Privacy Policy

Last updated: 2026-05-13

We collect the minimum to run the site and never sell anything.

What we collect

• Account info (only if you sign up): email + bcrypt-hashed password. Optional: founder feedback text.
• Per-user app state: your saved sub lists, saved tiles, settings. Stored to sync across your devices.
• Pageviews + events: anonymous. No IPs, no cookies, no fingerprints. User-agent bucketed to mobile/desktop/bot only.
• Session replay (Microsoft Clarity): while enabled, Clarity records mouse/scroll/click events on the rendered page. Disable in browser by blocking clarity.ms.

What we don't

• No Google Analytics.
• No ad networks, no retargeting.
• No selling data — ever.
• No tracking across other sites.

Where it lives

SQLite on a Contabo VPS in Germany. Daily backups, 14-day retention. We're working on encryption at rest.

Your rights

You can request a copy of your data, deletion of your account, or correction of any field by emailing privacy@reddiflow.fun. We respond within 30 days.

Cookies

We use one cookie for sign-in sessions (HttpOnly, SameSite=Lax). That's it.

Email

Account emails (sign-in links, submission confirmations) go through Resend. Promo emails include a one-click unsubscribe at the footer.

Questions? Email legal@reddiflow.fun.