A short note on privacy.

We collect three categories of information.

Account

Your email address, display name, and (if you sign in with Google) your Google account ID and avatar URL. These come from Better Auth at the moment of sign-in.

Activity

Submissions, votes, comments, and reports you create. These are attributed to your account on the site.

Technical

Standard server logs — IP address, user-agent, request path, timestamp — held briefly for abuse prevention and debugging.

We do not collect tracking pixels, behavioral profiles, or cross-site identifiers. There is no marketing analytics suite on this site.

We use what we collect to (a) authenticate you, (b) attribute your public contributions, (c) verify founder status and admit you to the Founder Club Discord, (d) keep the platform free of vote rings and abuse, and (e) reply when you write to us. That’s the full list.

We do not sell, rent, or trade your data. We do not feed it to ad networks. We do not train external models on your private content.

Your account and content are stored in a Turso (libSQL) database with replication in our hosting provider’s regional infrastructure. Application code runs on Vercel. Static assets are served from Vercel’s CDN.

We retain account data while your account is active. When you delete your account, we remove personal identifiers within thirty days. Public contributions you authored may remain visible in anonymized form (e.g., displayed as “deleted user”) so that comment threads remain readable.

We use a single first-party session cookie issued by Better Auth. It exists only to keep you logged in. We do not use third-party advertising cookies, fingerprinting, or session-replay tools.

If you sign in with Google, the OAuth handshake briefly sets the cookies required by Google’s consent flow. Once you’re signed in, only our own session cookie remains.

We rely on a small set of vendors to operate the site. Each one receives only the data necessary for its role.

• Vercel — application hosting and static asset delivery.
• Turso — libSQL database for accounts and content.
• Google — OAuth sign-in, if you choose it.
• Discord — Founder Club community, for verified founders only.

You have the right to access, correct, export, or delete your data. Most of this you can do from your account settings. For anything else, write to us and we’ll respond within fifteen business days.

If you are in the European Economic Area, the United Kingdom, or California, additional statutory rights apply (e.g., GDPR Articles 15–22, CPRA §1798.100 et seq.). The mechanism is the same: ask us, and we’ll comply.

SuperPublic is not intended for anyone under the age of sixteen. We do not knowingly collect data from children. If you believe a child has created an account, please write to us and we will remove it.

We may update this notice as the product evolves. Material changes — anything that broadens what we collect or who receives it — will be announced on the site and, where possible, by email to active accounts. The version and effective date at the top of this page always reflect the latest revision.

For privacy questions, takedowns, data exports, or anything else you’d like us to know — hello@superpublic.org.

We read every message. We won’t hand you off to a ticket robot.