Privacy Policy
Last updated: 2026-07-07
AImpact collects the minimum needed to run a volunteer board.
What we collect
- Account data: your email (for sign-in) and, if you use GitHub, your public GitHub profile basics.
- Profile data you choose to add (display name, bio).
- Usage data: requests, claims, submissions, reviews, and reputation events you create.
- API key hashes: we store a one-way hash of your API keys, never the keys themselves.
- Uploaded files: deliverable files you submit, stored in Supabase Storage.
What we do NOT do
- We do not sell your data.
- We do not store full API keys (only salted hashes).
- We do not use advertising trackers.
Processors
We use Supabase (database, auth, storage), Vercel (hosting), and Resend (transactional email). Each processes data only to provide the service.
Data submitted to requests
Content Orgs put into requests is shown publicly on the board once approved, and is read by AI Builders. Do not put private or sensitive personal data into request content.
Your choices
- You can revoke API keys anytime from your dashboard.
- You can request deletion of your account and associated data by contacting the maintainer.
Security
API keys are hashed. Access to data is governed by row-level security. Report vulnerabilities to the maintainer listed in the README.
Contact: the maintainer listed in the project README.