What we collect
Account data (name, email, password hash), submission data the producer's form collects, vote metadata (with only SHA-256 hashes of IPs, never raw), activity events you've opted into, payment metadata (Stripe holds the card number; we don't), and diagnostic info attached to feedback / bug reports.
We do not sell your personal information, ever, and we don't run third-party advertising trackers.
Cookies + consent
Strictly-necessary cookies (auth session, CSRF, the consent record itself) are always on. Analytics + Marketing are off until you opt in via the cookie banner. The "Cookie settings" link in every footer re-opens the banner. We honor Global Privacy Control (GPC) and Do Not Track (DNT) as opt-out signals automatically.
Full breakdown at /cookies.
Data-subject rights
Whether you're in the EU, UK, California, Brazil, Canada, Australia, Nigeria, South Africa, Japan, or any other covered jurisdiction, you have the right to:
- Access the data we hold about you
- Correct inaccuracies
- Delete your data ("right to be forgotten")
- Port your data in a structured format
- Restrict or object to specific processing
- Withdraw consent
- (California) Opt out of any sale or share — we don't do either, but you can pre-register the preference.
Submit a request at /privacy/request. We'll email you a verification link, then process within 30 days (GDPR / UK GDPR / LGPD), 45 days (CCPA), or sooner where required.
CCPA "Do Not Sell or Share"
/privacy/do-not-sell — opt-out form for California residents. Also honored for Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, Iowa, Tennessee, Indiana, Delaware, New Jersey.
AI use
Producers can opt in to AI-assisted features (eligibility checks, judge briefs, polish, plagiarism detection, fraud detection, ceremony co-pilot). Prompts are processed under Anthropic's zero-retention, no-training policy. Decisions that significantly affect a person are never made by AI alone — see /legal/ai-disclosure.
Breach notification
If we suffer a personal-data breach affecting your data, we'll notify you and (where applicable) the relevant supervisory authority within 72 hours of becoming aware (GDPR Art 33–34) and U.S. state breach laws.
Sub-processors
Always-current list at /subprocessors. Anyone using Aclamos can subscribe to advance-notice emails when we add or change a sub-processor (≥30 days' notice).
Vulnerability disclosure
Security researchers — see /security/disclosure and /.well-known/security.txt. We extend safe harbor to good-faith research conducted within scope.
TCPA / SMS
If a Ballotis ballot collects phone numbers (for OTP), the consent disclosure appears at the point of capture. Reply STOP to unsubscribe.
Contact
privacy@aclamos.app for any privacy question. EU representative at eu-rep@aclamos.app; UK rep at uk-rep@aclamos.app.