Privacy & FAQ

Account info

Email, name, and password hash. If you sign in with Google, we receive your email and name from Google — nothing else.

Recovery activity

Moments you log (urge, stress, etc.), breathing sessions, check-in responses, and reflections. This powers your personal progress and the intervention engine.

Messages

Private messages between you and your connections. Stored encrypted at rest. Only visible to the sender and recipient.

Sponsor data

If you apply to be a sponsor, your application answers and profile information. Visible to admin reviewers and (for profiles) to users browsing sponsors.

Device tokens

If you enable push notifications, we store a device token to send you reminders. No location data is collected.

Financial information

We do not collect bank accounts, gambling amounts, debts, or financial details. Stripe handles all billing — we never see your card number.

Location data

We do not track your GPS, IP-based location, or physical movements. Meeting search is based on publicly listed times, not your location.

Browsing history

We do not track what websites you visit, what apps you use, or any activity outside of Cope Compass.

Biometric data

No fingerprints, face scans, or health sensor data is collected.

Only you can see

Your moments, breathing sessions, reflections, progress history, stability score, and recovery stage. These are never shared — not even with your sponsor.

Your connections can see

Your display name, avatar, and messages you send them. Sponsors see your name and can receive escalation alerts (not your recovery data).

Admins can see

Staff can view flagged messages, escalation events, and sponsor applications for moderation. They cannot read your private moments, reflections, or progress data.

No one else

We do not share, sell, or provide your data to third parties, advertisers, insurance companies, employers, or anyone else. Period.

Encryption

All data is encrypted in transit (TLS 1.3) and at rest. Messages are stored in encrypted database fields.

Authentication

JWT tokens with short expiry. Passwords are hashed with bcrypt. Google OAuth uses industry-standard OpenID Connect.

Infrastructure

Hosted on Railway with automatic SSL, managed PostgreSQL with daily backups, and Redis with memory encryption.

Access control

Role-based access. Staff actions are logged to an immutable audit trail. No engineer has access to production data without authorization.

Delete your account

You can delete your account at any time from Settings. This permanently removes all your data including moments, messages, reflections, and progress history.

Export your data

You can request a full export of your data from Settings. We will provide it within 72 hours.

Opt out of tracking

You can opt out of the Recovery Stability Index from Settings > Privacy. Your progress data stops being scored but is still recorded for your own viewing.

Withdraw consent

You can revoke notification permissions, disconnect from sponsors, leave circles, and block other users at any time.