Privacy Policy

The short version

We store the minimum needed to run a personalised feed: your email, your preferences, and which items you open. No advertising, no third-party trackers or analytics scripts, no selling data — ever. Card details go to Stripe, never to us. You can export or erase everything yourself from Settings.

What we collect

Account data — email address, optional display name, a salted password hash (Argon2id; we never store the password itself), and if you enable two-factor authentication, its secret. Preferences — vendors, categories, countries and other settings you pick. Usage — which feed items you open (this powers the Trending view and your personal brief), sources you submit, and standard server logs (IP address and requested URL, kept briefly for security and capacity). Billing — your Stripe customer id and subscription status. Card numbers are collected and stored by Stripe, not by us.

What we use it for

Running and personalising the Service; account emails (verification, password reset, security notices); billing; the email brief and alerts you explicitly opt into (switch them off any time in Settings); abuse prevention. We do not send marketing without consent, and we do not sell or share personal information with third parties for their own purposes.

Who processes it

Infrastructure: Amazon Web Services (Sydney region — your data lives in Australia); outbound email via AWS SES. Payments: Stripe (their privacy policy applies to payment data). These providers act as processors for us; no one else receives your data unless the law requires it.

Cookies

One cookie: an HttpOnly session cookie that keeps you signed in. No advertising or cross-site tracking cookies, so there's no cookie banner to click.

Retention

Account data is kept while your account exists. Click history feeds trending/briefs and is pruned over time. Server logs rotate automatically (bounded storage). When you delete your account, your profile, preferences, click history, tokens and private sources are erased immediately and your subscription is cancelled; Stripe retains transaction records it is legally required to keep. Encrypted server backups age out within ~7 days. One exception, kept for fraud prevention: a one-way hash of your email address and the date your free trial started — this contains no readable personal data and exists solely so a free trial can't be reused by deleting and re-creating an account.

Your rights

Access/portability — Settings → Export my data gives you everything as JSON, self-serve. Erasure — Settings → Delete account, immediate, no questions. Correction — email and password are self-serve in Settings. If you're in a jurisdiction with statutory privacy rights (e.g. the Australian Privacy Act, GDPR), we honour requests to the extent they apply — contact us below. You can complain to your local privacy regulator (in Australia, the OAIC).

Security

TLS everywhere, Argon2id password hashing, HttpOnly/Secure session cookies, CSRF protection, rate limiting, single-use hashed email tokens, and least-privilege infrastructure. No system is perfect: if we become aware of a breach affecting your data, we will notify you without undue delay.

Changes & contact

Material changes to this policy are emailed to account holders before they take effect. Questions or requests: contact@omenpoint.com.