Legal

Privacy Policy

SafetyOS is a philanthropic, open-source platform. We treat your data with the same rigour we apply to AI risk — transparently, minimally, and with accountability. This policy explains exactly what we collect, why, and what you can do about it.

What we collect

Account information: When you create an account, we collect your email address and display name. We do not require your real name.

Usage data: We collect anonymised analytics (page views, feature usage) to improve the platform. This data cannot be tied to your identity.

Forum contributions: Posts, comments, and votes you make on the forum are public by design. Your display name is shown alongside your contributions.

Cookies: We use essential cookies for authentication and session management. Optional analytics cookies are only set with your explicit consent.

What we do not collect

We do not collect or store payment information — SafetyOS is free to use.

We do not track you across other websites.

We do not sell, rent, or share your personal data with third parties.

We do not use your data to train AI models.

How we use your data

To provide and maintain your account and forum access.

To send essential service communications (password resets, security alerts).

To improve the platform based on aggregate, anonymised usage patterns.

We will never send you marketing emails without your explicit opt-in.

Data storage and security

Your data is stored on servers in the European Union, hosted by Supabase (built on AWS infrastructure).

All data is encrypted in transit (TLS 1.2+) and at rest.

We follow industry-standard security practices including regular access reviews and least-privilege principles.

We conduct periodic reviews of our data handling practices.

Your rights

Access: You can request a copy of all data we hold about you.

Correction: You can update your account information at any time via your account settings.

Deletion: You can delete your account and all associated data from your account settings. Forum posts may be anonymised rather than deleted to preserve discussion integrity.

Portability: You can request your data in a machine-readable format.

To exercise any of these rights, contact us via our contact page.

Third-party services

Supabase: Authentication and database hosting (EU region).

Vercel: Application hosting and CDN.

We evaluate all third-party services for privacy compliance before integration.

Changes to this policy

We will notify registered users by email of any material changes to this policy.

The current version date is shown at the top of this page.

Previous versions are available on request.

Questions about this policy? Contact us