to sell
Your data,
on your terms.
The whole point of OurTerms is that we sit on your side of the table. That starts with not hoarding, mining, or selling you out. Here's exactly what we hold and how you get rid of it.
Last updated: July 17, 2026. OurTerms.org is operated by OpsChamp LLC. Questions about this policy? privacy@ourterms.org.
What we collect
Only what's needed to run your account and act on your instructions:
- Your account: the email address you sign up with, and your password, which is hashed inside your own browser before it's ever sent. We store only that hash (and hash it again on our end); we never see or store the naked text.
- What you're watching: the services you tell us you're on, the red lines you set, and whether you've asked us to act for you or pledged to act yourself.
- Optional extras you choose to add: in your member portal you can add things like an alternate email tied to a service or the tier you're on. Any account identifier you give us for a service is encrypted at rest.
- Your authorization or pledge: when you sign up you make an electronic signature recording the exact wording you agreed to, the date and time, and the IP address and browser you signed from. If you asked us to act on your behalf, that record is the authorization that lets us do it. It is encrypted at rest.
- Optional 2FA: if you turn on authenticator-app 2FA, we store the secret for it encrypted at rest.
- Basic security logs: the minimum needed to keep accounts safe and spot abuse.
What we deliberately do not collect:
- Your streaming passwords. We will never ask for them, and never log in as you.
- Your payment card. We won't even ask for one until the collective passes 100,000 members, and when that day comes a trusted third-party payment processor handles it. We never see or store your card number.
- Any advertising or tracking profile. There are no ad networks or data brokers wired into this site.
Why we hold it
Every piece above earns its place:
- To run your account and let you log in.
- To watch your red lines and notify you (and everyone who drew the same line) when a service crosses one.
- If you authorized it, to submit a cancellation to a service as your disclosed agent, on the record, openly identified as acting for you.
- To keep a valid record of what you agreed to, in case anyone ever questions whether an authorization was real.
- To keep the service secure.
We do not use your data to build a profile of you, to target ads, or to sell to anyone. Full stop.
Why we keep your IP address
This one deserves a plain explanation, because "we log your IP" usually means "we're tracking you." Here it doesn't. Under the federal E-SIGN Act, an electronic signature is only worth something if you can show who agreed, to what exact wording, and when. So the timestamp, IP, and browser you signed from live inside the authorization record itself, as evidence that the signature is genuine, not in some broad activity log we mine. It's there to protect you as much as us: it's the thing that lets us say, truthfully, that we are authorized by the account holder, and that stops anyone from forging an authorization in your name.
Where it lives and how it's guarded
The site and its database run on Cloudflare's platform. Your data sits in Cloudflare's D1 database. On top of that:
- Passwords are hashed in your browser before they reach us, then hashed again on our side with a random salt. We never see your actual password, and it's never stored in readable form.
- Sensitive fields, like any service account identifier and your 2FA secret, are encrypted at rest. A raw copy of the database reveals no usable passwords and no 2FA seeds.
- Everything moves over HTTPS only.
- Sessions use secure, browser-only cookies, and you can add authenticator 2FA for a second lock.
No system is perfectly unbreakable, and we won't pretend otherwise. What we can promise is that we hold little enough, and encrypt the sensitive parts, so that a bad day for us isn't a catastrophe for you.
Who we share it with
We do not sell, rent, or trade your data. Ever. A short, honest list of who else touches it:
- Cloudflare hosts the site, the database, and the domain, so it necessarily processes what runs through them, as our infrastructure provider.
- Fastmail handles our email, so if you write to us, your message lands there.
- The service you're cancelling hears from us only when you've authorized us to act, and only for the services you listed. We identify ourselves as your agent; we never pretend to be you.
- The law, only if we're compelled by valid legal process, and we'll resist demands that are overbroad or improper.
If we ever add another provider that handles your data, we'll list it here.
Cookies
We use one essential cookie to keep you logged in after you sign in. It's browser-only and can't be read by scripts. That's it. No advertising cookies, no cross-site trackers, nothing following you around the internet.
Your rights
Wherever you live, with us you can:
- See and correct your information from your member portal.
- Revoke any authorization, for a single service or your whole account, in one click. From that moment we stop acting on your behalf.
- Delete everything. "Delete my account" in the portal wipes your data immediately, like you were never here. You can always sign up again later.
Prefer to ask a human? Email privacy@ourterms.org and we'll handle it. We won't punish you or degrade your service for exercising any of these.
How long we keep it
We keep your account data for as long as your account is open. Delete the account and it's gone. We hold on to information only while it's doing one of the jobs above; when it isn't, it goes.
Children
OurTerms is for adults managing their own subscriptions. It isn't intended for anyone under 18, and we don't knowingly collect their information.
Changes to this policy
If we change how we handle your data, we'll update this page and the date at the top. If a change is significant, we'll tell you by email before it takes effect, so nothing important happens to your data behind your back.
Contact
OurTerms.org is a project of OpsChamp LLC. Reach the humans behind the privacy at privacy@ourterms.org, or for anything else, hello@ourterms.org.