Privacy Policy.

1. Introduction

Cult of the Disc ("we," "us," "the Service") respects your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

2. Information We Collect

We collect the following categories of information:

Account Information

• Email address (required for authentication)
• Display name
• Password (stored hashed by our authentication provider, Supabase)

Collection Data

• Physical media you catalog (titles, formats, condition, notes)
• Reviews, ratings, verdicts, and other user-generated content
• Personas and viewing preferences for recommendation features
• Watch/listen history you choose to log

Usage Data

• Pages visited, features used, timestamps
• Device information (browser, OS, general location)
• Error reports and performance data

The Altar (Purchase Requests)

• Your name, email, and message when you submit a purchase request
• Items you have expressed interest in

3. How We Use Your Information

• To provide and operate the Service
• To authenticate you and keep your account secure
• To generate personalized recommendations
• To deliver purchase requests to the seller
• To communicate with you about your account, updates, and support
• To detect and prevent fraud, abuse, and security incidents
• To improve the Service

4. Third-Party Services

We use the following third-party services, each with their own privacy policies:

• Supabase — authentication and database hosting
• Vercel — site hosting and analytics
• TMDB — film metadata lookup
• Discogs — vinyl and CD metadata lookup
• OpenAI — AI-powered shelf analysis and recommendations
• Resend — transactional email delivery (once enabled)
• Cloudflare Turnstile — bot protection on signup and forms (once enabled)

When you interact with features that use these services, relevant data may be transmitted to them. We do not sell your personal information to third parties.

5. Cookies and Local Storage

We use cookies and browser local storage to keep you signed in, remember your preferences, and operate core features. We do not use advertising cookies or cross-site tracking.

6. Data Retention

We retain your account and collection data for as long as your account is active. If you delete your account, we will delete your personal data within a reasonable time, except where we are required to retain it for legal, accounting, or security purposes.

7. Your Rights

Depending on where you live, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your account and associated data
• Export your data in a portable format
• Opt out of non-essential communications

To exercise any of these rights, contact shawn@cultofthedisc.com.

8. Security

We use industry-standard security practices, including encrypted connections (HTTPS), hashed password storage, and row-level security on the database. No system is perfectly secure; we cannot guarantee that unauthorized parties will never gain access.

9. Children's Privacy

The Service is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or an in-app notice. The "Last updated" date at the top of this policy reflects when changes were last made.

11. Contact

Questions about this Privacy Policy or how we handle your data? Contact shawn@cultofthedisc.com.