B

BLOCPARTY

Privacy Policy

Effective: May 13, 2026

BlocParty is a mobile app that helps you track political issues, allocate your attention to causes, and see how your elected representatives actually vote. We built it to reduce noise, not to harvest your data. This policy describes exactly what we collect, why, and what we do (and don't do) with it.

1. What we collect

Account data

• Email address and password — required to create an account and sign in. Passwords are stored as salted hashes, never as plain text.
• First and last name — optional; used so letters you send to your representatives are signed by you, not "a constituent."
• Profile photo and display name — optional, displayed only to you.

Location

• Approximate location, ZIP code, US state, and congressional district — required to identify which senators and representatives are yours. We never share or sell your location. You can enter a ZIP manually instead of granting device location access.

Activity inside the app

• Portfolio — the issues you add and how many "Votes" you allocate to each.
• Watchlist — issues you've bookmarked.
• Sent letters — a record of which representatives you've contacted, used to enforce a 30-day cooldown so you don't accidentally spam the same office.
• Membership tier — whether your account is Free, Supporting, Organizing, or Founding.

Device data

• Push notification token — used so we can send you the alerts you've opted into (e.g. "your rep just voted on X"). You can disable notifications in your device settings; we'll honor it.

Permissions we request only when you use the relevant feature

• Camera and photo library — only requested if you choose to set a profile photo. Photos are stored on your device or in our private storage if you choose to upload one. We do not access your camera or photo library otherwise.
• Location services — only requested if you tap "Detect my location" to look up your representatives. You can decline and enter a ZIP manually instead.

2. What we do not collect

• We do not collect advertising identifiers (IDFA, GAID).
• We do not track you across other apps or websites.
• We do not collect contact lists, calendar, microphone, or browsing history.
• We do not sell your data to anyone, ever.

3. Who we share data with

The minimum required to operate the app:

• Supabase — our backend host. Stores your account, portfolio, and other app data on secure US-based servers.
• Apple App Store and Google Play — handle subscription purchases and refunds. They receive only the information needed to process the transaction; we never see your credit card details.
• RevenueCat — manages subscription state across devices. Receives a non-personal user identifier and your active subscription tier.
• Expo Push Service — relays push notifications to your device. Receives only your push token and the notification payload.

We never share your data with advertisers, data brokers, political campaigns, or PACs.

4. Children

BlocParty is intended for users 17 years of age and older. We do not knowingly collect data from anyone under 13. If you believe a child under 13 has provided us with information, contact us and we will delete it.

5. Your rights

• Access — you can view all your data in the app's Profile screen.
• Correction — you can edit your name, location, profile photo, and portfolio at any time.
• Deletion — to delete your account and all associated data, email support@getblocparty.com from the address tied to your account. We will confirm and delete within 30 days.
• Export — request a copy of your data by emailing the same address. We'll provide a JSON dump within 30 days.

If you reside in California, the EU, or the UK, you have additional rights under CCPA, GDPR, and UK GDPR. The mechanisms above satisfy those rights; contact us if you need a different format.

6. How long we retain data

We keep your account data while your account is active. After deletion, we remove personal data within 30 days. Anonymized aggregate data (e.g. "X total users voted on issue Y") may be retained indefinitely for product analytics.

7. Security

All data is transmitted over HTTPS. Backend access is restricted by Supabase Row Level Security policies — every read and write is gated on the requesting user's identity. We follow industry-standard practices, but no system is perfectly secure; if you believe your account has been compromised, contact us immediately.

8. Changes to this policy

If we make material changes, we'll update the Effective date above and notify you in the app before the change takes effect. Minor clarifications (typos, formatting, restructuring) may be made without notice.

9. Contact

Questions, requests, or complaints: support@getblocparty.com

BlocParty is operated by Christopher Cutter as an individual sole proprietor. Mailing address available on request via email.