know.
Last updated · May 16, 2026

Privacy Policy

This policy explains what personal data knowfeed (“knowfeed,” “we,” “us”) collects when you use our website and mobile applications (collectively, the “Service”), how we use it, who we share it with, your choices, and how to contact us. It is intended to satisfy the disclosures required by the Apple App Store, the EU GDPR, and the California CCPA/CPRA. Effective May 16, 2026.

1. Who we are

knowfeed is the data controller responsible for the personal information processed through the Service. You can reach our privacy team at privacy@knowfeed.io.

2. Data we collect

We collect only what we need to operate the Service. The categories below map to the data-use disclosures we declare on our App Store listing.

2.1 Account & identifiers

  • Email address— required to create an account and to send security and service notifications. If you sign in with Apple, we receive the email address (or Apple’s private relay address) and the stable Sign in with Apple user identifier associated with your Apple ID. We do not receive your Apple password.
  • Display name and handle — optional public identifiers shown next to your comments, collections, and follow activity. You choose them; you can change or clear them at any time in Settings.
  • Avatar color — a single hex color used to personalize your placeholder avatar. We do not store profile photos.
  • Anonymous user ID — generated on first launch so that your reading history, saves, and streak persist on the device even before you sign in.

2.2 User content (public to other users)

The items below are submitted by you and intentionally visible to other users of the Service. Treat them as public.

  • Comments and replies on facts, including any edits and the timestamps of each.
  • Comment likes you give.
  • Collections you mark public: the title, description, ordered list of facts, and the fact that you own them. Collections marked private remain visible only to you.
  • Public follows: when you follow another user, a publisher partner, a topic, or a public collection, the relationship is visible to the followed party so they know who their audience is. Follower counts may be displayed publicly.

2.3 Engagement and usage data

  • Interactions — which facts you viewed, opened, completed, liked, saved, shared, or skipped, and timestamps. Used to rank your feed, award XP, and measure editorial performance in aggregate.
  • Streak history — current streak, longest streak, and the last day you read.
  • XP events and badges earned, with timestamps.
  • Diagnostic data — crash reports, performance metrics, and basic device information (OS version, app version, device model, language). We do not collect precise location or IDFA.

2.4 Moderation data

  • If you file a report against a fact or comment, we store the report (reason, optional note), your user ID, the reported item, and the editor resolution outcome. Reports are visible only to our moderation team.
  • If a comment of yours is hidden or removed, we retain the original text and the moderation reason for audit and appeal.

2.5 Notifications

  • In-app notifications we generate for you (e.g. a reply to your comment, a new follower, a new follower on one of your collections), with read/unread state.
  • Push notification tokens.If you grant notification permission on a mobile device, we store the Expo push token issued for your device by the Expo Push Service (operated by Expo / 650 Industries, Inc.). The token is bound to your user account and device. Expo forwards our messages to Apple Push Notification service (APNs) on iOS and Firebase Cloud Messaging (FCM) on Android for final delivery. We do not send commercial or marketing push notifications — only the event-based notifications listed in section 4. You can revoke notification permission at any time in your device settings; we delete the token within seven days of revocation or sign-out.

2.6 Mailing list

If you submit your email to our pre-launch waitlist, we store the email and the page that referred you, only to notify you when the app launches in your region. You can unsubscribe at any time via the link in every email.

2.7 What we do not collect

  • Contacts, photos, microphone, camera, or health data.
  • Precise or coarse location data.
  • The iOS Identifier for Advertisers (IDFA) or any equivalent cross-app advertising identifier.
  • Information from third-party advertising networks. We do not run ads and do not include third-party advertising SDKs.

3. Sign in with Apple

When you choose Sign in with Apple, your device asks Apple to authenticate you. With your consent, Apple returns to us a stable identifier for your Apple ID and the email address you elected to share (either your real address or Apple’s private relay address). knowfeed uses Supabase Auth to verify the Apple identity token and to create or sign you into your knowfeed account. We do not receive or store your Apple password. You can revoke knowfeed’s access at any time in iOS Settings → Apple ID → Sign in with Apple; after you revoke, your account is treated as deleted under section 9.

4. How we use data

  • Provide the Service — authenticate you, sync saves, follows, collections, and streak across your devices, deliver the daily brief, run the feed, real-time comment updates, and push notification delivery for: (i) someone replying to a comment of yours, (ii) someone starting to follow you, (iii) someone following one of your public collections.
  • Improve the Service — measure which facts perform well in aggregate so editors can pick better ones; debug crashes; tune ranking.
  • Communicate with you — send transactional emails (account, security, password reset) and respond to your support requests. We send marketing email only with your explicit opt-in.
  • Partner analytics — provide each publisher partner with aggregate, de-identified performance metrics for facts they authored (views, expansions, taps to read more, partner profile views, follows and unfollows). Partners never receive your identity.
  • Protect the Service — detect abuse, spam, and policy violations.
  • Comply with law — respond to valid legal process and enforce our Terms.

5. Legal bases (GDPR)

  • Contract — to provide the Service you signed up for.
  • Legitimate interests — to keep the Service safe, measure performance, and improve it; balanced against your rights and freedoms.
  • Consent — push notifications, marketing email, and any optional analytics.
  • Legal obligation — when required by applicable law.

6. Who we share data with

We do not sell personal data and we do not share it with advertising networks. We share it only with the following categories of service providers, each under a data-processing agreement:

  • Supabase, Inc. — database, authentication, file storage, and real-time channels for live comment updates. Hosts your account row, content, and uploads.
  • Expo / 650 Industries, Inc. — Expo Push Service forwards our push notifications to APNs (Apple) and FCM (Google) for delivery. Expo receives only the push token and the notification payload (title, body, and routing metadata such as the comment or collection ID).
  • Apple Inc. (APNs) and Google LLC (FCM) — final delivery of push notifications to your device.
  • Vercel Inc. — hosts and serves the web application.
  • Email delivery provider — sends transactional email such as login links, password resets, and account notices.
  • Editorial partners — receive only aggregate, de-identified performance metrics for facts they authored. They never receive your identity, email, or comment content.
  • Other users of the Service — receive the public-by-design information described in section 2.2 (comments, public collections, follow relationships, display name, handle, avatar color).
  • Acquirers and successors — if knowfeed is involved in a merger, acquisition, or asset sale, personal data may transfer under this policy or a successor policy you are notified about.
  • Law enforcement — only in response to valid legal process, and only the minimum data required.

7. International transfers

knowfeed’s servers are operated in the European Union and the United States. When personal data is transferred from the EEA, UK, or Switzerland to a country without an adequacy decision, we rely on the European Commission’s Standard Contractual Clauses and equivalent UK/Swiss safeguards.

8. Real-time channels and presence

Some Service features (live comment threads, follower counts that update without refresh) use Supabase Realtime. Your client opens an authenticated websocket to receive updates; we do not broadcast your presence or read state to other users.

9. Data retention and deletion

We retain your account data while your account is active. You can delete your account at any time from Settings → Account → Delete account inside the app, or by emailing privacy@knowfeed.io. On deletion we remove your account row, your comments, saves, interactions, follows, collections, push tokens, and any other content tied to your identity within seven (7) days. Backups containing residual data are overwritten within thirty (30) days. We may retain a minimal audit record (user ID, deletion timestamp, and any prior moderation actions) for legal, accounting, and anti-abuse purposes for up to twenty-four (24) months.

10. Your rights

Depending on where you live, you have the right to access, correct, delete, and export your personal data; to object to or restrict certain processing; to withdraw consent; and to lodge a complaint with your local data-protection authority. California residents additionally have the rights described in the CCPA/CPRA, including the right to know, the right to delete, the right to correct, and the right to opt out of any “sale” or “sharing” of personal information — we do not sell or share personal information as those terms are defined. To exercise any right, email privacy@knowfeed.io. We respond within thirty (30) days.

11. Security

We use TLS in transit and encryption at rest, scoped row-level security in our database, principle-of-least-privilege access controls, and continuous monitoring. No system is perfectly secure; if we discover a breach of your personal data, we will notify you and the relevant authorities as required by law.

12. Children

knowfeed is not directed to children under thirteen (13), or under sixteen (16) in the EEA. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, email privacy@knowfeed.io and we will delete it.

13. Tracking and analytics

We do not track you across other companies’ apps or websites, and we do not use the iOS IDFA or any equivalent advertising identifier. Because we do not track in the App Tracking Transparency sense, the iOS ATT prompt is not shown.

14. Changes to this policy

If we make material changes, we will notify you in the app or by email at least seven (7) days before the change takes effect, and update the “Last updated” date at the top of this page. Continued use after the effective date constitutes acceptance.

15. Contact

Email privacy@knowfeed.io with any privacy question, deletion request, or complaint.

← Back to landing