Privacy Policy

Last updated: 2026-06-16

This Privacy Policy explains what information Cards (“the Service”, “we”, “us”) collects, how it is used, who it is shared with, and the choices you have. The Service is operated by Ethan Allen, an individual operating as “Statmeet” (not an incorporated entity), and is available at statmeet.com, cards.statmeet.com, and dev.statmeet.com.

If you have questions, contact us at admins@statmeet.com.

1. Who we are

Cards is a federated project-management and card-tracking application built on the AT Protocol (the network that also powers Bluesky). You sign in with an existing AT Protocol identity; we do not issue passwords.

2. Information we collect

We collect only what we need to run the Service:

Account & identity - Your AT Protocol DID (decentralized identifier) and handle. - Your display name, fetched once from your public Bluesky profile at sign-in.

Authentication data - OAuth access and refresh tokens and associated DPoP signing keys, stored server-side so the Service can act on your behalf against your Personal Data Server (PDS). - A signed session cookie in your browser to keep you logged in.

Content you create in the Service - Cards (names, details, tags, state), notes/comments, decks, workflows. - Groups you create and the DIDs of members you add. - Votes, polls, ballots, and delegations (liquid-democracy features).

Communications - If you request an invite, the email address you provide. - Feedback messages you submit, associated with your DID.

AI assistant features (optional) - An Anthropic (Claude) API key if you choose to provide one. It is stored encrypted at rest and is never displayed back to you or shared. - Your chat history with the in-app assistant and any custom system prompt you set. - When you use the assistant, your messages and the card/deck data the assistant reads to answer you are sent to Anthropic’s API for processing (see Section 4).

Developer access (optional) - MCP tokens you generate to connect external clients (e.g. Claude Desktop). Treat these like passwords; anyone holding one can access your Cards data as you.

Logs - Standard server logs containing timestamps, request/operational events, and your DID. We mask secrets (tokens, keys, passwords) in our logs.

We do not intentionally collect special-category data (health, biometrics, etc.). Please do not put such information into cards or notes.

3. How we use your information

  • To authenticate you and keep you signed in.
  • To create, display, store, and federate the content you choose to create.
  • To operate optional AI and developer features you enable.
  • To respond to invite requests and feedback.
  • To secure, debug, and maintain the Service.

We do not sell your personal information, and we do not use it for advertising.

4. How your information is shared

The AT Protocol / Bluesky network (public). When you mark a card, deck, post, or vote as federated, it is written to your PDS and published to the public AT Protocol network. Federated content is public and leaves our control. Once published it can be copied, cached, and indexed by other services, and we cannot guarantee its deletion across the network.

Anthropic (AI processing). If you use the AI chat or markup-generation features, your prompts and the relevant card/deck data are sent to Anthropic for processing, subject to Anthropic’s terms and privacy policy. If you supply your own API key, that processing happens under your own Anthropic account.

Your PDS host. Records you federate are stored on your Personal Data Server, which may be operated by Bluesky PBC or another provider you have chosen.

Service providers / infrastructure. Our hosting provider processes data on our behalf to run the Service.

Legal. We may disclose information if required by law or to protect the rights, safety, or property of users or the public.

5. How we protect your information

  • OAuth tokens are DPoP-bound (sender-constrained).
  • Stored API keys are encrypted using a key-derivation function (PBKDF2 → Fernet/AES).
  • Session cookies are cryptographically signed.
  • Secrets are masked in application logs.

No method of transmission or storage is 100% secure, so we cannot guarantee absolute security.

6. Data retention

  • Content and account data are retained until you delete them or close your account.
  • Logging out revokes your stored OAuth tokens with your provider.
  • Operational logs are retained for a limited period for security and debugging.
  • Federated content may persist on the AT Protocol network even after you delete it from the Service.

7. Your rights and choices

Depending on where you live, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. You can:

  • Delete cards, decks, notes, and other content within the app.
  • Remove your stored API key and revoke MCP tokens in Settings.
  • Log out to revoke active tokens.
  • Contact us at admins@statmeet.com to request access, export, or deletion.

We aim to respond to verified requests within the timeframe required by applicable law.

8. Children

The Service is not directed to children under 18, and we do not knowingly collect their personal data. If you believe a child has provided us data, contact us and we will delete it.

9. International users

The Service may be operated from, and data processed in, US. By using the Service you understand your information may be transferred to and processed there.

10. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by the “Last updated” date above and, where appropriate, by notice within the Service.

11. Contact

Ethan Allen, operating as Statmeet Email: admins@statmeet.com