Privacy

We collect the minimum data needed to run Cliqstr and keep it safe.

• Account details (like email, display name, birthdate for age gating, role such as child/parent/adult, and account status)
• Content you choose to create (posts, comments, images, cliq memberships, invites)
• Uploaded photo safety (we remove EXIF metadata, like GPS and device details, before storing images)
• Safety and abuse-prevention signals (reports, moderation outcomes, audit trails)
• Technical data for security (basic logs such as IP address, device/browser type, and error logs)

• GPS or live device location
• Device contact lists (address book)
• Advertising identifiers or third-party ad profiles
• Facial recognition / biometric templates

We still use basic technical measures that most services need to operate safely (for example, security logs and essential cookies/sessions to keep you signed in and prevent abuse).

• Create and maintain accounts and cliq participation
• Verify age and parent/guardian approval for under-18 accounts
• Provide safety features (reporting, moderation workflows, and safety notices)
• Prevent fraud, abuse, and security issues (including logging and audits)
• Process subscriptions and account verification

We aim to minimize retention while still operating the service and keeping it safe.

• Most posts, comments, and images: automatically deleted after about 30 days unless you choose to keep content through available storage options (subject to account settings, legal retention obligations, and service integrity/security needs)
• Pending child accounts: deleted after about 30 days if not approved
• Account data: kept until the account is deleted (then a soft-delete period may apply before permanent deletion)
• Payments: billing records are retained by our payment processor as required for financial and legal compliance

We share limited data with service providers (processors) that help us run Cliqstr. They receive data to provide their service, not for advertising.

• Stripe — payments, subscriptions, and account verification (we do not store full card numbers). Stripe privacy policy: stripe.com/privacy
• Vercel — hosting and security (may include request logs for security)
• UploadThing — file storage for uploads (we remove photo EXIF metadata before storage)
• Resend — transactional email delivery (invites and account notifications)
• Convex — backend database for account and cliq data needed to operate the service

• Users under 18 require verified parent/guardian approval
• Unapproved child accounts may be deleted after about 30 days
• Parents/guardians can delete a child’s account through Parent HQ
• We follow COPPA principles for parental control and data minimization

• Delete your account: use in-app account deletion. Account deletion may include a soft-delete period before permanent deletion.
• Access/correction requests: email us if you need help accessing or correcting account details.
• Privacy questions: contact us at privacy@cliqstr.com.

We respond with a human. For security and safety, we may need to verify your identity or authority (for example, parent/guardian status) before completing certain requests.

We take reasonable steps to protect your information, but no system is perfect. Safety and moderation features rely in part on third-party services and technical infrastructure, and they may be unavailable, delayed, or degraded.

We do not share data for advertising. We may disclose information if legally required to do so, and we aim to limit disclosure to what the law requires.