Privacy policy

April 1, 2018

Ad-supported businesses often track a lot of information about you to better serve advertisers. isn’t like that. We have no ads and the business model is a simple subscription where you pay for extra features you use, such as blog hosting. We only collect enough information to run

This help page outlines what kind of data is used by each major component of It will be routinely updated and the version history for the entire help site is available on GitHub. platform

You register with a name, email address, username, and web site URL. We store this information in a database on the servers. We send email to your address such as subscription receipts or other occasional notifications. If you do not upload a profile photo, we use a hash of your email address to look up a profile photo on Gravatar. does not have traditional passwords. When signing in, we generate a random number to establish your web browser session. There are also tokens on your account that can be used with third-party apps. We use cookies to keep track of when you are signed in to

Your time zone and IP address are sent from a web browser when visiting We store the time zone with your account and use it to adjust all the post times to your local time. We use the IP address to rate-limit a client when there are too many requests in a short time period.

The timeline in is built in part from RSS or JSON feeds. When you add a feed to, it is considered public and may be included in subscription exports. Do not add private feeds or feed URLs that contain passwords.

If you enable site mirroring to GitHub, we store an authentication token on that lets read and write to your GitHub repositories. If you enable cross-posting to Twitter or Facebook, we store authentication information that lets post to your accounts. for iOS and macOS, Sunlit for iOS

The native apps for store a token for your account in the system keychain. The apps also store basic user and microblog information in preferences.

When authenticating with WordPress and compatible blogs, stores your WordPress password in the system keychain. The XML-RPC API sends the password with each request, so we recommend using SSL if you’re using an external blog. and Sunlit for iOS use the Fabric framework to track crashes and usage. This data is sent to Fabric servers run by Google. No account information is sent to Fabric.

Credit cards uses Stripe for credit card processing. Credit card information is sent directly from your web browser to Stripe. does not see or store your credit card number.

Stripe manages your billing information, including name, zip code, credit card number, and expiration date. Your email address and username are stored on Stripe for sending receipt emails, and so that we can look up your account to confirm or update something about your subscription, usually from a support request.

We use Baremetrics to show reports on subscriptions. Baremetrics connects to Stripe and automatically imports subscription information including customer name.