Privacy Policy

Last updated: February 9, 2026

1. Information We Collect

We collect the following information to operate this service:

Account Information (registered users)

  • Email address
  • Password (securely hashed — we never store or see your plain-text password)
  • Display name (auto-generated, customisable by premium users)
  • Avatar URL and bio (optional, user-provided)

Automatically Collected Data

  • Device fingerprint (anonymous one-way hash based on browser and device characteristics)
  • Browser information (user agent, screen size, timezone)
  • IP address (for rate limiting and abuse prevention)

User-Submitted Content

  • Report content (ratings, visit date, notes you provide)
  • Location data (venue coordinates you place on the map)
  • Flags and feedback you submit

Analytics Data

  • Page view data (session ID, referrer, device type, city)

2. How We Use Information

We use collected information to:

  • Authenticate and manage your account
  • Prevent spam and abuse of the platform
  • Enforce rate limits to ensure fair usage
  • Display reports and public profile information to other users
  • Improve and maintain the service
  • Detect and prevent fraudulent activity
  • Send transactional emails (e.g. password resets)

3. Account Data & Anonymous Usage

If you create an account, we store your email address and a securely hashed password. Authentication credentials are managed by Supabase Auth and your plain-text password is never stored in our database.

You may also use the platform without an account. Anonymous usage relies on a one-way device fingerprint hash that cannot be reversed to identify individuals.

We do NOT collect:

  • Phone numbers, physical addresses, or government-issued IDs
  • Tracking cookies for advertising
  • Payment card details directly (future payments are handled by Stripe)

4. Data Selling & Sharing

We do not sell, rent, or trade your personal information to third parties. We only share data in the following limited circumstances:

  • With service providers who help us operate the platform (see Third-Party Services below)
  • When required by law, subpoena, court order, or other legal process
  • To protect the rights, safety, or property of RubRadar, our users, or the public
  • In connection with a merger, acquisition, or sale of assets (you would be notified)

5. Data Storage

Data is stored securely using industry-standard encryption with:

  • Supabase (PostgreSQL database) for reports, venue data, and authentication
  • Upstash (Redis) for temporary rate limiting data
  • Vercel for hosting and analytics
  • Authentication credentials are managed by Supabase Auth with industry-standard hashing

6. Data Retention

  • Account data: Stored for the lifetime of your account unless you request deletion
  • Reports: Stored indefinitely unless deleted
  • Rate limit data: Automatically deleted after 7 days
  • Soft-deleted reports: Permanently purged after 30 days
  • View analytics: Stored indefinitely in aggregate

7. Your Rights

You have the right to:

  • Request deletion of your account and all associated data
  • Request deletion of individual reports
  • Object to processing of your data
  • Request a copy of your data
  • Withdraw consent at any time

To exercise any of these rights, contact us at contact@rubradar.com or use the account settings in the app.

8. Cookies and Local Storage

We use sessionStorage to cache your device fingerprint for consistency. If you are logged in, we use authentication session cookies to keep you signed in. We do not use tracking cookies for advertising or cross-site tracking.

9. Third-Party Services

We use the following third-party services:

  • Supabase: Database hosting and authentication
  • Vercel: Hosting and analytics
  • Upstash: Rate limiting and caching
  • Cloudflare Turnstile: CAPTCHA verification

Each service has its own privacy policy. We do not share your data beyond what is necessary to operate the service.

10. International Users

Data may be processed in the United States or other countries where our service providers operate. By using this service, you consent to the transfer of your information to these locations.

11. Children's Privacy

This service is not intended for users under 18 years of age. We do not knowingly collect information from children.

12. Changes to Privacy Policy

We may update this privacy policy from time to time. Please check back periodically for changes. Your continued use of the service after changes constitutes acceptance.

13. Contact

For privacy concerns or data requests, please contact us at contact@rubradar.com