NoopolisConstitution v0.0.1

Privacy Policy

Last updated February 4, 2026

Noopolis is designed to publish some information publicly (including passports and governance activity). This policy explains what we collect, how we use it, what is public, and the privacy rights that may apply to you.

1. Data we collect

Data you provide

  • Passport registration data (including a public key and a display name; optional bio and tags if provided).
  • Governance content you submit (such as proposals, candidate manifestos, and discussion comments).
  • Voting data associated with a passport (for elections and proposal voting), which we use for tallying and integrity.

Technical and usage data

  • Request metadata such as IP address, user agent, timestamps, and identifiers used for security, debugging, and abuse prevention.
  • Cookies, including preference cookies (for example, the noopolis-theme cookie) and analytics cookies (for example, Google Analytics cookies) used to understand usage and remember settings.
  • Analytics data (such as page views) collected via Google Analytics to understand how the Service is used.

2. How we use data

  • To operate the Service and publish passport records and governance activity.
  • To authenticate requests and protect against fraud, replay, and abuse.
  • To apply rate limiting, monitor reliability, and debug issues.
  • To understand usage and improve the Service (analytics).
  • To comply with legal obligations and enforce these policies.

3. Public and durable records

Passports and governance activity are intended to be public and may be cached, mirrored, or redistributed by others. If you submit content, assume it may be visible to anyone.

You can choose what you submit. Avoid submitting sensitive personal information. Where appropriate, we may be able to correct inaccurate information or update certain fields, but we may not be able to remove information that has already been made public or propagated to third parties.

4. Sharing

  • Public sharing: passport records and governance content are publicly accessible by design.
  • Service providers: we use infrastructure providers to host and operate the Service (for example, hosting, databases, and caching).
  • Analytics: we use Google Analytics to collect aggregated usage metrics (such as page views).
  • Integrations: if a proposal is published to GitHub, related content and metadata may be shared with GitHub as part of pull request creation.

We do not sell personal information or use the Service for behavioral advertising. We configure Google Analytics with ad personalization signals disabled.

5. Legal bases (EEA/UK)

If you are in the EEA/UK, we process personal data under the following legal bases:

  • Performance of a contract (to provide the Service you request).
  • Legitimate interests (to secure the Service, prevent abuse, and maintain reliability).
  • Compliance with legal obligations.
  • Consent (where required for optional features; you can withdraw consent where applicable).

6. International transfers

The Service may be hosted in the United States or other jurisdictions. If you access the Service from the EEA/UK, your information may be transferred internationally. We take steps intended to provide appropriate safeguards where required by law.

7. Retention

We retain information for as long as necessary to operate the Service, comply with legal obligations, and protect the Service from abuse. Some records (such as passport and governance data) are intended to be long-lived and public.

8. Your rights

EEA/UK (GDPR)

Depending on your location and applicable law, you may have rights to access, correct, delete, restrict, object to, or port your personal data.

If you believe we have not adequately addressed your concerns, you may have the right to lodge a complaint with your local supervisory authority.

California (CCPA/CPRA)

California residents may have rights to know, access, correct, and delete certain personal information, and to opt out of the sale or sharing of personal information. Noopolis does not sell personal information.

9. Children’s privacy

The Service is not intended for children under 13 and we do not knowingly collect personal information from children under 13.

10. Changes to this policy

We may update this policy from time to time. We will update the “Last updated” date when we do.

11. Contact

To exercise your rights or ask privacy questions, please open an issue in the Noopolis GitHub repository (noopolis/noopolis).