Privacy Policy

Last updated: May 3, 2026

This Privacy Policy describes how Popular POEM (“we,” “us,” or “our”) collects, uses, and shares information when you use our website at popularpoem.com (the “Service”). By using the Service you agree to the practices described here.

1. Information We Collect

Account information

When you create an account we collect your email address and a hashed password. We do not collect your name.

Humanness verification

To post messages you must complete humanness verification through our third-party provider, Didit. Didit captures a selfie of your face directly in your browser and runs a passive liveness check to confirm that a real person is present. We do not receive or store the selfie itself. From Didit we receive only: (a) a verification decision (approved, declined, in review, etc.), (b) when applicable, a classification of why a decline occurred (e.g., “duplicate face” or “liveness failed”), and (c) a list of any other Popular POEM accounts whose previously-captured face matched yours during 1:N face search (see §5). Didit derives a numerical face-recognition fingerprint from your selfie and stores that fingerprint in their face-search index to enforce our one-account-per-person rule (see §4 and §5).

Payment information

Subscription payments are processed by Stripe. We do not receive or store your card number or full billing details. Stripe provides us with a customer ID, subscription status, and subscription dates.

Verification metadata

For each account we store: your verification status (approved, pending, declined, etc.), the count of verification attempts you have made, the Didit session identifier of your most recent attempt, the classified decline reason (if your most recent attempt was declined), and — if a previous verification attempt was declined as a duplicate — the internal account IDs of any other Popular POEM accounts whose face Didit determined matched yours.

Usage data

We store whether you have posted today (posted_today), your current posting streak count, and your language preference.

IP address and location

We collect your IP address for rate limiting, abuse detection, and to detect your approximate country for initial language assignment, user interface functionality, and for statistics

All IP geolocation is performed with a local database (DB-IP); your IP address is not sent to any external service for these lookups.

Cookies

We use the following cookies:

  • Session cookie — keeps you logged in during your visit.
  • CSRF token — a security cookie that protects form submissions from cross-site request forgery.
  • Language preference — remembers your chosen display language across visits.

We do not use advertising cookies or cross-site tracking cookies.

2. How We Use Your Information

  • To operate and maintain your account
  • To verify that you are a real, unique individual (one account per person)
  • To process subscription payments
  • To enforce daily posting limits and track streaks
  • To attribute message contributions to your country in the public country-distribution charts on each poem
  • To display the Service in your preferred language
  • To protect the Service against abuse, fraud, and automated attacks
  • To send transactional emails (account verification, password reset, subscription receipts)

3. How Messages Are Handled

Popular POEM is a dynamic art installation. When you submit a message, it is processed and its contribution is folded into a shared poem. Private messages are destroyed immediately after processing. The resulting public poem lines are convolutions of many contributions and cannot be attributed to or deconvolved into any individual message. Public poem content persists indefinitely until overwritten.

Each private message carries a country tag derived from your IP address (see §1). After processing, the message itself is destroyed; only an aggregated count per (poem, line, country) is retained, used to render the country-distribution chart visible when a poem line is selected.

4. Biometric Data Consent

The face-recognition fingerprint derived from your verification selfie is biometric data under the EU General Data Protection Regulation (Art. 9), the Illinois Biometric Information Privacy Act (BIPA), the Texas Capture or Use of Biometric Identifier Act (CUBI), the Washington Biometric Privacy Act, and similar laws.

By proceeding with humanness verification, you affirmatively consent to:

  1. The capture of your selfie by Didit for the purpose of liveness detection and face-fingerprint derivation.
  2. The derivation of a numerical face-recognition fingerprint from that selfie by Didit.
  3. The storage of that fingerprint by Didit in the face-search index that they maintain for this application for the duration of your account, used solely to detect duplicate Popular POEM accounts.
  4. The matching of that fingerprint against the fingerprints of all previously-verified Popular POEM accounts.

You may withdraw this consent at any time by deleting your account (see §13), which causes the fingerprint to be removed from Didit's face-search index. Withdrawing consent prevents you from posting messages on the Service, because humanness verification is a prerequisite to posting.

We do not sell, lease, trade, or profit from biometric data. We do not use it for any purpose other than the duplicate-account detection described in §5.

5. One Identity Per Account

Our verification provider, Didit, derives a face-recognition fingerprint (a numerical vector representation of your face) from the selfie you submit during verification and stores it in a face-search index scoped to our application. When a new account attempts verification, Didit compares the new selfie against every previously-enrolled fingerprint in our application's index. If a match is found, the new attempt is automatically declined and the matched account's internal ID is recorded against your account for support and abuse-investigation purposes (see §1, Verification metadata). We do not store biometric data ourselves; the fingerprints are held solely by Didit, our data processor for biometric verification.

6. Automated Decision-Making

The decision to approve or decline a verification attempt is made automatically by computer systems operated by Didit, with no human in the loop unless you request review. The decision is based on:

  • Liveness detection — computer vision determines whether the person presenting the selfie is physically present (rather than a photograph, screen, or generated image).
  • Face matching (1:N) — the numerical face fingerprint derived from your selfie is compared against the fingerprints of all previously-verified Popular POEM accounts to detect duplicates.

If your verification is automatically declined and you believe the decision was incorrect, you may request a human review by contacting contact@popularpoem.com. We will manually review the decision in light of any additional information you provide.

7. Third-Party Services

We share data with the following third parties as necessary to operate the Service:

  • Stripe — payment processing. Stripe receives your email address (display form), the country detected from your IP at checkout for tax/pricing purposes, your card and billing details (entered directly into Stripe-hosted form fields and never seen by us), and an internal account identifier we pass in their metadata field for reconciliation. Stripe returns a customer ID, subscription status, and subscription dates. See stripe.com/privacy.
  • Didit — humanness verification. Didit retains data in the European Union by default. See §1, §4, and §5 for the substantive disclosure of what we receive from Didit and how we treat it. See didit.me/legal/privacy-policy.
  • Google reCAPTCHA v3 — invisible bot detection on signup and contact forms. Google collects behavioral signals from your browser to distinguish humans from bots. See policies.google.com/privacy. By using these forms you are subject to Google’s Privacy Policy and Terms of Service.
  • Resend — our SMTP email provider delivers transactional emails on our behalf.
  • jsDelivr CDN — delivers Bootstrap CSS/JS and the Hack font from cdn.jsdelivr.net. Your browser connects to jsDelivr when loading these assets. See jsdelivr.com/privacy-policy-jsdelivr-net.

We do not sell your personal information to any third party.

8. International Data Transfers

Our payment processor (Stripe) is headquartered in the United States; our verification processor (Didit) primarily processes data within the European Union. Both rely on the legal mechanisms required by the GDPR for any extra-EEA processing — for Stripe, the EU-US Data Privacy Framework and Standard Contractual Clauses; for Didit, the Standard Contractual Clauses with any sub-processors. The applicable contracts are part of each processor's publicly-available data processing agreement; see the links in §7.

9. Data Retention

  • Account data — retained while your account is active. Deleted upon request (see §13 below).
  • Private messages — destroyed immediately after processing. Not stored.
  • Verification result — Didit retains the face-recognition fingerprint derived from your selfie in their face-search index while your account is active; on declined or expired verification attempts, Didit also deletes the originating session including the raw selfie.
  • Subscription records — retained for as long as legally required for financial record-keeping.
  • Unverified accounts — accounts that have not verified their email address are automatically deleted after 30 days.

10. Security Measures

We protect your personal data with the following technical and organizational measures:

  • Encryption in transit. All communication between your browser and the Service is forced to TLS; session and CSRF cookies are marked secure.
  • Hashed passwords. Passwords are stored using a strong, salted, slow one-way hashing algorithm. The plaintext is discarded after hashing and never logged.
  • Encryption at rest. Our hosting provider encrypts the database storage volume with AES-256.
  • Optional multi-factor authentication. You may (and are strongly encouraged to) enable a TOTP-based second factor (e.g., Google Authenticator) on your account from your account settings.
  • Rate limiting and abuse detection. We limit the rate at which sensitive endpoints (signup, login, humanness verification) can be invoked from a single IP address.
  • Webhook signature verification. Inbound webhooks from Stripe and Didit are cryptographically signed; we reject any webhook whose signature does not validate.

No security measure is perfect. If we discover a breach affecting your data, we will notify you and the relevant supervisory authorities within the timeframes required by applicable law.

11. Legal Bases for Processing

For users in the European Union, the United Kingdom, or other jurisdictions covered by the GDPR, we process your personal data on the following legal bases:

Processing purpose Legal basis
Operating your account; processing subscription payments; sending transactional emails Performance of a contract (Art. 6(1)(b))
Humanness verification, including biometric processing Your explicit consent (Art. 9(2)(a)) — see §4
Rate limiting, fraud prevention, security Our legitimate interests (Art. 6(1)(f))
Country attribution for the public per-country charts Our legitimate interest in providing the Service's intended functionality (Art. 6(1)(f)). You may object on grounds related to your particular situation — see §12.
Retention of subscription records for tax / financial compliance Compliance with a legal obligation (Art. 6(1)(c))

12. Your Rights

Depending on where you live, you may have the following rights regarding your personal data:

  • Access — to know what personal data we hold about you and obtain a copy.
  • Rectification — to correct inaccurate or incomplete data.
  • Erasure (“right to be forgotten”) — to have your data deleted (see §13).
  • Restriction — to limit how we process your data.
  • Data portability — to receive your data in a portable format and have it transmitted to another service (under GDPR).
  • Objection — to object to processing based on our legitimate interests, including the country-attribution use described in §1 and §11.
  • Withdraw consent — to withdraw any consent you have given (e.g., biometric consent), at any time.
  • Non-discrimination — we will not discriminate against you for exercising your rights (under CCPA).
  • Lodge a complaint — to lodge a complaint with your local data protection supervisory authority. EU residents may also contact the supervisory authority of the country where Didit is established.

To exercise any of these rights, contact us at contact@popularpoem.com. We will respond within 30 days. Note that erasure does not affect public poem content, which is aggregated into non-personal-data form during processing and cannot be deconvolved or attributed back to you.

13. Account Deletion

You may request deletion of your account and associated personal data at any time by emailing contact@popularpoem.com. On receipt of a verified request we will, within 30 days:

  1. Scrub the raw verification webhook payloads we have stored, removing all per-attempt verification metadata.
  2. Cancel and delete your subscription customer record at Stripe.
  3. Enumerate and delete every verification session for your account at Didit, including any cached selfies still within Didit's retention window.
  4. Issue a delete request to Didit's user-deletion API, which is intended to remove your face-recognition fingerprint from their face-search index.
  5. Delete your account from our database.

Subscription records may be retained as required by law for financial record-keeping. As noted in §3, public poem content cannot be deconvolved and is not affected by deletion.

14. Children

The Service is not directed to anyone under 18. We do not knowingly collect personal data from minors. If you believe a minor has created an account, contact us and we will delete it.

15. Changes to This Policy

We may update this policy from time to time. We will notify registered users of material changes by email. Continued use of the Service after non-material changes are posted constitutes acceptance of the updated policy. For material changes that expand how we collect, use, or share your personal data, we will require you to affirmatively re-accept this policy before you can continue using the Service.

16. Governing Law

This policy is governed by the laws of the State of Kansas, USA.

17. Contact

Questions about this policy? Email us at contact@popularpoem.com.