Privacy Policy
Last updated: May 2026
1. Information We Collect
When you create an account, we collect your email address and any profile information you provide. When you post, we collect your GPS coordinates, the text or video content of your post, and the timestamp. We also collect standard server logs (IP address, browser type) for security purposes.
2. How We Use Your Location
GPS coordinates are central to SUP's mission. Your precise location is captured at post time to verify that you were physically present at the reported incident. Your location is stored server-side and attached to your post. Other users see the location of the incident, not your precise GPS trace.
3. What We Share
Posts you submit (including their approximate location and content) are visible to other SUP users after moderation. We do not sell your personal data to third parties. We may share data with service providers (Supabase, Vercel) who process it on our behalf under confidentiality agreements.
4. Data Retention
Posts and associated data are retained for as long as your account is active. You may request deletion of your account and all associated data by emailing us. Some data may be retained in backups for up to 90 days after deletion.
5. Security
We use industry-standard encryption (TLS) for data in transit and rely on Supabase's security infrastructure for data at rest. We enforce row-level security on all database tables to prevent unauthorized access.
6. Your Rights
You may access, correct, or delete your personal data at any time through your account settings or by contacting us. If you are in the EU or UK, you have additional rights under GDPR/UK GDPR including the right to portability and the right to lodge a complaint with a supervisory authority.
7. Contact
Questions about this policy? privacy@seewhatsup.com