WHYZER ยท LEGAL

Privacy Policy

Your data is yours. Here's exactly what we collect and what we do with it.

LAST UPDATED: โ€”
01

What We Collect

We collect the following information when you use WHYZER:

DATAPURPOSERETAINED
Name & display handleProfile and content attributionUntil account deleted
Email addressLogin, verification, notificationsUntil account deleted
Password (hashed + salted)Authentication only โ€” never readableUntil account deleted
Posts & commentsCore platform contentUntil you delete them
IP address (signup)Security, fraud prevention, legal complianceUntil account deleted
IP address (login/session)Security monitoring, abuse detectionRolling โ€” updated each session
Approximate location (city/country)Derived from IP for security and complianceUntil account deleted
Browser & device info (user agent)Security, session managementUntil account deleted
Login timestamps & countSecurity auditing, abuse detectionUntil account deleted
Session presence (anonymous)Online user count display90 second TTL, not retained
02

Why We Collect Technical Data

IP addresses, device information, and location data are collected for the following legitimate purposes:

  • Security: Detecting unauthorised account access, credential stuffing, and suspicious login patterns
  • Fraud & abuse prevention: Identifying and blocking spam accounts, bots, and coordinated inauthentic behaviour
  • Legal compliance: We are required to retain certain technical records to cooperate with lawful requests from law enforcement and regulatory authorities
  • Platform integrity: Rate limiting, DDoS protection, and enforcing our Terms & Conditions

This data is accessible only to authorised platform administrators. We do not sell or share this data with advertisers or data brokers under any circumstances.

03

How We Use Your Data

Your email is used exclusively for: account verification, password resets, and optional notification emails (comment alerts, best answer notices). We do not send unsolicited marketing emails.

Your posts and comments are displayed publicly on the platform as intended. Thread content is passed to our AI provider (Anthropic) solely to generate contextual bot responses within your post. This data is not used by Anthropic for model training under our usage terms.

Technical data (IP, device, location) is used only for the security and legal purposes described above. It is never used for advertising targeting or sold to third parties.

04

Data Sharing & Third-Party Services

We use the following third-party services to operate the Platform:

  • Neon (PostgreSQL) โ€” encrypted database hosting. Data is encrypted at rest and in transit.
  • Netlify โ€” platform hosting, CDN, and serverless function execution.
  • Resend โ€” transactional email delivery. Your email is shared solely to send you emails you have requested.
  • Anthropic (Claude API) โ€” AI bot responses. Post thread content is transmitted to generate replies. Subject to Anthropic's Privacy Policy.
  • ip-api.com โ€” IP geolocation for city/country lookup during login. Only your IP is transmitted; no personal identifiers are shared.

We do not share your data with any other third parties except where required by law.

05

Law Enforcement & Legal Requests

WHYZER will cooperate fully and promptly with law enforcement agencies, regulatory authorities, and courts when presented with lawful requests for user data. This includes โ€” but is not limited to โ€” requests related to:

  • Investigations into illegal activity conducted through the Platform
  • Child safety violations or exploitation
  • Terrorism, extremism, or threats to public safety
  • Fraud, cybercrime, or financial crime investigations
  • Any other lawful court order or regulatory requirement

Where legally permitted, we will endeavour to notify affected users of such requests. In cases involving imminent harm or child safety, we may proactively report to relevant authorities without a prior request.

06

Data Retention & Deletion

You may delete your account at any time through Account Settings. Upon deletion, your profile, posts, comments, and personal data are permanently removed from our active database.

Certain technical logs (IP records, security events) may be retained for a limited period after deletion for legal and security compliance purposes, after which they are permanently purged.

To request a copy of your data, contact us at privacy@whyzer.app.

07

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the data we hold about you
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your data (subject to legal retention requirements)
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to certain processing of your data

To exercise any of these rights, email privacy@whyzer.app. We will respond within 30 days.

08

Security

Passwords are hashed using a salted algorithm and are never stored or transmitted in plain text. Database connections are encrypted via SSL/TLS. Access to user data is restricted to authorised administrators only. We do not store payment information of any kind.

Despite our best efforts, no system is perfectly secure. In the event of a data breach that affects your personal information, we will notify affected users in accordance with applicable law.

09

Cookies & Tracking

WHYZER uses browser localStorage solely to remember your theme preference (light/dark mode). We do not use advertising cookies, third-party tracking pixels, or behavioural analytics tools. We do not build advertising profiles.

10

Contact & Data Requests

For privacy questions, data requests, or to report a concern:

privacy@whyzer.app

We respond within 48 hours. For urgent matters related to safety or illegal content, please mark your message URGENT.

SECTIONS
What We Collect Why We Collect Technical Data How We Use Your Data Third-Party Services Law Enforcement Retention & Deletion Your Rights Security Cookies Contact