Effective May 2026
We collect the minimum we need to run pots. We don't sell your data. We don't build advertising profiles. Here's the detail.
Email, display name, and password hash. Used to log you in and identify you on pots you join.
Pots you create, join, and contribute to — including amounts, timestamps, and currency. Required for the product to work.
When real payouts launch, we'll collect bank/payout info via Stripe Connect. Sensitive fields are stored by Stripe, not by us.
A single session cookie keeps you logged in. We don't use third-party advertising or tracking cookies.
Aggregate page views and error logs to find bugs and improve the app. No selling, no profile-building.
Data is stored on our managed cloud backend (EU region). Payment data, when we launch real payouts, is processed by Stripe under their own privacy terms.
Account data: while your account is active, plus 30 days after deletion. Pot transaction records: up to 7 years for accounting and anti-fraud obligations, in anonymised form after account deletion.
Under GDPR / UK GDPR you have the right to:
To exercise any of these, email privacy@potluck.app. We respond within 30 days.
We don't sell your data. We don't share it with advertisers. We don't run third-party tracking pixels. We don't read your contributions or pot activity for marketing.
Pot Together is for users 18 and older. We do not knowingly collect data from anyone under 18. If you believe a minor has signed up, contact us and we'll delete the account.
Passwords are hashed. Sensitive endpoints use HTTPS. Backend access is restricted to authorised staff. No system is perfect — if you find a vulnerability, please email security@potluck.app.
We'll post material updates here with a new effective date. For significant changes affecting how we use your data, we'll also email account holders.
Email privacy@potluck.app.