Privacy Policy

Curio is pre-alpha. Best-effort privacy practices are described below, but the data store may be wiped or schema-migrated at any time. If we move to general availability we will publish a stronger policy and re-prompt for acceptance.

• OAuth identity — your email address, display name, profile picture URL, and the provider ID (Google sub or Discord ID) for whichever providers you sign in with.
• Profile — username, display name, avatar (uploaded or OAuth-derived), bio, social links, theme, and your acceptance of these policies.
• Tile content — anything you type into a tile (title, note, why-I-care, tags, era, etc.) and any source IDs (Steam app ID, YouTube channel handle, RSS URL) you connect.
• Public profile (opt-in only) — if and only if you toggle “Share my profile info publicly” in Account, your avatar / display name / bio / social links become visible at /u/your-name.
• Operational logs — Vercel and Supabase keep request, error, and authentication logs we did not author. Standard for the platforms we use.

No analytics tracker, no third-party advertising pixel, no fingerprint script, no behavioral profiling. If we ever add usage analytics we will bump this policy and re-prompt for acceptance.

When you (or someone you share a public profile with) views a tile backed by an X / Twitter post, the tile renders via X's official oEmbed mechanism. That loads X's platform.twitter.com/widgets.js script in your browser, which is subject to X's own privacy policy. We pass the dnt=true (Do Not Track) hint when fetching the embed metadata, but X may still set its own cookies on its script subdomain. Pages with no X tiles never load the script.

We use the above only to render your dashboard, your public profile (when opted in), and the live data on tiles you've connected to an external source. Cron jobs periodically refresh that live data using only the source IDs you provided.

We do not sell, rent, trade, or otherwise share your personal data with anyone. We rely on the following sub-processors strictly to operate Curio:

• Vercel — application hosting, CDN, and request logging.
• Supabase — Postgres database, authentication, and Storage (for snapshot images and avatar uploads).
• Google & Discord — OAuth identity providers; we receive only the basic profile fields you authorize.
• Source APIs you connect — when you add a Steam, YouTube, or RSS source, we make outbound requests to those providers using only the source ID you supply.

Curio sets only auth-session cookies via Supabase. No analytics cookies, no advertising cookies, no cross-site trackers.

Your data persists until either (a) you ask us to delete it, or (b) we wipe pre-alpha data during a schema break. Operational logs at Vercel and Supabase follow each platform's own retention policy (typically 7–30 days).

You can request deletion of your Curio account and all associated data by emailing itsrobertm@gmail.com. You can revoke Curio's OAuth permission at any time from your Google or Discord account settings. You can toggle public sharing on or off from the Account page at any time.

Curio is not intended for, nor knowingly used by, anyone under 16. If you believe a minor has signed up, email the address above and we will delete the account.

Curio is operated from the United States. Data is stored on Supabase's infrastructure (region varies). If you sign in from outside the US, your data is transferred to and processed in the US.

Material changes bump the version above and re-prompt every signed-in user to re-accept on their next visit. The previous version is considered superseded immediately upon the new version's effective date.

Questions, deletion requests, or any other privacy notice: itsrobertm@gmail.com.