The short version
We collect the bare minimum needed to run the Service: your email (for sign-in), your saved rack designs, and basic site analytics. We don't sell your data. We don't run a newsletter you didn't opt into. The full policy — formal scope, retention periods, GDPR/CCPA disclosures, processor list — lands here before Stripe goes live.
Coming soon
The detailed Privacy Policy is in drafting and will be published here before the paid launch. Until then, the operating principles below describe how the Service handles your data today.
What we collect today
- Email address — used solely for passwordless magic-link sign-in via Supabase Auth.
- Rack designs — the rack configurations you create are stored under your account so you can come back to them.
- Usage events — basic, aggregate analytics (pageviews, button clicks). No cross-site tracking. No advertising profiles.
What we don't do
- We don't sell, rent, or share your personal data with advertisers.
- We don't add you to a marketing list unless you explicitly subscribe.
- We don't run third-party advertising or retargeting on this site.
Who processes data on our behalf
- Supabase — database, authentication, and email delivery for magic-link sign-in.
- Stripe (once paid features launch) — payment processing. We do not store your full card details.
- Vercel (planned) — site hosting.
Your rights
You can request a copy of your data, correct it, or delete your account and associated rack designs at any time by emailing us through the contact form. We'll respond within a reasonable window — usually a few days, sometimes a week.
Questions in the meantime? Contact us →
