privacy policy

last updated: february 2026

1. data we collect

  • account data: email address (used for authentication and notifications)
  • ideas: title, description, problem statement, monthly ask amount
  • pledges: which ideas you've pledged to and the monthly amount
  • comments: discussion content and display name
  • upvotes: which ideas you've upvoted
  • cell applications: organization name, description, skills, contact email

2. how we use your data

  • operate and maintain the platform
  • send notifications about ideas you've pledged to (new pledges, status changes, cell formation)
  • display aggregate statistics (total pledged, pledge counts) on the public idea board
  • communicate important platform updates

we do not sell your data. we do not use your data for advertising. we do not share your data with third parties for their marketing purposes.

3. third-party services

we use the following services to operate the platform:

  • supabase — database hosting and authentication (stores your account and platform data)
  • vercel — application hosting and CDN (serves the website)
  • resend — transactional email delivery (sends notification emails)

each service has its own privacy policy governing how they handle data processed on our behalf.

4. cookies

we use session cookies strictly for authentication (supabase auth tokens). we do not use tracking cookies, analytics cookies, or advertising cookies. there is no cookie banner because there is nothing to consent to beyond essential functionality.

5. data retention

your data is retained as long as your account is active. ideas, pledges, and comments remain on the platform as part of the community record. if you delete your account, your personal data is removed but contributions to ideas and discussions may be retained in anonymized form.

6. your rights

  • access: you can view all your data on your dashboard
  • deletion: contact us to delete your account and associated data
  • withdrawal: you can withdraw pledges at any time before cell formation
  • correction: contact us to correct any inaccurate personal data

7. security

we use row-level security on all database tables, HTTPS for all connections, and server-side authentication checks on every request. passwords are handled by supabase auth and never stored in plaintext.

8. changes to this policy

we may update this policy from time to time. significant changes will be communicated via email. the “last updated” date at the top reflects the most recent revision.

9. contact

privacy questions? reach out at ara.t.howard@gmail.com