Privacy Policy

Last updated: April 14, 2026

1. Introduction

This Privacy Policy explains how OpenThread ("we", "us", "our") collects, uses, retains, and protects your information when you use our web platform and browser/IDE extensions (collectively, "the Service"). For a code-grounded explanation of the security controls that back this policy, see our Data Security page. Where this policy describes optional integrations (analytics, CAPTCHA, object storage, search, email), the operator of this instance configures them; if a feature is not configured, we do not use it.

2. Information we collect

Account information

When you create an account we store an internal identifier, your email address, display name, username, and optionally a bio, avatar image, and banner image. If you sign in via a third-party provider (Google, GitHub, Discord), we receive your basic profile and store the OAuth provider account ID and access/refresh tokens needed to maintain the link. We also store a verification status, account status (active, banned, deleted), platform role (user, support, admin), karma scores, and an account-settings JSON document.

Content you share

We store the AI conversation threads, posts, comments, votes, bookmarks, follows, community memberships, reactions, and skill or template content you submit to the platform. Posts and comments are publicly visible by default; private and shared communities limit visibility to members.

Automatic redaction: before any post or comment is stored, we run it through an automatic redaction pipeline that strips API keys, JWTs, private keys, database connection strings, OS user paths, email addresses, public IP addresses, and similar secrets. The original, unredacted version is not retained. See the Data Security page for the full list of redaction categories.

Sessions and authentication

Each session row stores your IP address and user-agent string for the duration of the session. Sessions are deleted automatically 30 days after they expire. Cookies used for the session are httpOnly, Secure in production, and SameSite=Lax.

Usage and analytics data

We collect aggregate usage events (such as which page you viewed or which feature you used) to help us improve the Service. Each event may carry your user ID if you are signed in. The IP address attached to each event is hashed with SHA-256 and a salt that rotates daily, and only the first 16 characters of the hash are retained — this lets us detect short-term abuse patterns without storing raw IPs in the analytics database. Analytics events are deleted automatically after 90 days.

Audit log

Sensitive actions — thread import, thread export, browser/IDE extension authentication, content flagging, and account deletion — are recorded in an audit log along with the actor's IP and user-agent. Extension audit entries are deleted after 90 days; moderation entries are retained for compliance with platform policies.

Browser and IDE extensions

The OpenThread browser extension only runs on AI provider sites it is explicitly permitted to access (Claude, ChatGPT, Gemini) and on OpenThread itself. It does not collect browsing history or monitor activity on other websites. Conversation data is sent to OpenThread servers only when you choose to share it. The IDE extensions behave analogously: they run within your editor and only transmit content when you explicitly initiate a share or import.

3. How we use your information

To provide, maintain, and improve the Service
To authenticate you, manage your account, and protect against account abuse
To display your shared content to other users according to its visibility
To calculate feed rankings, karma scores, badges, and community statistics
To deliver in-app notifications about activity relevant to you
To enforce our Terms of Service and community guidelines
To investigate and respond to abuse reports and security incidents

Notification delivery: all notifications are currently delivered in-app only. Email notifications are not enabled at this time. Transactional email (account verification, password reset, account-locked alerts) is sent via SMTP if the operator has configured it; otherwise these messages are written to the server log for the operator to deliver manually.

4. Data storage and security

The primary data store is PostgreSQL. Connections to the database use TLS. Depending on how the operator has configured this instance, we may also use:

Cloudflare R2 (or compatible S3 storage) for image uploads, accessed via short-lived (10-minute) presigned URLs. Without R2, uploads are stored on the server's local disk.
Redis (e.g. Upstash) as a second-tier cache for feed queries, profile data, and search results. Without Redis, we use an in-memory LRU cache only.
Meilisearch for full-text search across posts, comments, and threads. Without Meilisearch, we fall back to PostgreSQL full-text search.
SMTP (e.g. AWS SES) for transactional email.
Cloudflare Turnstile for CAPTCHA on signup, login, and password reset.

For a code-grounded description of the security controls we apply to your data — authentication hardening, upload validation, automatic content redaction, rate limiting, security headers, and retention windows — see the Data Security page.

No method of transmission or storage is 100% secure. We take reasonable steps to protect your information, but cannot guarantee its absolute security.

5. Third-party services

The third-party processors OpenThread may rely on are listed below. Each one is optional and configured per-instance; if the operator of this instance has not configured a given service, we do not share data with it.

OAuth providers (Google, GitHub, Discord) for sign-in. We receive your email, basic profile, and the OAuth tokens needed to maintain the link.
Cloudflare R2 for image storage (when configured).
Cloudflare Turnstile for CAPTCHA (when configured). Turnstile is designed to detect automated abuse without persistent tracking.
Redis / Upstash for caching (when configured).
Meilisearch for full-text search (when configured).
SMTP provider for transactional email (when configured).
Google Analytics for aggregate usage statistics, only if the operator of this instance has configured a measurement ID. We do not use any third-party advertising trackers.

AI conversation content originates from third-party AI providers (such as Anthropic, OpenAI, Google). Sharing conversations on OpenThread is also subject to those providers' terms of service. You are responsible for ensuring you have the right to share what you post.

6. Data sharing

We do not sell your personal information. We may share your information only:

When you make content publicly available on the platform
With service providers listed in section 5 who help us operate the Service
When required by law, valid legal process, or to protect our legal rights
In connection with a merger, acquisition, or sale of assets, with notice

7. Public profile, votes, and follows

Some information is public by design. Specifically:

Your profile page shows your username, display name, avatar, banner, bio, post karma, comment karma, badges, join date, and your public posts and comments.
Your follow relationships are public — other users can see who you follow and who follows you.
Skill and template reviews you write are publicly attributed to your username, including the rating and the review text.
Your votes are private — no other user can see what you upvoted or downvoted. We use your vote only to update the score.
Moderation actions taken on your content are recorded in a community moderation log, including the moderator's identity and the reason given. Other moderators of the same community can read this log.

8. Your rights

You have the right to:

Access the personal information we hold about you
Request correction of inaccurate information through your account settings
Delete your account (see section 9 for what this actually does)
Export a snapshot of your account data (see below)
Opt out of non-essential communications

Data export: you can request a JSON export of your account through your account settings. The export currently includes:

Your profile (id, username, name, email, bio, join date, karma scores)
Your posts (id, title, post type, creation date — not the post body or thread messages)
Your comments (text, post association, creation date)
Your votes (target id, target type, value, creation date)
Your bookmarks (post id, creation date)
Your follows (followed user id, creation date)

The export does not currently include post bodies, uploaded media, OAuth provider links, notifications, sessions, or audit log entries. We are evaluating whether to expand the export in a future change. If you need a full archive of your data for any of the purposes covered by GDPR Article 20 or analogous laws, please contact us through the channels in section 12.

9. Account deletion: what is removed and what is kept

We want to be honest about what "delete my account" actually does on OpenThread. When you delete your account:

Your username, display name, email, bio, avatar, and banner are anonymized — replaced with placeholder values.
All OAuth links (Google, GitHub, Discord) and all sessions are removed immediately. You cannot sign in again after this.
Your avatar and banner image files are removed from object storage on a best-effort basis.
Your comments are kept but are de-authored — the text remains, no author is shown.
Your posts and votes are kept on the platform, attributed to the anonymized placeholder. This is intentional: removing them would damage the conversations and rankings other users participated in.
The deletion itself is recorded in the audit log.
Account deletion is not reversible. There is no grace period and no undo.

If you want a specific post or comment removed before deleting your account, delete it manually first.

10. Cookies and local storage

OpenThread uses cookies and browser local storage to maintain your session, remember your preferences, and provide essential functionality. We do not use cookies or any other technology for third-party advertising. The cookies and local-storage keys you may encounter:

openthread.session_token — your session cookie (httpOnly, Secure in production, SameSite=Lax). Required to be signed in.
Cloudflare Turnstile cookies — set only on signup/login/reset pages if the operator has configured Turnstile, used to validate that you are not a bot.
Google Analytics cookies (_ga, _gid, _gat) — set only if the operator has configured a Google Analytics measurement ID for this instance.
Theme preference — stored in localStorage in your browser, never sent to our servers.

11. Children's privacy

OpenThread is not directed at children. We do not knowingly collect personal information from anyone under 13 years of age. We do not currently operate an age verification mechanism at signup. If you are a parent or guardian and you believe a child has registered for the Service, please contact us through the channels in section 12 and we will remove the account and any associated information.

12. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be announced through the Service. Continued use after changes are posted constitutes acceptance of the updated policy.

13. Contact

For privacy questions, data export requests, parental concerns, or anything else covered by this policy, please reach out through the OpenThread community or open an issue on our GitHub repository. For security vulnerabilities, please follow the disclosure process in SECURITY.md instead — see the Data Security page for details.