Privacy & Security

Your data. Your control.

Last Updated: January 2026

TL;DR

  • Email only required — That's the only PII we need. Everything else is optional.
  • We don't sell your data — Never have, never will. Your info stays with us.
  • Anonymized analytics — We track company concentration, not individuals.
  • You can delete anytime — Email us, we wipe everything.

1. What We Collect

Required

  • Email address — Proves you're real. Used for waitlist updates only.

Optional

  • Company name — Helps us track concentration (3% cap).
  • Job title — Helps us understand our community.
  • Salary range — Helps us model fund requirements.

Why so minimal? We're building trust from day one. The less we collect, the less there is to protect—and the less you have to worry about. We only ask for what we genuinely need.

2. How We Use It

Waitlist updates

We'll email you when we launch, when your position changes, or when there's news that affects you. That's it. No spam, no newsletters unless you opt in.

Concentration tracking (anonymized)

If you provide your company, we aggregate that data anonymously to enforce our 3% employer cap. We track "X people from Company Y" — not "John Doe works at Company Y."

Fund modeling (anonymized)

Salary ranges help us model fund requirements and benefit levels. This data is aggregated—we look at distributions, not individuals.

3. What We Never Do

Sell your data

We don't sell, rent, or trade your information. Period.

Share with employers

Your employer will never know you're a member unless you tell them.

Use for marketing

No ads, no promotional partners, no "personalized offers."

Track you around the web

No third-party trackers, no retargeting pixels, no creepy follow-you-everywhere ads.

4. Security

Infrastructure

  • Data stored on Supabase (PostgreSQL) with row-level security
  • All connections encrypted via TLS 1.3
  • Hosted on Vercel with SOC 2 Type II compliance
  • No passwords stored—we use email-based authentication

Access Controls

  • Minimal team access—only founders can view member data
  • All access logged and audited
  • No third-party analytics with access to raw data

5. Your Rights

  • Access: Email us and we'll send you everything we have on you.
  • Correction: Wrong info? Let us know and we'll fix it.
  • Deletion: Want out? Email us and we'll wipe everything within 7 days.
  • Portability: We'll export your data in a standard format on request.

For any privacy requests:

privacy@brokenbranch.dev

6. Cookies

We use minimal, essential cookies only:

  • Session cookies: Keep you logged in if you return.
  • Referral tracking: Credit the person who referred you.

No third-party tracking cookies. No ad cookies. No analytics cookies that track you across sites.

Privacy-first protection.

We collect the minimum needed to build a safety net. Nothing more.

Add your voice