PRECOG

Privacy Policy

Version 1.0 — Effective March 25, 2026

1. Information We Collect

Information You Provide

  • Phone number: Used for account creation and authentication via one-time passcode (OTP).
  • Handle and display name: Your chosen public username and optional display name.
  • Forecast submissions: Your probability assessments on questions, including all revisions and timestamps.
  • Profile information: Optional bio and avatar image.

Information Collected Automatically

  • Device identifiers: Stored as keyed cryptographic hashes, not raw values. We do not store your device ID in plain text.
  • IP address: Stored as a keyed hash for abuse detection purposes. We do not store your IP address in plain text.
  • Push notification tokens: If you opt in to push notifications, we store your Expo Push token to deliver notifications.
  • Analytics events: Anonymized usage events collected via PostHog to understand how the app is used and improve the experience.
  • Crash reports: Error and crash data collected via Sentry to identify and fix bugs.

2. How We Use Information

We use the information we collect to:

  • Authenticate your identity — verify your phone number and maintain your session.
  • Compute scores and reputation — calculate your Precog Index (PX), question-level scores, tier placement, and leaderboard standings.
  • Generate aggregate forecasts — compute the Community Read (unweighted average of all forecasts) and Signal Read (credibility-weighted aggregate) from individual forecast submissions.
  • Power leaderboards and competitions — determine Episode, weekly, and all-time standings.
  • Detect and prevent abuse — identify multi-accounting, bot activity, collusion, and other violations using hashed device/IP patterns.
  • Improve the product — analyze aggregated usage patterns to improve features and fix issues.
  • Send communications — deliver OTP codes, push notifications (if opted in), transactional emails for account events and question resolutions.

3. Information We Share

We never sell your individual forecast data to third parties.

Publicly Visible Information

  • Community Read: The aggregate (unweighted average) of all forecasts on a question. This becomes visible when 7 or more users have forecasted on a question. Individual forecasts are never shown.
  • Your profile: Your handle, display name, avatar, PX score, tier, and public track record are visible to other users.

Service Providers

We share data with the following service providers who process data on our behalf under data processing agreements:

ProviderPurposeData Shared
SupabaseAuthentication & databasePhone number, account data, forecasts
VercelHosting & serverless functionsRequest logs, function execution
ResendTransactional emailEmail address (if provided), notification content
SentryError monitoringCrash reports, device info, stack traces
PostHogProduct analyticsAnonymized usage events

[LEGAL COUNSEL REVIEW: Confirm data processing agreements are in place with all listed providers. Verify whether additional disclosures are needed for international data transfers.]

4. Data Retention

Forecast data is append-only and immutable. This is a core design requirement for scoring integrity — we must maintain the historical record of all forecasts to accurately compute scores, rankings, and reputation.

If you request account deletion:

  • Your personally identifiable information (phone number, display name, handle, avatar, bio) will be permanently removed.
  • Your historical forecast data will be anonymized (disassociated from your identity) but retained to preserve the integrity of scoring computations, aggregate metrics, and competition results.
  • Your profile will no longer appear on leaderboards or be accessible to other users.

Audit logs for administrative actions are retained per our compliance requirements.

5. Security

We take data security seriously and implement multiple layers of protection:

  • Row-level security (RLS) policies on our database ensure users can only access their own data through the API.
  • Hashed identifiers: Device IDs and IP addresses are stored as keyed cryptographic hashes, not in plain text. Raw values cannot be recovered.
  • No raw PII in abuse-detection columns: Our abuse detection system operates on hashed data only.
  • Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS.
  • Encryption at rest: Data stored in our database is encrypted at rest.

No system is perfectly secure. If you discover a security vulnerability, please report it to security@precog.gg.

6. Children

The Service is restricted to users who are at least 18 years of age. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected personal information from a minor, we will take steps to delete that information as promptly as possible.

If you believe a minor has provided us with personal information, please contact us at privacy@precog.gg.

7. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate personal data.
  • Deletion: Request deletion of your account and personal data, subject to the data retention practices described above (anonymized forecast data is retained for scoring integrity).
  • Data export: Request a machine-readable copy of your data.

To exercise any of these rights, contact privacy@precog.gg. We will respond within 30 days.

[LEGAL COUNSEL REVIEW: If users are in California, add CCPA-specific disclosures: categories of PI collected, right to know, right to delete, right to opt out of sale (we do not sell, but must disclose), non-discrimination. If EU users are expected, add GDPR data subject rights, legal basis for processing, and data protection officer contact. Determine whether a “Do Not Sell My Personal Information” link is required.]

8. SMS and Communications

  • OTP verification codes are sent via SMS when you create an account or log in. These are essential to the Service and cannot be opted out of while maintaining an account.
  • Push notifications (question results, daily drops, competition updates) are optional and can be configured in the App settings.
  • Transactional emails (account events, prize notifications, resolution alerts) are sent to the email address associated with your account, if provided.
  • We do not send marketing SMS messages without your explicit consent.
  • Standard messaging and data rates may apply to SMS messages.

[LEGAL COUNSEL REVIEW: Confirm TCPA compliance for OTP SMS. Verify that phone-based OTP authentication qualifies under the “prior express consent” exemption for transactional messages. Review whether additional consent language is needed at the point of phone number collection.]

9. Cookies and Tracking

This website (precog.gg) does not use cookies, local storage, or tracking scripts of any kind.

The Precog mobile app uses:

  • PostHog for product analytics — tracks anonymized usage events to help us understand how the app is used and improve the experience. You can opt out in the App settings.
  • Sentry for crash reporting — automatically captures error data when the app crashes or encounters an unhandled exception. This helps us identify and fix bugs.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

  • Update the version number and effective date at the top of this page;
  • Notify you through the App;
  • Require you to re-accept the updated policy for material changes before continuing to use the Service.

11. Contact

If you have questions about this Privacy Policy or want to exercise your data rights, please contact us at:

Email: privacy@precog.gg