Effective 1 June 2026 · V1.0
Privacy Policy
V³ News is operated by 0Flips Innovations Inc. and is accessible at v3.news, velox.news, versutus.news, and vigilans.news.
Draft notice for the V³ team. This document was drafted by the V³ engineering team as a starting point. It should be reviewed by qualified legal counsel before publication. Items in
[BRACKETS]are placeholders the company must fill in. This notice should be removed before publication.
1. Summary
V³ News ("we," "us," "our," or "the service") is a calmer, more structured way to read the news. We organize the day's events across twelve categories, with multiple perspectives where sources differ, so readers can keep up without doom-scrolling. The service is operated by 0Flips Innovations Inc. ("the company," "0Flips"). This policy describes what information we collect about you, how we use it, what we don't do, and the rights you have over your data.
The short version:
- We collect the minimum information needed to operate the service and improve it. We do not run advertising, sell data, or share information with data brokers.
- We do not fingerprint your browser or device. We do not use third-party tracking pixels.
- When you create an account, we use a pseudonymous identifier for analytics, so your name and email are not stored alongside your usage data. Internally we cannot casually look up "what did Sarah do yesterday"; that linkage requires manual administrative action.
- You can view, export, and delete your session history at any time from your account settings.
- Raw session data is automatically deleted after 90 days.
The long version follows.
2. Who we are
V³ News is a service offering of 0Flips Innovations Inc., a Canadian federal corporation with its registered office in the Province of Nova Scotia. Where this policy refers to "we," "us," or "our," it refers to 0Flips Innovations Inc. in its capacity as the operator of V³ News.
For privacy and legal inquiries: trust@v3.news
3. Information we collect
3.1. From authenticated users (people with V³ accounts)
We collect or generate the following information about authenticated users:
| Category | Examples | Why |
|---|---|---|
| Account identity | Email address, name (from Clerk, our authentication provider) | Required to provide the service and recover access |
| Subscription state | Active plan (Free / Standard / Pro), billing customer ID (Stripe) | Required to provide paid features and handle billing |
| Perspectives + follows | Country/category perspectives you've set, events/decisions you've followed | Required to personalize the product |
| Session metadata | When sessions start and end, what device class (phone/tablet/desktop), what OS major version (e.g. "iOS 17"), what app version | Product improvement and troubleshooting |
Crucially, session metadata is recorded against a pseudonymous identifier derived from your account using a cryptographic hash (HMAC-SHA256) with a server-only secret. Your account identity and your session data live in separate tables that cannot be casually joined without administrative action.
3.2. From anonymous visitors (people browsing without an account)
The public dashboard at v3.news is accessible without signing in.
For anonymous visitors we collect:
- A single first-party cookie containing a random
anonymous_visitor_id(a UUID). This cookie persists for one year unless you clear it. - The same coarse session metadata (start, end, device class, OS major version) as for authenticated users, keyed on the anonymous_visitor_id rather than your account.
If you later create a V³ account, we link your prior anonymous visits to your account so we can understand how visitors become users (a "signup funnel"). This linkage is one-way: anonymous activity is attributed forward to the account, and account identity is not back-propagated to historical anonymous sessions.
We honor the Do Not Track HTTP header. If your browser sends DNT, we do not set the anonymous visitor cookie and do not record session metadata for your visits.
3.3. From third-party services we use
- Clerk (clerk.com) handles user authentication. Clerk stores your email, password (or social login token), and basic profile metadata under its own privacy policy. We do not have access to your password.
- Stripe (stripe.com) handles subscription billing. Card numbers are never seen or stored by V³ News; they are entered directly into Stripe's payment form. We retain only a Stripe customer ID linking your V³ account to your Stripe billing record.
- Mapbox (mapbox.com) renders the maps
visible on event detail pages and the
/map/*routes. Mapbox may receive your IP address as part of standard tile-serving requests. - OpenAI (openai.com) processes news sources and generates the structured content (event summaries, balanced syntheses, perspective framings). We do not send personally identifying information to OpenAI. OpenAI sees the news content being processed, not user identities.
We do not use any third-party advertising networks, analytics SDKs (Google Analytics, Mixpanel, etc.), or social-media tracking pixels.
4. Information we do NOT collect
To be explicit about what we have chosen NOT to do:
- We do not use browser fingerprinting (canvas, WebGL, font, or audio fingerprinting).
- We do not store full User-Agent strings. We parse them server-side into coarse classifications (e.g., "phone / iOS 17") and discard the raw string.
- We do not store IP addresses in any user-correlated database table. IP addresses may appear in transient web-server logs (operational logs retained for short windows) but are not associated with user identities or session pseudonyms.
- We do not log which specific events you viewed, what you searched for, or what you clicked. (We may add coarse, aggregated topic-interest counters in a future revision; if so, this policy will be updated and you will be notified.)
- We do not sell, rent, or share user information with data brokers, advertisers, or social-media platforms.
5. How we use information
We use the information described in Section 3 for the following purposes:
| Purpose | What data | Legal basis (GDPR) |
|---|---|---|
| Provide the service (authenticate you, render content, render personalized views) | Account identity, perspectives, follows, subscription state | Contract (necessary to deliver the service you signed up for) |
| Operate the platform (server load, error monitoring, troubleshooting bugs by device class) | Session metadata, device class, OS major | Legitimate interest (operating a reliable service) |
| Improve the product (understand which features get used, which user personas exist, what to build next) | Aggregated session metadata, engagement tier | Legitimate interest (product improvement) |
| Bill paying subscribers | Account identity, subscription state, Stripe customer ID | Contract (necessary to fulfill the subscription) |
| Communicate with you (account notices, billing receipts, product updates if you've opted in) | Email address | Contract (account notices), consent (product updates) |
We do not use your information for advertising, marketing to third parties, training third-party AI models, or any purpose disconnected from delivering and improving V³ News.
6. How we share information
We share information only with the third-party services described in Section 3.3, and only as necessary for those services to do their specific job. We do not share user information with any other party except as described in Section 8 (legal compulsion) or with your explicit consent.
We do not share information across the 0Flips Innovations Inc. product portfolio beyond aggregated, non-identifying statistics without your consent.
7. Data retention
| Data type | Retention |
|---|---|
Raw session metadata (user_sessions table) | 90 days, after which rows are deleted |
| Aggregated engagement statistics (no per-user resolution beyond pseudonym; e.g., "this pseudonym has 12 sessions this week") | Retained while your account exists |
| Account identity (email, name) | Retained while your account exists; deleted within 30 days of account deletion request |
| Perspectives, follows, subscription history | Retained while your account exists |
| Billing records (held by Stripe) | Per Stripe's retention policy; we retain Stripe customer ID for as long as required by Canadian tax law |
| Anonymous visitor cookies and associated sessions | 90 days for session metadata; the cookie itself expires after 1 year or when you clear it |
If you delete your account, we delete or anonymize your information within 30 days, except where retention is required by law (e.g., tax record-keeping for billing data).
8. Your rights
You have the following rights with respect to your information, regardless of where you live:
8.1. Access
You can see all session data we have associated with your
account at https://v3.news/me/sessions. We do not gatekeep this;
it is a feature, not a request you have to file.
8.2. Export
You can download your session data as JSON at
https://v3.news/me/sessions/export.
8.3. Deletion
You can:
- Delete your session history at any time at
https://v3.news/me/sessions(button: "Delete my session history"). This is immediate. - Delete your entire account by contacting trust@v3.news. Within 30 days we will delete or anonymize all data associated with your account, except as required by law.
8.4. Rectification
You can update your name and email through your account settings. You can change your perspectives, follows, and subscription at any time. To correct other information, contact trust@v3.news.
8.5. Objection and restriction (GDPR)
You can object to or restrict our processing of your information under the conditions set by Articles 18 and 21 of the GDPR. Contact trust@v3.news.
8.6. Portability (GDPR Article 20)
The export endpoint in Section 8.2 provides your session data in a machine-readable JSON format. For other data (perspectives, follows), contact trust@v3.news.
8.7. CCPA / California Privacy Rights
If you are a California resident, you have the right to know what personal information we have collected about you, the right to delete that information, the right to opt out of any sale (we don't sell), and the right not to be discriminated against for exercising these rights. The mechanisms in Sections 8.1-8.3 cover these rights.
8.8. Complaints
If you believe we have mishandled your information, you may file a complaint with us at trust@v3.news. If you are an EU/UK resident, you also have the right to file a complaint with your local data protection authority.
9. Our disclosure stance
We design V³ News to minimize what we have, so that disclosure requests, whether from governments, civil litigants, or other third parties, can disclose less.
What we will do:
- Comply with valid legal process (subpoena, warrant, court order) served on 0Flips Innovations Inc. in our jurisdiction of incorporation.
- Notify affected users when legally permitted (i.e., when no gag order applies).
- Publish a transparency report on a periodic basis once volume warrants it.
What we will not do:
- Disclose user information voluntarily without legal compulsion or the user's consent.
- Disclose more than what the legal process specifically requires.
- Maintain back doors, exceptional access mechanisms, or "law enforcement portals."
Technical posture:
- We do not have an admin endpoint that "looks up a user's sessions by email." Reversing a session pseudonym to an account requires manual database access plus the server-side salt, actions that leave audit trails.
- Raw session data is deleted after 90 days. Older activity simply does not exist to disclose.
- We do not store IP addresses in any user-correlated table.
10. International users and data hosting
V³ News is operated from servers physically located in Frankfurt, Germany (our application servers, hosted on Render) and in the United States (parts of our infrastructure including Clerk authentication and Stripe billing).
If you are located in the European Union or United Kingdom, your information may be transferred to the United States as part of using the service. We rely on the Standard Contractual Clauses (SCCs) published by the European Commission as the legal basis for those transfers, where applicable.
We are continuing to evaluate options for additional regional hosting; this section will be updated as those evaluations conclude.
11. Children
V³ News is intended for users 16 years of age or older. We do not knowingly collect information from anyone under 16. If you believe a child under 16 has provided us with personal information, please contact trust@v3.news and we will delete it.
12. Security
We protect your information using industry-standard practices: encrypted connections (TLS) for all traffic, encrypted-at-rest database storage, principle-of-least-privilege access controls on internal systems, and prompt patching of dependencies. No system is perfectly secure; if we become aware of a breach affecting your information, we will notify you in accordance with applicable law.
13. Changes to this policy
We may update this policy from time to time. When we make a material change (such as collecting a new category of information or sharing with a new third party), we will notify you by email and through an in-product notice before the change takes effect. The "Effective date" at the top of this document indicates when the current version took effect.
We will keep historical versions of this policy available at
https://v3.news/privacy/history (forthcoming) so you can see
exactly what has changed.
14. Contact
Privacy and legal questions: trust@v3.news
Source of truth: docs/legal/privacy-policy.md in the V³ News repository. Any version difference between this page and that file is a deployment lag — the repository wins.