Last updated: 2026-06-09

What we collect

We collect the minimum needed to run a community platform:

• Account data: email, name, optional bio/location/avatar/banner.
• Authentication: hashed session tokens and OAuth provider IDs (Google, Apple).
• Content you create: posts, comments, discussions, check-ins, photos, products, events.
• Payment data: handled by Stripe. We never see your card details.
• Email-list subscriptions: which lists you're on, when you joined, when you unsubscribed.
• Server logs: request timestamps, IP, user-agent. Retained for 30 days.

What we don't do

• We don't sell your data. Ever.
• We don't run third-party advertising trackers.
• We don't algorithmically rank your feed against your wishes.
• We don't share your email with creators you haven't subscribed to.

Your rights (GDPR)

If you're in the UK or EU, you have the right to:

• Access a full export of your data — request from your settings or by emailing privacy@sacrednetwork.org.
• Rectify incorrect data — your settings let you edit most of it directly.
• Erase your account and content. Account deletion is permanent and irreversible.
• Portability — export is in machine-readable JSON.
• Object to processing for marketing — you can unsubscribe from any email at any time.

Cookies

We use a minimal set of cookies, all functional:

• sn_access: short-lived session token (15 min)
• sn_refresh: long-lived refresh token (30 days)

No analytics cookies, no third-party tracking. If we ever add analytics, it will be privacy-respecting (Plausible or similar) and you'll see a banner first.

Data location

Sacred Network runs on a single VPS located in London, UK. Stripe and Resend (our email provider) operate globally; their data-processing terms govern those flows.

Contact

Questions or requests: privacy@sacrednetwork.org.