Privacy Policy

1. Our Commitment to Your Privacy

We Are Candor exists to make government accountability accessible to every citizen. Your trust is the foundation of that mission. This privacy policy explains exactly what data we collect, how we use it, and — just as importantly — what we will never do with it.

We Are Candor will never sell, rent, trade, or share your personal information with any third party for any commercial purpose. We will never accept money from PACs, SuperPACs, or political parties. These are founding principles, not policies subject to change.

2. Information We Collect

Information you provide

• Account registration: When you create an account, we collect your email address and, if you use Google sign-in, the name and profile photo associated with your Google account.
• Zip code: If you use our representative lookup feature, we use your zip code to match you with your elected officials. Your zip code is not stored permanently unless you save it to your profile.
• Alert preferences: If you subscribe to email alerts, we store your alert preferences (representatives, topics, risk levels) alongside your email address.
• Donations: If you make a donation, your payment information is processed directly by our payment processor. We never receive, store, or have access to your full credit card number. We retain your name, email, donation amount, and date for accounting and tax purposes.

Information collected automatically

• Usage data: We collect anonymized usage data including pages visited, time on site, and general geographic region. We do not track individual browsing behavior across sessions.
• Device information: We collect basic device information (browser type, operating system) to ensure the site works correctly on your device.
• Log data: Our servers automatically record information including your IP address, request timestamps, and referring URLs. Log data is retained for security purposes and deleted within 90 days.

3. How We Use Your Information

We use the information we collect to:

• Provide and maintain the We Are Candor platform
• Match you with your elected representatives based on your zip code
• Send you email alerts about legislative activity you've subscribed to
• Process and acknowledge your donations
• Improve the platform based on aggregate, anonymized usage patterns
• Protect against fraud, abuse, and security threats

We do not use your personal information for advertising, profiling, or any purpose unrelated to the civic transparency mission of this platform.

4. Cookies and Tracking

We use only cookies that are strictly necessary for the platform to function:

• Authentication cookies: Managed by Supabase Auth to keep you signed in. These expire when you sign out or after a period of inactivity.
• Session cookies: Used to maintain your session state while browsing. These expire when you close your browser.

We do not use advertising cookies, tracking pixels, or third-party cookies for behavioral profiling. We do not use Facebook Pixel, Google Ads, or any advertising network integrations.

5. Third-Party Services

We use the following third-party services to operate the platform. Each receives only the minimum data necessary to perform its function:

• Supabase — Authentication and database hosting. Stores your account data and alert preferences.
• Vercel — Frontend hosting. Processes web requests and serves the site.
• Railway — Backend hosting. Runs the analysis pipeline and API.
• Resend — Email delivery for alert notifications. Receives your email address when sending alerts.
• Google OAuth — If you choose to sign in with Google, Google provides your name, email, and profile photo to authenticate your account.

We do not share your personal data with any other third parties. We have no data broker relationships, advertising partnerships, or data sharing agreements.

6. Donations and Payment Data

We Are Candor does not sell, trade, rent, or otherwise release donor information to any third party, ever. Your donation information is processed securely by our payment processor and full payment details are never stored on our servers.

We retain basic donation records (name, email, amount, date) as required for accounting, tax reporting, and acknowledging your contributions. If we obtain tax-exempt status, donors above certain thresholds may appear in IRS filings as required by law.

7. Email Alerts and Communications

If you subscribe to email alerts, we store your email address and alert preferences (which representatives, topics, or risk levels you want to be notified about). Every email includes a one-click unsubscribe link. You can also manage or delete your alert preferences from your account settings at any time.

We do not track email opens or link clicks. We send alerts — we do not surveil your engagement with them.

8. Blockchain Records

When a bill analysis is approved by our editorial team, a cryptographic hash (a mathematical fingerprint) of the analysis is recorded on the Ethereum blockchain. This record contains no personal information — only the bill identifier and the hash in the format wearecandor:{bill_id}:{sha256hash}.

This allows any person to independently verify that an analysis has not been altered after publication. The Ethereum blockchain is public and permanent by design — this immutability is the mechanism that prevents anyone, including us, from changing the record. No user data, reviewer identity, or IP address is ever written to the blockchain.

9. AI and Automated Analysis

We use artificial intelligence (Claude by Anthropic) as one step in our editorial pipeline. AI generates plain-English explanations of mathematical findings from our NLP analysis. Important things to know:

• No AI system runs in response to your visit — all analysis is pre-generated, reviewed by human editors, and stored before any user sees it.
• No user data is ever sent to any AI service. The AI analyzes only publicly available government bill text from Congress.gov.
• All AI outputs are reviewed and approved by human editors before publication.
• The AI does not make judgments about policy quality — it explains mathematical findings about semantic coherence.

10. Data Sharing — What We Will Never Do

We will never:

• Sell, rent, or trade your personal information to anyone
• Share your data with advertisers or data brokers
• Use your information for political targeting or profiling
• Provide your data to any political party, PAC, or campaign
• Monetize your personal information in any way

We may disclose information if required by law (such as in response to a valid subpoena or court order). In such cases, we will notify affected users unless legally prohibited from doing so, and we will challenge requests we believe to be overbroad or unlawful.

11. Your Rights and Choices

You have the right to:

• Access your data: Request a copy of the personal information we hold about you.
• Correct your data: Update or correct inaccurate information in your account settings.
• Delete your account: Request deletion of your account and all associated personal data. We will process deletion requests within 30 days.
• Unsubscribe from alerts: One-click unsubscribe is available in every email, or manage preferences in your account.
• Browse without an account: All published bill analyses are accessible without creating an account or providing any personal information.

To exercise any of these rights, contact us at privacy@wearecandor.org.

12. Children's Privacy

We Are Candor is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at privacy@wearecandor.org.

13. Data Retention

• Account data: Retained for as long as your account is active. Deleted within 30 days of an account deletion request.
• Server logs: Automatically deleted after 90 days.
• Donation records: Retained for 7 years as required for tax and accounting purposes.
• Bill analyses: Published analyses are public records and are retained indefinitely. Blockchain records are permanent by design.

14. How We Protect Your Information

We implement industry-standard security measures to protect your personal information, including encryption in transit (TLS/HTTPS), encrypted database storage, and access controls that limit who can view personal data. Authentication is managed by Supabase, which provides secure password hashing and session management.

No system is perfectly secure. If we become aware of a data breach affecting your personal information, we will notify you and any applicable regulatory authorities as required by law.

15. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the “Last updated” date at the top of this page and, if you have an account, notify you by email. Your continued use of the platform after changes are posted constitutes your acceptance of the updated policy.

16. Contact Us

If you have questions about this privacy policy or how we handle your data, contact us at: