens automatically:

• The username (handle) is released and becomes available for others
• All registered passkeys are deleted
• All active sessions are revoked
• The underlying identity record remains but is no longer tied to any handle

Unclaimed guest identities with no messages are deleted after 30 days of inactivity.

4. Data Sharing

We do not sell your data. We may share information only:

• When required by law or legal process
• To protect safety or prevent fraud
• With service providers who assist in operating the platform

5. Cookies

We use essential cookies only:

• did: Device identifier for session continuity
• sid: Session ID for claimed identities

We do not use tracking cookies or third-party analytics.

6. Your Rights

You have the right to:

• Request deletion of your data
• Clear your cookies to reset your device identity
• Use the service without claiming an identity

7. Security

We implement reasonable security measures including encryption in transit (HTTPS), secure cookie settings, and regular security reviews. However, no system is 100% secure.

8. Contact

For privacy inquiries or data deletion requests: [email protected]