Beta Notice
GhostNot is currently in beta. During the beta period, no real payments are being collected or processed. Payment information entered is handled by Stripe in test mode and is not charged.
1. Information We Collect
We collect information you provide directly and information generated through your use of the Service:
- Account data: Email address, name, and profile information you provide during registration.
- Payment data: Payment method details are processed and stored by Stripe. We do not store full card numbers.
- Meeting data: Meeting schedules, attendance records, stake amounts, and verification outcomes.
- Calendar data: If you connect Google Calendar, we access meeting participation data for attendance verification. We do not read the content of your other calendar events.
- Usage data: Browser type, IP address, pages visited, and interaction patterns for analytics and security.
- Trust score data: Calculated reputation metrics based on your meeting history.
2. How We Use Your Information
- Provide and operate the Service
- Process stake holds, captures, and refunds via Stripe
- Verify meeting attendance through calendar APIs
- Calculate and display trust scores
- Send transactional emails (booking confirmations, verification requests, stake outcomes)
- Detect and prevent fraud and abuse
- Improve the Service and develop new features
3. Information Sharing
We share your information only in these cases:
- Meeting counterparts: Your name and trust score are visible to people you have meetings with.
- Public booking pages: If you are a host, your name, avatar, and trust score are publicly visible on your booking page.
- Service providers: We use Stripe (payments), Supabase (database), Vercel (hosting), Resend (email), and Sentry (error tracking).
- Legal requirements: If required by law, regulation, or legal process.
We do not sell your personal information to third parties.
4. Data Security
We use industry-standard security measures including encrypted connections (TLS), row-level security on our database, encrypted OAuth tokens, and rate limiting. Payment data is handled entirely by Stripe and never touches our servers.
5. Data Retention
We retain your account data and meeting history for as long as your account is active. If you delete your account, your data is scheduled for deletion after a 30-day grace period. After deletion, we may retain anonymized, aggregated data for analytics purposes.
6. Your Rights
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your account and associated data
- Export your data
- Disconnect calendar integrations at any time
- Opt out of non-essential emails
To exercise these rights, visit your dashboard settings or email hello@updates.ghostnot.com.
7. Cookies
We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. Analytics data is collected through Sentry for error monitoring only.
8. Children's Privacy
The Service is not intended for users under 18. We do not knowingly collect information from children under 18.
9. Changes to This Policy
We may update this policy periodically. We will notify users of material changes via email. Continued use of the Service after changes constitutes acceptance.
10. Contact
Questions about privacy? Email us at hello@updates.ghostnot.com.