The short version

Your address is never stored. We use a zero-knowledge proof to verify you live in your neighborhood without recording your coordinates. We don't sell your data. We don't run ads. We collect only what's needed to run the Platform. New Jersey residents have full data rights under the NJDPA — email us to exercise them. We never disclose your data without valid legal process.

1. Information we collect

We collect the following information when you use Townhall Café: • Email address — used for authentication and account communications • Display name — chosen by you during signup • Neighborhood selection — the neighborhood you choose during onboarding • Location signal — used once during onboarding to detect nearby neighborhoods, then immediately discarded from our systems. Your exact coordinates are never stored on our servers. • Zero-knowledge residency proof hash — a cryptographic commitment generated on your device that proves neighborhood membership without revealing your address (see Section 4) • Posts, civic issues, votes, and comments you submit to the Platform • Device type and browser — for technical compatibility and abuse prevention • Timestamps of account activity — for security and integrity purposes

2. Information we do not collect

We do not collect or store: • Your home address or street-level location • Your GPS coordinates after the initial neighborhood detection — they are processed on your device and discarded • Payment information (the Service is currently free) • Information from third-party social networks or data brokers • Persistent location tracking after onboarding is complete • Information from users under 18 years of age

3. How we use your information

We use the information we collect to: • Provide and operate the Service • Verify neighborhood residency using zero-knowledge proofs • Send account-related emails (confirmation, password reset, material policy changes) • Display your posts and civic activity to other verified residents of your neighborhood • Detect and prevent abuse, spam, and fraudulent residency verification • Generate aggregate, anonymized analytics about Platform activity (individual users are not identified in analytics) • Improve the Platform based on usage patterns We do not sell, rent, or trade your personal information. We do not use your information for targeted advertising.

4. Zero-knowledge residency proofs

Our residency verification uses zero-knowledge (ZK) cryptography. During onboarding, a Groth16 ZK proof is generated directly on your device that mathematically confirms your GPS coordinates fall within your selected neighborhood boundary. Only the proof commitment hash — not your coordinates — is sent to and stored on our servers. This means we can verify you are a resident without ever knowing your address. The nonce used to generate the commitment hash is never transmitted and remains only in your browser session. Important: The ZK proof verifies that the coordinates you provided fall within a neighborhood boundary. It cannot independently confirm whether those coordinates were accurate or truthful. Submitting false location data to obtain a fraudulent residency proof is a violation of our Terms of Service. If you are unable to complete GPS-based verification due to a device limitation, disability, or technical barrier, contact hello@townhallcafe.org to request an alternative verification process.

5. AI-assisted civic content

Townhall Café's civic engine generates AI-assisted summaries ("Concern Cards") from publicly available government records, including municipal meeting minutes, council vote records, permit filings, and 311 service data. This content is created by the Platform based on official public records, not by individual users. Concern Cards are provided for informational purposes only. They do not constitute legal advice, official government records, or a complete account of any proceeding. Records are derived from public sources and may not reflect the most current official record at the time of viewing. The Platform makes reasonable efforts to anchor all factual claims to source documents, and displays source attribution and timestamps on civic content. For authoritative records, consult the relevant municipality directly or submit an OPRA request to the applicable New Jersey public agency.

6. Information sharing and third parties

We do not sell, rent, or share your personal information with third parties for marketing purposes. We share information only in these limited circumstances: • Supabase (database and authentication provider) — processes your data on our behalf under a Data Processing Agreement. Supabase is required to notify us immediately of any security incident affecting your data. • Vercel (hosting provider) — hosts the Platform under a data processing agreement; does not access user content. • Anthropic (AI service provider) — our civic engine sends the text of publicly available government records (meeting minutes, agendas, permit filings, and public 311 reports) to Anthropic's API to generate the AI-assisted Concern Card summaries described in Section 5. These public records may incidentally name individuals who appear in them (for example, a zoning applicant or a meeting speaker). We do NOT send your Townhall Café account information, email, posts, votes, or residency data to Anthropic. Anthropic processes this content as a service provider and does not use it to train its models under our commercial terms. • Nominatim / OpenStreetMap — receives a one-time geocoding request during onboarding to reverse-geocode your location to a neighborhood. No personal identifiers are sent. • SeeClickFix — the Platform reads public 311 civic data from the SeeClickFix public API. No user data is sent to SeeClickFix. • NOAA / National Weather Service — the Platform reads public weather alert data. No user data is transmitted. • Legal compliance — if required by law, valid court order, or government request (see Section 16 for our legal process policy) • Safety — to protect the rights, property, or safety of Townhall Café, our users, or the public

7. Global Privacy Control (GPC) signals

As required by the New Jersey Data Protection Act (NJDPA, effective January 15, 2025), Townhall Café recognizes Global Privacy Control (GPC) browser signals as a valid opt-out of profiling and any sale of personal data. If your browser transmits a GPC signal, we will treat it as an opt-out request for profiling based on your neighborhood, civic behavior, or activity patterns. You do not need to submit a separate opt-out request if your browser sends a GPC signal. The Platform recognizes GPC signals at the middleware layer and records the opt-out for your session. If you believe your GPC signal is not being recognized, please contact hello@townhallcafe.org and we will investigate.

8. Your rights under the New Jersey Data Protection Act

If you are a New Jersey resident, you have the following rights under the NJDPA (N.J.S.A. 56:8-161 et seq.), effective January 15, 2025: • Right to access — request a copy of the personal data we hold about you • Right to correct — request correction of inaccurate personal data • Right to delete — request deletion of your personal data (applies whether you or we initiate account termination) • Right to data portability — receive your personal data in a portable, machine-readable format • Right to opt out of profiling — opt out of profiling based on your neighborhood, activity, or civic behavior patterns • Right to opt out of data sale — we do not sell your data; this right is honored by default • Right to opt out of targeted advertising — we do not run targeted advertising; this right is honored by default How to exercise your rights: Email hello@townhallcafe.org with subject line "NJ Privacy Rights Request" and describe your request. We will respond within 45 days. Opt-out requests (profiling, sale, advertising) are processed within 15 days as required by NJDPA. We will not discriminate against you for exercising any of these rights. These rights apply to all users. Users in other states with applicable privacy laws (including California CCPA/CPRA) may also have similar rights and may use the same contact process.

9. Children's privacy

The Service is not directed to children under 18 years of age. We do not knowingly collect personal information from anyone under 18. If you believe a child under 18 has created an account or provided us with personal information, contact hello@townhallcafe.org immediately and we will delete the information and terminate the account without delay. We comply with the Children's Online Privacy Protection Act (COPPA), which applies to children under 13. We do not knowingly collect data from children under 13 under any circumstances.

10. Data retention and deletion

Account data: We retain your account information and personal data for as long as your account is active. User-initiated deletion: If you request account deletion by emailing hello@townhallcafe.org, we will delete your personal data within 30 days of your request. Posts and civic contributions may be anonymized rather than deleted to preserve neighborhood discussion history, unless you request full content removal. Platform-initiated termination: If we suspend or terminate your account, you retain the right under the NJDPA to request deletion of your personal data. Termination does not forfeit your deletion rights. Submit a request to hello@townhallcafe.org within 90 days of termination. Legal hold: Records of content violations, NCII reports, or other compliance-related data may be retained for legal compliance purposes for up to 3 years after account closure or the minimum period required by applicable law, whichever is longer. ZK proof hashes: Residency proof commitment hashes are deleted upon account deletion. Because hashes cannot be reverse-engineered to reconstruct your coordinates, deletion of the hash fully removes the residency record.

11. Security and breach notification

We use industry-standard security measures including: • Encrypted connections (HTTPS/TLS) for all data in transit • Row-level security (RLS) on all Supabase database tables, so each user can access only their own data • Zero-knowledge proofs for residency verification — your address is never on our servers • Access controls limiting who on our team can access user data No system is completely secure. If you believe your account has been compromised, contact hello@townhallcafe.org immediately. Breach notification: If we experience a security incident involving your personal data, we will comply with the New Jersey Data Breach Notification Law (N.J.S.A. §56:8-163): • We will notify the NJ Division of State Police and, where required, notify you without unreasonable delay and within 30 days of discovering the breach. • For breaches affecting our Platform as a social media or online communication service, notification will occur within 7 days. • If 1,000 or more NJ residents are affected, we will also notify consumer reporting agencies as required by law.

12. Cookies

We use only essential cookies required for authentication, session management, and security. We do not use tracking cookies, advertising cookies, or third-party analytics cookies that identify individual users. Essential cookies we use: • Session authentication cookie (Supabase auth) — required to keep you logged in • CSRF protection token — required for form security You may disable cookies in your browser settings, but doing so will prevent you from logging in to the Service.

13. Third-party links and integrations

The Platform may display links to external government websites, municipal resources, or public data sources. We are not responsible for the privacy practices of those external sites. When you click an external link, you leave the Platform and your activity is governed by that site's privacy policy. Third-party services integrated into the Platform (Supabase, Vercel, Anthropic, Nominatim, SeeClickFix, NOAA) are described in Section 6. We do not have data-sharing relationships with any other third-party services.

14. Government data and public records

The civic engine ingests publicly available government data from New Jersey municipalities, including meeting agendas, council minutes, vote records, permit filings, and public 311 service request data. This data is sourced from public records consistent with New Jersey's Open Public Records Act (OPRA, as amended by P.L. 2024, c.16). No personal data you provide to Townhall Café is shared with government agencies as part of the civic engine's data pipeline. The civic engine processes only publicly available government-generated records — not user data. As described in Section 6, the text of these public records is processed by our AI service provider (Anthropic) to produce summaries; your account and personal data are never included in that processing.

15. Nonconsensual intimate imagery (NCII)

Townhall Café prohibits nonconsensual intimate imagery (NCII) and complies with the federal TAKE IT DOWN Act (FTC platform enforcement effective May 19, 2026). If NCII is reported to us at ncii@townhallcafe.org, we will remove confirmed content within 48 hours and make reasonable efforts to identify and remove identical copies. We do not store or retain NCII as part of any data inventory. Accounts that post NCII are permanently terminated. See Section 9 of the Terms of Service for the full removal process.

16. Legal process and subpoena policy

If we receive a subpoena, court order, or other legal demand for your account information, we will: • Review the demand for legal sufficiency before complying • Notify you before complying where legally permitted and where we have contact information for you, so you may seek a protective order or other relief • Challenge overbroad, abusive, or procedurally defective demands • Assert protections available under the New Jersey Anti-SLAPP Act (P.L. 2023, c.155) where your civic speech is the subject of the demand We will not disclose your personal information or account data to third parties in response to informal requests, non-binding notices, or private-party pressure without valid legal process. To serve legal process on Townhall Café, email hello@townhallcafe.org with subject line "Legal Process."

17. Changes to this policy

We may update this Privacy Policy from time to time. We will notify registered users by email of any material changes at least 14 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

18. Contact

For privacy questions, data access requests, or to exercise your rights under the NJDPA: Email: hello@townhallcafe.org Subject line: "Privacy Request" or "NJ Privacy Rights Request" For NCII removal: Email: ncii@townhallcafe.org We aim to respond to all privacy inquiries within 5 business days and to complete data rights requests within the statutory deadlines described in Section 8.