Privacy

What we collect

• The email you sign in with (so we can send you a sign-in link and tie your account to your memberships).
• The display name you chose for each group you joined or created. Display names are per-group, never shared across groups.
• The plan lines, agreements, accomplishments, and acknowledgements you and other members write inside the app. These are stored in our Supabase Postgres database, encrypted at rest and in transit.

Who can see it

• Group content is visible only to members of the same group, enforced by Row Level Security at the database boundary.
• We never publish, sell, or share group content with third parties.
• Our infrastructure providers (Vercel for hosting, Supabase for auth + database, LemonSqueezy for billing, Resend for transactional email) see only what they need to run their slice of the service. Details are in our security model.

No tracking

We don't run third-party analytics, telemetry, or ad networks. The only telemetry the platform sees is Vercel's built-in routing logs, which record URLs (opaque group UUIDs), not group contents.

Your data, your call

• You can export your account's data as a JSON archive.
• You can leave any group; your past contributions remain in the audit trail (append-only) but you stop receiving new visibility.
• Email hello@group-project.pro if you want your account deleted; we'll confirm and process within a reasonable window.

Last updated: 2026-05-22 · placeholder; full policy in progress.