Last updated July 6, 2026
Privacy policy
This policy explains the MVP data model for voting, integrity checks, authentication, and aggregate ranking analytics.
Data we collect
Votes may include country selection, vote type, ranking category, reason category, intensity, timestamp, optional note, optional account ID, hashed IP signal, hashed device signal, hashed user-agent signal, and anti-abuse metadata such as duplicate-risk and bot-risk scores.
Data we avoid
The product is designed not to store raw IP addresses long-term, precise location, protected personal attributes, public comment profiles, direct messages, or public free-text comments in the MVP.
How data is used
Data is used to calculate aggregate rankings, detect manipulation, enforce rate limits, moderate unsafe submissions, improve methodology, generate trend snapshots, and protect the integrity of the index.
Verified accounts
If you sign in, Supabase Auth may process your email address and authentication metadata. Verified users may receive higher trust weighting and per-country voting limits.
Service providers
Configured providers may include Supabase for database/auth, Upstash for rate limiting, Inngest for background jobs, Cloudflare Turnstile for bot checks, PostHog for analytics, Sentry for error monitoring, and Resend for operational email.
Retention and deletion
Raw vote records are kept for integrity, audit, and recalculation needs. Aggregated snapshots may be retained indefinitely. Production retention windows should be reviewed before launch based on legal and operational requirements.
Your choices
You can avoid optional notes, vote anonymously, or use a verified account. Requests about account data, deletion, or corrections should be handled through the production support channel once configured.