← Cop The Drop

Privacy Policy

Effective June 11, 2026

This policy describes what Cop The Drop collects, why, who processes it, and the controls you have. The short version: we collect what the product needs to send you reminders, we don't sell your data, and we don't send marketing email.

1. What we collect

Account: your email address (sign-in and reminder delivery), timezone (so reminders fire at the right local time), quiet-hours and reminder preferences, and an optional handle and display name.
Content: the drops you add (including notes, which stay private), what you watch, and cop/miss results you record.
Usage:product analytics events (pages, feature usage, parse outcomes) via PostHog, tied to your account id. We don't use advertising trackers.
URLs you parse:when you paste a link, we fetch that page server-side and send extracted page text to Anthropic's API to read the release details. Parse attempts (URL, outcome) are logged to improve the parser.

2. What we use it for

Delivering reminders, rendering your feed and public pages you choose to share, rate-limiting and abuse prevention, and understanding which features work. That's it.

3. Who processes it

We run on a small set of processors: Supabase (database, auth, image storage), Vercel (hosting), Resend (email delivery), Inngest (reminder scheduling), PostHog (analytics), and Anthropic (URL parsing — page content only, never your account data). Each receives only what its function requires.

4. What stays private

Your notes, notification settings, watch list, and results stay private even on public drops. Public drops show the drop itself — never your activity. Private drops are visible only to you.

5. What we never do

We don't sell or rent your data, we don't send marketing email, and we don't show ads.

6. Retention and deletion

Data is kept while your account is active. Deleting your account hides it immediately and permanently erases your data after a 30-day grace window (during which signing in restores it). The purge removes your drops, watches, reminders, account row, auth record, and mirrored images; analytics identifiers are anonymized. Reminder-delivery logs live in the same database and are purged with the account.

7. Your rights

You can access and update your data in the app, and delete it entirely via Settings → Delete account. For export requests or anything else (including GDPR/CCPA requests), email us and we'll handle it manually: privacy@copthedrop.app.

8. Cookies

We use essential cookies only: your sign-in session (Supabase auth) and a PostHog analytics identifier. No third-party advertising cookies.

9. Changes

We'll note material changes here and update the effective date; for significant changes we'll notify you in the app or by email.