1. Information We Collect
We collect the following types of information:
- Account information: email address, name (optional), and hashed password when you create an account.
- Connected platform data: when you link Bluesky or Reddit, we store OAuth tokens and your public handle/username to fetch your feed. We do not store your platform passwords.
- Usage data: pages visited, features used, and error logs for improving the Service.
- Payment information: processed and stored by Stripe. We do not store credit card numbers on our servers.
2. How We Use Your Information
- To provide and maintain the Service
- To fetch and score your social media feeds
- To process payments and manage subscriptions
- To send transactional emails (verification, password reset)
- To monitor and improve performance and reliability
3. Third-Party Services
We use the following third-party services that may process your data:
- Supabase: database hosting (PostgreSQL). Stores account data and scored posts.
- Stripe: payment processing. Handles all billing and subscription data.
- Resend: transactional email delivery (verification, password reset emails).
- Upstash: Redis caching and rate limiting. Stores temporary session and cache data.
- Sentry: error tracking and performance monitoring.
- Anthropic (Claude AI): AI-powered content scoring. Post text is sent to the API for analysis but is not stored by Anthropic beyond the request.
- Vercel: hosting and deployment infrastructure.
4. Cookies
ClearFeed uses the following cookies:
- cf_user: authentication session token (httpOnly, secure). Expires after 30 days.
- cf_bsky: Bluesky OAuth session (httpOnly, secure). Expires after 30 days.
- cf_reddit: Reddit OAuth session (httpOnly, secure). Expires after 30 days.
We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
5. Data Retention
Account data is retained as long as your account is active. Scored posts are retained for up to 7 days in our database. OAuth tokens are stored for the duration of your platform connection and deleted when you disconnect. You can request deletion of all your data by contacting us.
6. Data Security
We implement industry-standard security measures including encrypted connections (HTTPS), hashed passwords (bcrypt), httpOnly secure cookies, and rate limiting. However, no method of transmission over the Internet is 100% secure.
7. Your Rights
You have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Disconnect linked social media accounts at any time
- Cancel your subscription at any time
8. Children's Privacy
ClearFeed is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us.
9. Changes to This Policy
We may update this privacy policy at any time. We will notify registered users of material changes via email. Continued use of the Service after changes constitutes acceptance of the updated policy.