Privacy Policy

What We Collect (Very Little)

We practice data minimization. We only store what is absolutely necessary to deliver the service.

• Encrypted group metadata (to know which union you belong to).
• Encrypted message metadata (timestamps, sender ID).
• Account credentials (hashed passwords — we never store plaintext passwords).

What We DON'T Collect

• Your Messages: Content is end-to-end encrypted. We cannot read it.
• Real Identity: We don't require legal names.
• Work Email: Not required. Sign up with just a username.
• IP Addresses: We do not log visitor IP addresses.
• Analytics: We do not use tracking cookies or analytics services.

Local Storage & Cookies

uunn does not use tracking cookies. We use your browser's local storage and session storage solely for cryptographic purposes:

• Session Storage: Your private encryption key is stored temporarily and cleared when you close the browser or log out.
• Authentication: A session token is used to keep you logged in. No third-party cookies are involved.

Third-Party Services

uunn uses the following third-party services to operate:

• Supabase: Database hosting. All sensitive content is encrypted before it reaches Supabase — they cannot read your messages or documents.
• Google Gemini: Optional AI-assisted document drafting. Used server-side only. No message content or personal data is sent to Google.
• Vercel: Application hosting. Standard web server logs may be generated by the hosting provider.

Data Retention

Your data is stored for as long as your account exists. When you delete your account, all associated data — including memberships, messages, and documents — is permanently removed from our servers. We do not retain backup copies of deleted accounts.

Your Rights

You have full control over your data.