Collectors
Collectors

Privacy Policy

We believe respecting your data means respecting you as a person. This policy explains what we collect, how we use it, and what we will not do.

Last updated: 2026-05-07

What we collect

From OnceAccount SSO: your email, display name, avatar. OnceKeeper does not store passwords on its own.

Provided by you: bio, post content, comments, TOP_PICK answers, shelf names and tags.

Automatically (server logs): IP address, browser user-agent, page-view trail, mouse-trace data (used by admins to improve UX; on by default, opt-out coming).

Cookies: login token, locale preference (NEXT_LOCALE), an anonymous traffic-tracking ID. We do not use third-party advertising cookies.

How we use your data

Provide core service: render your posts, comments, follows.

Send notifications: new followers, new comments, TOP_PICK review results (you can disable in notification settings).

Prevent abuse: detect spam, automation attacks, policy violations.

Improve the product: anonymous analytics on which features are used and where users get stuck.

What we don't do

We do not sell your data to anyone.

We do not run ad profiling or use your browsing history to segment you for advertisers.

We do not share your personal data with advertisers, marketing firms, or data brokers.

We do not silently track you across other websites.

Third-party services

OnceAccount (auth.oncehit.com) — single sign-on and account management. Data is governed by the same group's privacy policy.

AWS SES — used to send notification emails via Amazon Simple Email Service. AWS does not see message content for marketing purposes.

Server hosting — infrastructure providers may incidentally access server data during operations, under contractual NDA.

Your rights

Access — you can request a copy of your posts, comments, and shelves at any time (contact support).

Correct — personal info can be edited directly under Settings.

Delete — you can delete individual posts / comments / shelves, or request full account deletion (see Data Deletion page).

Withdraw consent — you can disable email notifications anytime; deactivating the account withdraws all consents.

Appeal — if you disagree with a moderation action, you can submit an appeal (the form opens automatically when suspended / banned).

Data retention

Active accounts: data is kept while needed to provide the service.

After account deletion: full deletion within 14 days. Audit logs (admin moderation actions) are retained for 1 year as required. Email delivery logs are retained 90 days for debugging — no message content with PII.

Backups: database backups are kept for 30 days then automatically purged; deleted data inside backups is never restored.

Cookies & children's privacy

This service is not directed at children under 13 and we do not knowingly collect data about them. Any underage account discovered will be removed immediately.

Necessary cookies include: login session, locale preference, CSRF token. You may disable them in your browser, but some features will not work.

Changes & contact

We may update this policy periodically. Material changes will be announced on-site for 30 days.

Continued use means you accept the new version; if you don't, you can choose to delete your account.

For any privacy-related questions, please reach us via the support email in the footer.