Privacy Policy

Last Updated: December 2024

1. Introduction

Thinking in Public, Inc. ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

This policy applies to all users of our platform, regardless of location, and complies with applicable privacy laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Information We Collect

2.1 Information You Provide Directly

We collect information you provide directly to us, including:

• Account Information: Name, email address, username, password, and profile information
• Content: Ideas, thoughts, comments, and other content you share on the platform
• Communications: Messages you send to us or other users through the platform
• Payment Information: Billing details for paid subscriptions (processed securely by third-party payment processors)
• Support Requests: Information provided when you contact customer support

2.2 Information Collected Automatically

When you use our platform, we automatically collect certain information:

• Usage Data: How you interact with the platform, features used, time spent, and navigation patterns
• Device Information: Device type, operating system, browser type, IP address, and unique device identifiers
• Location Data: General location information based on IP address (not precise geolocation)
• Analytics Data: Website usage statistics collected through privacy-respecting analytics (no cookies or personal data)

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Social media platforms when you connect your accounts
• Analytics and advertising partners
• Public databases and data aggregators
• Other users who mention or tag you in content

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision

• Provide, maintain, and improve our platform and services
• Process transactions and manage your account
• Enable collaboration and community features
• Personalize your experience and content recommendations

3.2 Communication

• Send you service-related notifications and updates
• Respond to your inquiries and provide customer support
• Send marketing communications (with your consent)
• Notify you about platform changes and new features

3.3 Safety and Security

• Protect against fraud, abuse, and security threats
• Enforce our Terms of Service and community guidelines
• Investigate and prevent prohibited activities
• Comply with legal obligations and law enforcement requests

3.4 Analytics and Improvement

• Analyze usage patterns and platform performance
• Conduct research and development for new features
• Generate aggregated, anonymized insights
• Measure the effectiveness of our services

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

4.1 With Your Consent

We share information when you explicitly consent to such sharing, including when you choose to make content public or collaborate with other users.

4.2 Service Providers

We share information with trusted third-party service providers who help us operate our platform, including:

• Cloud hosting and infrastructure providers
• Payment processing services
• Email and communication services
• Analytics and monitoring tools
• Customer support platforms

4.3 Legal Requirements

We may disclose information when required by law or when we believe disclosure is necessary to:

• Comply with legal obligations, court orders, or government requests
• Protect our rights, property, or safety
• Protect the rights, property, or safety of our users or others
• Investigate potential violations of our Terms of Service

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction, subject to appropriate privacy protections.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication requirements
• Employee training on data protection practices
• Incident response and breach notification procedures

However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy. Specific retention periods include:

• Account Data: Retained while your account is active and for a reasonable period after deletion
• Content: Retained according to your privacy settings and platform policies
• Usage Data: Typically retained for 2-3 years for analytics purposes
• Legal Compliance: Retained as required by applicable laws and regulations

7. Your Rights and Choices

7.1 Access and Control

You have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Update or correct inaccurate personal information
• Deletion: Request deletion of your personal information (subject to certain limitations)
• Portability: Request a copy of your data in a machine-readable format
• Objection: Object to certain processing of your personal information

7.2 Communication Preferences

You can control the communications you receive from us:

• Unsubscribe from marketing emails using the link in each email
• Adjust notification settings in your account preferences
• Contact us to opt out of certain communications

7.3 Analytics and Tracking

We use privacy-respecting analytics (Plausible Analytics) that doesn't use cookies or collect personal data. This helps us understand how our platform is used without compromising your privacy.

8. Privacy-First Analytics

We use Plausible Analytics, a privacy-focused analytics service that:

• No Cookies: Doesn't use cookies or local storage
• No Personal Data: Doesn't collect IP addresses, user agents, or personal identifiers
• GDPR Compliant: Designed to be compliant with privacy regulations by default
• Aggregated Data Only: Only collects aggregated, anonymized usage statistics
• No Cross-Site Tracking: Data stays on our domain and isn't shared with third parties

This approach allows us to improve our platform while respecting your privacy and requiring no consent under GDPR.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers, including:

• Standard contractual clauses approved by relevant authorities
• Adequacy decisions by the European Commission
• Other legally recognized transfer mechanisms

10. Children's Privacy

Our platform is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to know what personal information we collect and how it's used
• Right to delete personal information (subject to certain exceptions)
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us using the information provided below.

12. European Privacy Rights (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation, including:

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

You also have the right to lodge a complaint with a supervisory authority.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by:

• Posting the updated policy on our platform
• Sending you an email notification
• Providing notice through the platform interface

Your continued use of the platform after such changes constitutes acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us: