Privacy

Privacy Policy

Last updated: March 2026. This policy complies with the EU General Data Protection Regulation (GDPR).

Who we are

Spoons is operated by Roi Shternin (sole trader). For data protection purposes, Roi Shternin is the data controller. Contact: hello@spoons.world

What data we collect

  • Email address — used for authentication via magic link only. Never shared or used for marketing without consent.
  • Profile information — pseudonym, display name, bio, and conditions you choose to share. All optional except a username.
  • Posts and comments — content you create on the platform. Anonymous posts store your user ID internally but never display it publicly.
  • Spoon check-ins — your daily energy level if you choose to log it. Stored to personalise your experience.
  • Usage data — basic analytics via Vercel (page views, performance). No personal identifiers are tracked.

Legal basis for processing (GDPR)

  • Contract — processing your email to provide the authentication service you signed up for.
  • Legitimate interests — basic analytics to improve the platform.
  • Consent — any optional profile information you choose to provide.

How we use your data

  • To authenticate you and maintain your session
  • To display your profile and content to other users (per your privacy settings)
  • To personalise your experience (low-spoon mode, anonymous defaults)
  • To provide AI-powered search synthesis (your posts may be included in search results)

We do not sell your data, use it for advertising, or share it with third parties except as listed below.

Third parties

  • Supabase (database and authentication) — EU data residency available. Privacy policy
  • Vercel (hosting) — processes requests through their global network. Privacy policy
  • Anthropic (AI search summaries) — search queries and post content may be sent to Claude API. Not used to train models. Privacy policy

Your rights under GDPR

You have the right to:

  • Access — request a copy of the data we hold about you
  • Rectification — correct inaccurate data (via your profile settings)
  • Erasure — request deletion of your account and all associated data
  • Portability — request your data in a machine-readable format
  • Objection — object to processing based on legitimate interests
  • Restriction — request we limit processing of your data

To exercise any of these rights, email hello@spoons.world. We will respond within 30 days.

Data retention

We retain your data for as long as your account is active. If you delete your account, your personal data is deleted within 30 days. Anonymous posts may remain but are permanently unlinked from your identity.

Cookies

We use a single session cookie to keep you logged in. No tracking cookies, no advertising cookies. No cookie banner required.

Complaints

If you believe we have handled your data incorrectly, you have the right to lodge a complaint with your national data protection authority. In Ireland: dataprotection.ie. In the UK: ico.org.uk.

Changes to this policy

We may update this policy. Significant changes will be communicated via email to registered users.