AskedHere
Sign in

First draft — pending Vermont attorney review.

Published in good faith for transparency. The companion document is the Terms of Service. For self-service access / export / deletion of your data, see your privacy controls or email privacy@askedhere.org.

AskedHere — Privacy Policy

FIRST DRAFT — REQUIRES VERMONT ATTORNEY REVIEW BEFORE PUBLISHING.

Effective date: [TO BE SET ON PUBLICATION]

AskedHere ("we", "us", "AskedHere") is operated by PSP US Ventures ("the Operating Entity"). This Privacy Policy explains what information we collect, how we use it, what we publish, what we don't, and the rights you have over your data.

If you have questions, email privacy@askedhere.org.

1. Our core commitment

No raw individual data ever leaves the platform. Every public output and every commercial query response is aggregated, privacy-preserving, and subject to a strict minimum-cell-size rule (we do not publish any demographic cell or methodology disclosure that corresponds to fewer than ten contributors). This is the foundation of how AskedHere is built, not an aspiration.

2. Information we collect

When you participate as a contributor, we collect:

  • Account information: email address, password (hashed), and (where required for the topic) phone number for SMS verification
  • Geographic information: ZIP code, and for higher-stakes civic topics, full address — used to verify you reside in the affected community
  • Identity verification (where required): for "binding" civic topics like ballot measure inputs, we may require government-ID verification through a third-party identity-verification provider (currently Persona). We receive only a verification result; we do not store images of your ID.
  • Demographic attributes you choose to share: age band, household composition, education, occupation, and similar attributes. All optional. The more attributes you share, the more queries your responses contribute to (and the more potential earnings you accrue under our payout model).
  • Poll responses: the answers you give to specific polls, stored encrypted and linked to your contributor ID.
  • Technical information: IP address (for anti-fraud and rate-limiting), browser type, device type, and timestamps, in standard server logs.

We do not collect: social-graph data, browsing history outside our site, third-party tracking pixels, or any information from data brokers.

3. How we use the information

  • To verify you are a real person and (where required) a resident of the affected community.
  • To produce aggregated, privacy-preserving published results. Your individual response is never published. It contributes to aggregate counts and weighted statistics, subject to the k-anonymity rule above.
  • To compute your contribution to commercial query revenue. When a paying buyer queries the platform and your data is in the query's scope (you have shared the relevant attributes and fall within the query's geographic or demographic filter), you are credited a proportional share of that query's revenue under our payout model.
  • To send you topic-related emails (if you have opted in to the newsletter or specific topic updates).
  • To investigate anti-fraud signals. A small percentage of responses are retroactively re-verified to maintain data quality.

We do not use your information to train commercial AI models, sell to data brokers, or target third-party advertising.

4. What we publish

Every published result includes:

  • Aggregated statistics (percentages, weighted averages, demographic cross-tabs)
  • The sample frame, sample size, verification tier, weighting approach, and margin of error
  • Demographic disclosures, suppressed where any cell would correspond to fewer than k contributors (default k=10; higher for sensitive topic categories)

We do not publish:

  • Any individual response
  • Any demographic cell smaller than k contributors
  • Any combination of attributes that would make a respondent identifiable
  • Methodology details (e.g., exact targeting parameters) until a delay window has passed (default: 30 days, or until the topic closes, whichever comes first)

5. What we sell

We sell aggregated insights, never raw data. Commercial buyers query the platform and receive aggregated, privacy-preserving query responses. They never receive individual records, exportable databases, or any output that would let them re-identify a contributor. The platform enforces this at the query layer through k-anonymity rules, query-stitching defenses (differential privacy budgets per buyer), and audit logging.

6. How we share information with third parties

We share limited information with:

  • Identity-verification providers (currently Persona) — to verify you are a real person. They receive only the data necessary for verification and operate under their own privacy obligations.
  • SMS providers (currently Twilio) — to send phone-verification codes. They receive only the phone number and the verification request.
  • Email providers (currently Resend, Buttondown for newsletters) — to send transactional and newsletter emails. They receive only the recipient email and the message contents.
  • Payment providers (currently Tremendous) — when you receive a payout, only the information necessary to deliver the payment is shared.
  • Hosting and infrastructure (currently Vercel, Supabase, Cloudflare) — to operate the platform.

We do not share information with: data brokers, advertising networks, social media platforms, or any party for any purpose other than operating AskedHere.

If we receive a legally compelled request for your information (subpoena, court order), we will, where lawfully permissible, notify you before responding. We will challenge requests we believe are overly broad or improperly issued.

7. Your rights

Regardless of where you live, you have the following rights:

  • Access — request a copy of the information we hold about you
  • Correction — correct inaccurate information
  • Deletion — request deletion of your account and personal information. Past responses you have submitted will be deleted from our identifiable records; aggregate statistics already published will not be retroactively recalculated, but your individual responses will no longer be attributed to you in any future queries.
  • Withdraw consent — withdraw consent for future use of your data, including future queries that would otherwise have included your responses
  • Data portability — receive a copy of your data in a machine-readable format

Self-service. Most of these rights are available without contacting us. Once signed in, visit askedhere.org/privacy to:

  • See an inventory of every piece of data linked to your account
  • Download your data as a JSON file (right of access + portability)
  • Withdraw all consent — removes verifications, demographic attributes, and prior responses while keeping your account email for 90 days of fraud prevention
  • Permanently delete your account and every linked record (right of erasure, irreversible)

If self-service doesn't fit your need, or you can't access your account, email privacy@askedhere.org. We respond within 30 days.

If you live in California, the EU/UK, or another jurisdiction with specific data-protection laws, you have additional rights under those laws (e.g., GDPR Articles 15–22, CCPA §§ 1798.100 et seq.). Contact us and we will honor them.

8. Children

AskedHere is not directed to children under 13, and we do not knowingly collect information from children under 13. If we learn we have collected information from a child under 13, we will delete it. Some topics may have a higher minimum age (e.g., 18+) when we are polling on adult-only civic decisions.

9. Data retention

  • Account information: retained while your account is active, plus 90 days after account closure for fraud-prevention purposes
  • Poll responses: retained as long as the relevant topic is in our active dataset, subject to your right to deletion
  • Technical logs: 90 days
  • Verification records (Persona): retained per Persona's policies and as required by anti-fraud regulations; we hold only the verification result

10. Data security

We use industry-standard security practices, including encryption at rest, encryption in transit, two-factor authentication for staff accounts, and minimum-necessary access controls. No system is perfectly secure; if you become aware of a vulnerability, please report it to security@askedhere.org.

11. Operating entity and future changes

AskedHere is currently operated by PSP US Ventures. We plan to spin out to a dedicated entity (likely a public-benefit corporation) as the project grows. When that transition happens, your privacy rights and our commitments transfer in full to the new entity. You will be notified at least 30 days before any such transition, with the opportunity to delete your account beforehand.

12. Changes to this policy

We will notify you of material changes via email at least 30 days before they take effect. Non-material changes (clarifications, formatting) may be made without prior notice but will be reflected in the effective date at the top of this page.

13. Contact