Privacy Policy

Last updated: May 2026

Plain English

  • We collect the minimum needed to run the site. No advertising. No tracking pixels. No third-party analytics.
  • If you sign in, we store your display name, a URL slug, and the poems and horses you associate with your account.
  • Anonymous use leaves no account data. Your IP may appear in server logs, which are retained briefly for debugging.
  • We use Clerk for sign-in. Clerk handles authentication; we only receive a user ID and whatever profile info you choose to share (e.g. your Google display name).
  • We do not sell your data. We do not share it with third parties except as required to run the service (Clerk for auth, the VPS host for infrastructure).
  • You can request deletion of your account and its associated data at any time — see our data deletion page.

1. What we collect

If you use the site without an account

  • Server logs — standard Apache/gunicorn logs including IP address, request path, and timestamp. Retained for a short period for debugging; not analyzed for tracking.
  • Browser localStorage — your stable (working horse collection), page-size preference, and optional attribution fields (pen name, Tumblr handle) are stored locally in your browser. This data never leaves your device unless you sign in, at which point it is synced to your account (see below).

If you create an account

  • Profile — display name, URL slug, joined date, optional profile links.
  • Poems — poems you submit, including their publication status and any tags.
  • Stable and saved horses — your working horse collection and any horses or poems you save.
  • Preferences — page-size preference, attribution defaults, display settings.
  • Auth identifier — a Clerk user ID (an opaque string). We do not store passwords or OAuth tokens.

2. How we use it

We use your data only to provide the service: displaying your poems, persisting your stable and preferences across sessions, and allowing you to manage your account. We do not use it for advertising, profiling, or sale.

Aggregate, non-identifying statistics (e.g. most-used horse names, popular poem lengths) may be used to curate the site and are never linked back to individual accounts.

3. Third-party services

  • Clerk — handles sign-in. When you authenticate, Clerk processes your credentials and returns a session token to us. Clerk's own privacy policy applies to that interaction. We proxy the Clerk JS bundle through clerk.poet.horse to avoid third-party script restrictions.
  • Google Fonts — the site loads Courier Prime and Playfair Display from Google's CDN. Google's standard font-serving privacy policy applies.
  • Ko-fi — a voluntary tip-jar widget. Interacting with it is governed by Ko-fi's privacy policy. It does not track you unless you click it.
  • Tumblr / social platforms — if an admin cross-posts a poem you submitted, it may appear on Tumblr or other platforms per their respective policies. Cross-posting is opt-in per poem at the admin's discretion.

4. Cookies and storage

We use a single server-side session cookie to keep you signed in. We do not use advertising cookies or third-party tracking cookies. Browser localStorage is used for anonymous state (stable, preferences) as described above.

5. Data retention and deletion

Account data is retained as long as your account exists. Published poems remain on the site after account deletion (attributed anonymously) unless you request otherwise. See our data deletion page for full instructions.

6. Security

The site runs over HTTPS. We do not store passwords. The database is on a server that is not publicly accessible beyond the web application. We are a small hobby project and cannot make enterprise-grade security guarantees, but we take reasonable precautions.

7. Changes

If we make material changes to this policy we will update the "Last updated" date. Continued use of the site constitutes acceptance.