Privacy Policy

Falsify is a service for making and reviewing falsifiable predictions. We respect your privacy and protect your data. This Privacy Policy explains what we collect, why, and how you can control it. This policy is designed to meet GDPR requirements.

Who we are

Controller: Falsify

Data Protection Officer (DPO): dpo@falsify.app

What data we collect

  • Account data: name (if provided), email address, authentication identifiers.
  • Profile data: badges, reputation, activity.
  • Content data: predictions, votes, comments, taxonomy tags, attachments you upload.
  • Service data: device and log information (IP address, timestamps, basic analytics events).
  • AI processing data: text you enter for AI scoring and suggestions.

How we use your data

  • Provide and secure the service (accounts, predictions, votes, comments, storage).
  • Show reputation, badges, and public activity you choose to share.
  • Run AI features (plausibility scoring, vagueness detection, tag suggestions).
  • Send essential emails (account verification, security, service notifications).
  • Improve the product using anonymized or aggregated analytics.

Legal bases (GDPR)

  • Contract: to create and maintain your account and deliver core features you request.
  • Legitimate interests: to keep the service secure, prevent abuse, measure performance, and improve features.
  • Consent: optional analytics, optional emails that are not required to run your account.
  • Legal obligation: to comply with law when required.

Cookies and analytics

  • We use essential cookies for sign-in and security.
  • We use analytics to understand usage (Google Analytics and Firebase Performance). Where required, we ask for your consent.
  • You can change your cookie preferences in your browser. If you block essential cookies, the service may not work.

AI processing

  • We process your prediction text to provide scores and suggestions.
  • AI processing may run on Google Cloud (Vertex AI). Text you submit for AI features may be processed by Google to provide the result. We do not sell your data.

Email

  • We send verification and essential service emails using SendGrid.
  • You can control optional communications in your account settings (when available). Essential emails cannot be turned off.

Data sharing and processors

We use trusted processors to run the service:

  • Google Cloud and Firebase (hosting, authentication, database, storage, functions, analytics).
  • SendGrid (transactional email).

Processors act under our instructions and provide security safeguards. We do not sell personal data.

International transfers

Your data may be processed outside your country. We rely on appropriate safeguards (such as Standard Contractual Clauses) provided by our processors.

Data retention

  • Account data: kept while your account is active.
  • Content data: kept while published and as needed for service records.
  • Logs and analytics: kept for a limited time to secure and improve the service.
  • We remove or anonymize data when it is no longer needed.

Your rights

Under GDPR, you can request:

  • Access to your personal data.
  • Correction of inaccurate data.
  • Deletion of your data (right to be forgotten), if allowed by law.
  • Restriction or objection to certain processing.
  • Data portability.
  • Withdrawal of consent at any time (for consent-based processing).

To exercise your rights, contact: dpo@falsify.app. We will respond in line with legal requirements.

Security

  • We use encryption in transit and access controls.
  • We apply least-privilege and monitor for abuse.
  • No method is perfect, but we work to protect your data.

Children

Falsify is not for children under 16. Do not create an account if you are under 16.

Changes to this policy

We may update this policy. We will post changes here and update the date below.

Last updated: 2026-03-06

Contact

Email our DPO at dpo@falsify.app for privacy questions or requests.