Privacy Policy

Last updated: March 1, 2026

1. Information We Collect

We collect the following types of information:

  • Account data: email address, display name, and authentication credentials (via email/password or Google OAuth)
  • Voting & engagement data: candidate votes, poll responses, matchmaker quiz answers, and hot take votes
  • User-generated content: chat messages, polls, and hot takes posted in The Arena
  • Payment data: processed securely by Stripe β€” we never store card numbers
  • Analytics data: pages visited, device type, browser, approximate location, and interaction patterns
  • Demographics: optional age range, political leaning, and location data provided during engagement

2. How We Use Your Data

  • Deliver and improve the Service (candidate matching, polls, Pulse analytics)
  • Process payments and manage subscriptions
  • Generate aggregated, anonymous analytics (e.g., Pulse demographic breakdowns)
  • Send transactional emails (account confirmation, payment receipts)
  • Send marketing communications (newsletter) β€” only with your consent, and you can unsubscribe anytime
  • Moderate user-generated content for safety

3. Third-Party Services

We share data with the following third-party services, solely for operating the Service:

  • Supabase β€” database hosting and authentication
  • Stripe β€” payment processing (PCI DSS compliant)
  • Google Analytics β€” website usage analytics
  • Microsoft Clarity β€” session replay and heatmaps for UX improvement
  • Google Gemini β€” AI-generated poll content (no personal data is sent)
  • Vercel β€” hosting and edge delivery

We do not sell your personal data to any third party.

4. Cookies & Tracking

We use cookies and similar technologies for authentication, analytics, and preferences. These include first-party session cookies (Supabase auth) and third-party analytics cookies (Google Analytics, Microsoft Clarity). You can manage cookie preferences through your browser settings.

5. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law (e.g., payment records for tax purposes). Aggregated, anonymized data may be retained indefinitely.

6. Data Security

We implement industry-standard security measures including encrypted connections (HTTPS/TLS), row-level security in our database, PCI-compliant payment processing through Stripe, and secure authentication via Supabase Auth. No system is 100% secure, and we cannot guarantee absolute security.

7. Children’s Privacy

The Service is not directed to children under 16. We do not knowingly collect personal data from children under 16. If we learn that we have collected data from a child under 16, we will delete it promptly.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by posting the updated policy on this page with a new β€œLast updated” date.

9. Contact

For privacy-related inquiries or data requests, please contact us.