Last updated: February 2026
We collect information you provide directly when creating an account, including your name, email address, and any optional profile information. We also collect usage data such as pages visited, content interactions, and voting activity.
Your information is used to provide and improve our democratic engagement platform, personalize your experience, send important notifications about votes and proposals, and maintain the security of your account.
We do not sell your personal information. Your voting records are anonymized in public tallies. We may share aggregated, non-identifying statistics about platform usage.
We implement industry-standard security measures including encryption in transit and at rest, row-level security policies, and regular security audits. All data is stored securely with our infrastructure partners.
You have the right to access, correct, or delete your personal data at any time through your profile settings. You may also request a full export of your data or request account deletion by contacting us.
We use essential cookies for authentication and session management. We use privacy-preserving analytics that do not track individual users across sites. See our Cookie Policy for more details.
We use Plausible Analytics for privacy-respecting pageview statistics. Plausible does not set cookies, does not track users across sites, and does not retain IP addresses beyond what is needed to generate anonymised regional statistics. Shared event data is limited to the platform being used (for example, which share button was clicked) and coarse aggregates (for example, a bucketed length of a search query and the number of results). We never send raw search queries, content identifiers, or user identifiers to the analytics service.
When configured, we use Sentry for error tracking to help diagnose production issues. Our Sentry configuration strips personally identifying information before events are sent: cookies, authorization headers, IP addresses, and any request body or URL parameter whose key matches a personal-data pattern (email, password, token, session, access_token, and similar) are replaced with a redaction marker. We do not retain IP addresses in error events.
We may update this policy from time to time. We will notify registered users of any material changes via email or platform notification.
For privacy-related questions, please contact us through our contact page or email privacy@theglobalfederation.org.