What we collect
Account info (email, name, handle, optional bio + avatar). Anything you post (requests, applications, deliveries, messages, ratings). Payment info via Stripe + Coinbase (we never see your card number — Stripe handles it). Usage data (which pages you visit, how often) via PostHog. IP addresses for security + rate limiting.
What we don't
We don't sell your data. We don't share your messages with third parties unless legally compelled (subpoena, NCMEC reports for CSAM). We don't track you across other sites.
Third parties we use
Better Auth (identity). Supabase (database). Cloudflare R2 (file storage + CSAM scanning). Stripe Connect (fiat payments). Coinbase Commerce (crypto payments). Pusher (real-time chat). Resend (transactional email). Inngest (background jobs). Open Exchange Rates (FX). Sentry (error tracking). PostHog (analytics).
Retention
Account data lives as long as your account does. Transaction records: 7 years (tax). Audit logs: 2 years. CSAM-flagged content: preserved indefinitely per legal hold. Closed accounts are anonymized after 90 days.
Your rights
You can export your data, correct it, or delete your account. GDPR + CCPA rights apply where you live. Email support@weirdrequests.com to make a request.
Contact
Privacy questions go to privacy@weirdrequests.com. We respond within 30 days.