This policy applies when you browse WasItReal, create an account, submit links, vote, comment, contact support, or otherwise interact with the service.

WasItReal is intended for people who are at least 13 years old. If you are under 13, do not use the service or submit personal information to it.

• Account details: email address, hashed password credentials handled through Supabase Auth, and your chosen sign-in method such as email or Google.
• Profile details: username, country selection, birth date, and your profile privacy settings.
• Community activity: submitted links, source titles, votes, comments, reports, moderation actions, and abuse-prevention events related to your account or requests.
• Technical and security data: IP address, request metadata, device and browser signals, session data, and logs needed to protect the service and investigate misuse.
• Support communications: messages you send to our support address and the information needed to respond.

WasItReal uses cookies and browser local storage strictly for functional purposes.

• session and authentication cookies to manage your login state and secure account access
• preference cookies to persist feed filter, sort, and platform settings across visits
• local storage for anonymous interaction previews, interface preferences, and one-time dismissal state
• third-party infrastructure providers (such as authentication and hosting vendors) may set their own functional cookies under their own terms

WasItReal does not set advertising or tracking cookies. You can clear cookies and local storage at any time through your browser settings.

• create and secure accounts, including login, verification, and recovery flows
• operate feeds, post detail pages, comments, ranking, and profile features
• enforce age gates, platform rules, rate limits, and abuse-prevention controls
• investigate reports, safety incidents, fraud, and policy violations
• send service messages such as confirmations, recovery links, and security notices
• comply with legal obligations and protect the rights, safety, and integrity of the service

WasItReal is a community product, so some activity is public or visible to other signed-in users by design.

• your username, public profile signals, and any comments you post
• links and titles you submit to the community
• post-level location tagging attached to a submission, which is separate from your profile country visibility setting
• aggregated vote outcomes after a user has interacted with a post, according to the product rules

We may share information in the following limited situations:

• with infrastructure and delivery providers that help operate the service
• with professional advisers or authorities when required by law or safety needs
• during a merger, acquisition, financing, or similar business transfer
• to investigate or address fraud, abuse, security incidents, or rule violations

We use third-party providers such as hosting, authentication, and email delivery vendors to operate the product. They process information on our behalf under their own terms and security controls.

We keep information for as long as needed to operate the service, enforce rules, resolve disputes, maintain security records, comply with legal obligations, and preserve backup integrity.

If you delete your account, access is deactivated immediately and your public identity is masked right away. Profile data that directly identifies you is removed from normal public display, while shared submissions, comments, votes, and moderation history may remain in de-identified or aggregated form so community threads, safety work, and product records still make sense.

We may keep the minimum recovery and auth data needed for the 30-day same-account restore window and final auth purge. If you want us to review deletion of shared contributions linked to your account as well, contact support with that privacy request and we will review it under applicable law, safety obligations, and platform integrity needs.

Some data may still remain in logs, backups, moderation records, or abuse-prevention systems even after content is soft-removed or no longer publicly visible.

• you can manage some profile settings from your account
• you can delete your account from settings, with a 30-day same-account restore window
• you can request privacy or data-rights help by contacting support
• you can ask us to review deletion of anonymized shared contributions linked to your account
• you can choose whether your profile country is publicly shown, but post location is separate
• you can choose not to use the service if you do not agree with this policy

Depending on where you live, you may have additional legal rights regarding access, correction, deletion, objection, restriction, or portability. We will review requests in light of applicable law, security needs, and the way the product is built.

We use reasonable administrative, technical, and organizational measures to protect the service, but no online system can guarantee absolute security.

If a security incident occurs, we will handle it according to applicable law, our internal response process, and the practical realities of protecting users and the platform.

We may update this policy as the product, legal requirements, or operating practices change. When we make material updates, we will update the date at the top of this page and may add additional notice when appropriate.