What we collect
We only collect what's needed to make YourCore work:
- Account info — your name, email address, and password (stored as a secure hash, never plaintext)
- Profile info — display name, profile photo, and bio you choose to add
- Content you share — photos, videos, text posts, and comments you post inside your Cores
- Messages — direct messages and group messages within Cores
- Usage data — basic app activity (which screens you visit, when you log in) to help us fix bugs and improve performance
We don't collect your location, contacts, or anything outside the app.
How your content is stored
- All data is encrypted in transit (HTTPS/TLS) and encrypted at rest
- Your database is hosted on Neon (PostgreSQL), a secure cloud provider with enterprise-grade security
- Media files (photos and videos) are stored on Cloudflare R2, served through an authenticated proxy
- Passwords are hashed using bcrypt — we can't read them even if we wanted to
Who can see your content
Only Core members can see content shared inside a Core. Full stop.
- No public profiles — YourCore is not a public social network. There are no public feeds, no search results, no "discover" pages
- No algorithmic distribution — your posts don't get surfaced to people you didn't invite
- Media is protected — photos and videos are served through a secure proxy that verifies Core membership before allowing access. Direct media links don't work for non-members
- Core owners can see all content within their Cores
- YourCore staff can access content if required by law or to investigate a serious safety issue
No advertising. No selling. No tracking.
We do not run ads. We do not sell your data. We do not share your data with third parties for marketing purposes.
YourCore is funded by subscription revenue from users who find it valuable — not by harvesting and monetizing your personal data.
We use basic analytics (page views, usage patterns) to improve the product. This data is aggregated and anonymized.
Third-party services we use
To operate YourCore, we use a small number of infrastructure providers. These are not data brokers — they handle data only to provide their service to us:
- Neon — database hosting (PostgreSQL)
- Cloudflare R2 — media storage
- Render — application hosting and deployment
- Google / Apple — if you sign in with Google or Apple, they share basic profile info (name, email) per their OAuth policies
We do not use advertising networks, data brokers, or any third-party tracking pixels.
How long we keep your data
- Your content stays on YourCore until you delete it or leave a Core
- When you leave a Core, your posts and contributions remain visible to other members (consistent with how group spaces work)
- When you delete a post, it's removed immediately
- Account deletion removes your personal information — contact us at yourcore@polsia.app to request this
Your rights
You have the right to access, correct, or delete your personal data. We're working on self-serve tools for this — in the meantime, email us and we'll take care of it promptly:
- Data export — get a copy of all your posts, photos, and account data (coming soon as a self-serve feature)
- Account deletion — permanently delete your account and associated data (coming soon as a self-serve feature)
- Correction — update or correct your account information in Settings
Children's privacy
YourCore is not intended for children under 13. We don't knowingly collect data from children under 13. If you believe a child has created an account, contact us and we'll remove it.
Changes to this policy
If we make significant changes to this policy, we'll notify you by email or through the app before the changes take effect. The "last updated" date at the top always reflects the most recent revision.
Contact us
Privacy questions? Something unclear? Reach out:
We aim to respond within 2 business days.