PeerPath

Legal

Privacy Policy

Last updated: 2026-06-05

Summary

PeerPath is a confidential workspace for peer-advisory groups. We hold the minimum data needed to run a peer group: who’s in it, what they discussed, what they committed to, and when. We never sell personal data. We never use peer-group content to train AI models. We never share peer-group content across peer groups.

1. Data controller

PeerPath (“we”, “us”) is the data controller for the personal data you provide while using the service. Contact: support@peerpath.app.

2. What we collect

  • Account data: email address, first and last name, time zone, and authentication metadata (one-time code timestamps, MFA factors, sign-in timestamps).
  • Peer-group data: peer-group name and settings, membership roles and status, monthly updates and their answers, monthly and quarterly goals, 24-Hour Actions, warm-up question bank, meeting-view state.
  • Operational data: audit-log entries scoped to your peer group; email delivery status (sent, bounced, complained); rate-limit counters; reminder send history.
  • Diagnostic data: server logs with request paths, response codes, and tenant identifiers. Logs are redacted to strip emails, names, IP addresses, and tokens before being written.

3. What we do not collect

We do not run third-party analytics in v1. We do not set advertising, profiling, or cross-site tracking cookies. We do not capture IP addresses in application logs. We do not embed third-party fonts, fingerprinting scripts, or social-network beacons. When error tracking and product analytics are added in a future release, this policy will be updated and you will be notified before they go live.

4. Purposes & legal bases

  • Provide the service. We process account and peer-group data to operate PeerPath under our contract with you (your acceptance of the Terms).
  • Send transactional email. Sign-in codes, invitation emails, goal reminders, account-deletion confirmations, and bounce notifications are sent based on legitimate interest in delivering the service you signed up for.
  • Security & audit. We log governance actions (member added, removed, paused; monthly update submitted; goal closed) to an immutable audit log visible to your peer-group admins. This is required by the service.
  • Comply with law. We retain the minimum data needed to respond to lawful requests and to defend the service.

5. Retention

  • Account data: retained for the life of your account. When you request deletion, your data is scheduled for permanent erasure in 30 days; you can cancel during that window.
  • Peer-group data: retained for the life of the peer group. When a peer-group admin soft-deletes a peer group, the data is moved to trash; trash is hard-deleted after 30 days.
  • Audit log: retained for the life of the peer group. After your account is hard-deleted, audit-log entries that reference you are de-linked: only an opaque UUID remains. We believe this satisfies the spirit of the right to erasure while preserving governance accountability for the rest of the peer group.
  • Reminder send history: successful sends retained for 90 days; failed or skipped attempts retained for 365 days for debugging.
  • Rate-limit counters & idempotency keys: rate-limit rows cleaned after 7 days; idempotency keys after 24 hours.
  • Bounce records (pre-signup): when an invitation bounces, we record the email address so we don’t keep emailing it. These records persist until the address is reverified.

6. Where your data lives

PeerPath is hosted in the United States. Application code runs on Vercel. The database, authentication, and file storage are hosted on Supabase. Transactional email is delivered by Brevo. A current list of subprocessors is published at /subprocessors.

7. Cookies & local storage

We use only the cookies and local-storage entries required to run the service:

  • Supabase authentication cookies (session token, refresh token) — strictly necessary to keep you signed in.
  • Meeting-view local-storage entries — remember the order in which members appear during a meeting on this device.

No advertising, analytics, or cross-site tracking cookies are set. If we add product analytics or error tracking later, a consent banner will appear and this section will be updated before either is enabled.

8. Your rights

  • Access & portability. Download a JSON+CSV bundle of your data any time from your profile (rate-limited to 3 requests per hour).
  • Correction. Edit your name, time zone, and notification settings directly in the app.
  • Deletion. Schedule your account for deletion from your profile. After a 30-day grace period the data is permanently erased.
  • Withdraw consent. Unsubscribe from optional reminder emails using the one-click unsubscribe link in any reminder, or from the notifications page. Security and transactional messages cannot be disabled.
  • Lodge a complaint. If you believe we’ve mishandled your data, contact us at support@peerpath.app. You also have the right to complain to a data-protection authority.

9. Audit-log immutability & the right to be forgotten

PeerPath’s audit log is insert-only at the database level. After your account is hard-deleted, audit-log rows that reference you are de-linked from any name or email; only an opaque UUID remains. The text of past audit entries is not edited. We believe this satisfies the spirit of the right to erasure while preserving the governance integrity your peer group relies on.

10. Adults only

PeerPath is for adult peer-advisory groups. You must be 18 or older to use the service. Every account confirms this at signup.

11. Children

We do not knowingly collect personal data from anyone under 18. If you believe a minor has signed up, contact support@peerpath.app and we will delete the account.

12. Security

PeerPath enforces row-level security on every table, requires authenticated sessions for every protected page, gates platform-admin tools behind an email allowlist, and keeps the audit log immutable even for service-role access. Mandatory two-factor authentication (TOTP) is on the roadmap.

13. Changes to this policy

We will update this policy as the service evolves. The “Last updated” date at the top reflects the current revision. Material changes will be announced in-app or by email at least 14 days before they take effect.

14. Governing law

This policy is governed by the laws of the State of Delaware, United States, without regard to its conflict-of-laws principles. Any dispute will be brought in the state or federal courts located in Delaware.

15. Contact

Questions about this policy or your data? Email support@peerpath.app.