Effective July 5, 2026

Privacy Policy

EcoDues (“we,” “us,” or “our”) is operated at ecodues.org. This policy explains what data we collect, why we collect it, who processes it, and what rights you have.

Data we collect

Account credentials

When you sign up with email and password, your credentials are managed by Supabase Auth — we never see your raw password. If you sign in with GitHub or Google OAuth, we receive only the profile information those providers expose (email address and display name). We store your display name so we can address you in emails.

AI usage records

We store the usage data you log or that we pull from connected provider APIs: provider name, model name, token counts, estimated spend, and the billing period. This is the core data that drives our emissions estimates and donation suggestions.

Provider API keys

If you connect an AI provider by pasting an API key, that key is encrypted at rest using AES-256-GCM before being written to the database. The key is decrypted only when we need to fetch your monthly usage totals from the provider’s API, and is never logged or transmitted elsewhere.

Subscription tier

If you select a consumer subscription plan (e.g., ChatGPT Plus) instead of connecting an API key, we store that tier selection so we can apply the correct monthly token estimates.

What we do not collect

  • We never receive your payment card details or bank information. Donations go directly to PayPal Giving Fund or Every.org under their terms — EcoDues is never in the payment flow.
  • We do not run third-party advertising or sell your data to any third party.
  • We do not track your browsing behavior across other sites.
  • We do not read the content of your AI conversations — only token counts and spend figures.

Infrastructure and subprocessors

SubprocessorRoleData region
SupabaseDatabase and authenticationUS (AWS us-east-1)
VercelHosting and edge computeUS / global edge
ResendTransactional email deliveryUS
PayPal Giving Fund / Every.orgDonation checkout (you transact with them directly)Their own infrastructure

Emails we send

We send transactional emails via Resend: monthly usage recaps, donation-ready notifications when your offset tab clears a charity’s minimum, quarterly summaries, and API key error alerts. We do not send marketing emails. You can opt out of usage and donation emails at any time from Settings in your account, or via the unsubscribe link included in any email we send.

Data retention and deletion

Your data is retained for as long as your account is active. You can delete your account at any time from Settings, which removes your profile, usage records, emission estimates, donation ledger entries, and any stored provider connections (including encrypted API keys) from our database. Alternatively, email us at real.jamesmsmith@gmail.com and we will delete your data within 30 days.

Security

Provider API keys are encrypted with AES-256-GCM using a server-side key before being stored. All data in transit is encrypted via TLS. Database rows are protected by row-level security (RLS) policies — users can only read and write their own data. Supabase Auth handles password hashing; we never store plaintext passwords.

Contact

Questions about this policy? Email real.jamesmsmith@gmail.com. Site: ecodues.org.