poke.community
Sign in

Privacy Policy

This notice explains how we process personal data when you visit or use poke.community.

Data Controller

Nils Reichardt Agency

Grimmstr. 33

40235 Düsseldorf, Germany

Email: hi@poke.community

Overview

poke.community is a community hub where registered members can publish, discover, and vote on automations built with Poke. We operate the service in the European Union using Supabase (EU project region) for authentication and data storage and deploy the website on Vercel.

Personal Data We Process

  • Account details. When you register or sign in we process your email address and password credentials through Supabase. We synchronise your Supabase user ID, email address, and optional name, avatar, or bio to the public profile table.
  • Community submissions. When you submit or edit an automation we store the content you provide (title, summary, description, prompt, tags) together with your user ID and timestamps.
  • Interaction data. We record votes that you cast on automations and the notification preferences you set (e.g. “new automation” or “trending roundup” emails).
  • Communication data. If you opt into email notifications, we share your email address with our email provider Resend to deliver announcements and digests. When you contact us by email we process the contents of your message.
  • Technical logs. Our hosting provider Vercel automatically collects request metadata such as IP address, browser information, and timestamps for security and performance monitoring. Supabase also records audit logs for authentication events.

We do not run analytics or advertising trackers. Cookies are only set when required for Supabase authentication.

Purposes and Legal Bases

  • Provide the service. We process account, submission, and interaction data to operate the community platform, authenticate users, display automation content, and maintain leaderboards (Art. 6(1)(b) GDPR – performance of a contract).
  • Send community updates. We deliver opt-in announcement and digest emails via Resend based on your preferences (Art. 6(1)(a) GDPR – consent, which you can withdraw at any time in Settings or by contacting us).
  • Security and abuse prevention. We use technical logs to troubleshoot issues, prevent misuse, and secure our infrastructure (Art. 6(1)(f) GDPR – legitimate interests).
  • Legal obligations. We may retain data where necessary to comply with statutory retention duties or requests from authorities (Art. 6(1)(c) GDPR).

Recipients and International Transfers

  • Supabase. We host our database and authentication with Supabase. The project is configured in an EU data region. Supabase acts as our processor and stores user profiles, automations, votes, and subscription preferences on our behalf.
  • Vercel. The web application is deployed on Vercel, which may process request metadata and generated content when serving pages. Vercel relies on Standard Contractual Clauses (SCCs) for any transfers outside the EU/EEA.
  • Resend. We use Resend to send community emails. Resend processes recipient email addresses and message content and applies SCCs for transfers to the United States.

Where providers transfer data outside the EU/EEA we rely on contractual safeguards such as the European Commission’s Standard Contractual Clauses and, where necessary, additional protective measures.

Data Retention

  • Account and profile data remain active until you request deletion of your account.
  • Automation submissions, votes, and public profile information stay published until you edit or remove them or until we delete them to enforce our Terms of Service.
  • Notification preferences are retained until you unsubscribe or delete your account.
  • Support correspondence is kept for as long as required to resolve your request and to comply with statutory obligations.
  • Hosting and access logs are typically retained by Vercel for up to 30 days; Supabase authentication logs follow Supabase’s default retention periods.

Security Measures

We use TLS encryption in transit, restrict access to Supabase with role-based permissions, and apply Supabase row level security policies to ensure that users can only manage their own data. Service secrets are stored in environment variables managed by Vercel.

Your Rights

Under the GDPR you have the right to access, rectify, erase, or port your data, to restrict or object to certain processing, and to withdraw consent at any time. You can update your subscriptions in Settings and request further changes or deletion by contacting us at hi@poke.community.

You also have the right to lodge a complaint with the competent supervisory authority. For our establishment in Germany this is the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW).

Automated Decision-Making

We do not carry out automated decision-making or profiling that produces legal effects concerning you.

Changes to This Policy

We may update this privacy policy to reflect technical or legal changes. Significant changes will be announced on this page. The most recent version is always available at /privacy.

Privacy Policy — poke.community — poke.community