Privacy Policy

Last updated: March 31, 2026

                SigmaCount was built because we believe you shouldn't have to trade your privacy for a place to connect with friends. We collect usage data to understand which features matter most and to keep the platform running, but we don't track you outside this site and we never sell your data. Period.
            

What We Collect

When you use SigmaCount, we store only what's needed to make the site work and improve it:

Account information: username, email address (used for login via AWS Cognito)
Profile information: display name, bio, and profile photo (if you choose to add them)
Content you create: posts, messages to other members
Media you upload: photos and videos, along with file metadata (size, dimensions)
Join requests: name and email submitted through the request access form
IP addresses: temporarily stored for rate limiting to prevent abuse, and automatically deleted after a short period
Usage metrics: aggregated resource consumption per account (storage used, API requests, emails sent, bandwidth) collected monthly to understand platform costs and prioritize feature development

How We Use Usage Data

We track how much each account uses the platform's resources — things like storage space, page requests, and bandwidth. This data helps us:

Understand which features are actually being used so we can focus development effort where it matters
Calculate the real cost of running the platform and keep it sustainable
Show you a transparent breakdown of what your account costs to operate

Usage data is aggregated monthly and visible to you on your usage page. It is never shared externally or used for advertising.

What We Don't Do

No tracking outside this site — we have zero presence on any other website or app
No analytics or tracking scripts — no Google Analytics, no pixels, no ad networks
No behavioral profiling or interest tracking
No fingerprinting
No data is sold to or shared with third parties, ever
No data is used for advertising of any kind

Cookies

We use a single cookie:

auth_token — a session authentication cookie, set with Secure and SameSite=Strict flags. It exists solely to keep you logged in. If you select "Remember me," it persists for 30 days. Otherwise, it expires when you close your browser.

That's it. No tracking cookies, no third-party cookies.

Email

We use Amazon SES to send transactional emails only:

Password reset links
Member-to-member messages (routed through our domain)

We will never send marketing emails or share your email address with anyone.

Where Your Data Lives

All data is stored in AWS infrastructure (DynamoDB, S3, Cognito) in a single region. Your data does not leave AWS, and we do not replicate it to third-party services.

Third-Party Scripts

The site loads two open-source libraries from the jsDelivr CDN for client-side functionality:

marked.js — Markdown to HTML conversion
DOMPurify — HTML sanitization for security

When your browser fetches these scripts, the CDN provider can see your IP address as part of standard HTTP requests. We have no control over jsDelivr's logging practices. No data about your activity on SigmaCount is sent to these services.

CloudFront

The site is served through Amazon CloudFront. Standard CDN access logs may be generated for operational and debugging purposes. These logs contain IP addresses and request paths but are not used for tracking or analytics and are not shared externally.

Account Deletion

If you want your account and all associated data removed, contact the site administrator. We will delete your Cognito account, profile data, posts, and messages. We're working on a self-service option.

Changes to This Policy

If this policy changes, we'll update the date at the top. For significant changes, we'll post a notice on the site.

Contact

Questions about this policy? Reach out to the site administrator through the messaging feature or the contact information on the admin's profile.