Otto BetaPrivacy Policy
Information We Collect
When you create an account, we collect your email address and a username you choose. If you sign up through Google, we receive your Google account email and display name. We do not collect your date of birth or birth year.
When you use Otto we collect the content you create (posts, comments, votes, messages), information about the communities you create or moderate, and reports you submit.
We collect your IP address when you interact with the platform. For most purposes (rate limiting, abuse prevention, vote manipulation detection), IP addresses are hashed with a server-side salt before storage, meaning we cannot recover the original address.
For account security, we store your unhashed IP address, approximate country, and internet service provider alongside your active login sessions. This allows you to review your sessions in Settings and detect any unauthorized access. Session data including raw IP addresses is automatically deleted after 30 days.
Content Safety Scanning
We automatically scan user-generated content (including posts, comments, and profile information) using a combination of pattern-matching systems and AI-based classification to detect content that may violate our community guidelines or applicable law. This includes scanning for content related to self-harm, suicide, and eating disorders, in compliance with our obligations under the UK Online Safety Act 2023 and similar legislation in other jurisdictions.
This processing is carried out on the basis of (a) our legal obligations under online safety legislation, and (b) our legitimate interest in maintaining a safe platform for all users, including minors who may access the service.
Our automated systems assign a confidence score to flagged content. Content flagged by automated systems is reviewed by a human moderator before any permanent action is taken on your account. Content may be temporarily hidden pending review. You will be notified if action is taken on your content or account as a result of this process.
We also scan user-generated content for signals that may indicate a user is below the minimum age for the service. This processing is necessary for compliance with age-related regulatory requirements.
Content analysed by our scanning systems is processed in accordance with the data minimisation principle. Matched text and pattern data are retained only for as long as necessary to complete the review process and maintain compliance records. Where content is sent to a third-party AI service for classification, only the content text is transmitted. No user identifiers are included in the request.
How We Use Your Information
- To provide and operate the platform
- To send verification emails and password reset links
- To enforce our rules and prevent abuse through rate limiting
- To support the moderation system (reports and enforcement actions)
- To scan content for potential safety concerns using automated tools and AI classification
- To generate link thumbnails for posts
- To display your active sessions so you can detect unauthorized access
- To determine your approximate location (country) using GeoIP lookup
- To collect anonymous, privacy-focused usage analytics
Information Sharing
We do not sell your personal information. We do not share your data with third parties for advertising purposes. Information may be disclosed if required by law or to protect the safety of our users.
If you sign in with Google, Google may receive information about your authentication session in accordance with their own privacy policy. We use the Resend email service to deliver verification and notification emails. We use MaxMind GeoIP databases to determine approximate location from IP addresses. We use Umami for privacy-focused, cookie-free usage analytics that does not track individual users. For content safety classification, we may send the text of posts or comments to a third-party AI service (Anthropic) for analysis; only the content text is sent, with no user identifiers or account information included in the request.
Data Security
Passwords are hashed using bcrypt before storage. Authentication tokens are signed with ES512 (ECDSA) cryptography. All user-generated HTML content is sanitised to prevent cross-site scripting. Uploaded images are validated at the byte level to block malicious file types. Security headers are applied to all responses.
Cookies & Authentication
Otto uses HTTPOnly cookies to store your authentication token (JWT) and server-side session identifier. These cookies are essential for keeping you logged in and cannot be accessed by JavaScript running on the page. A non-sensitive signal cookie is also used to let the interface know whether you are logged in. We do not use cookies for tracking or advertising.
Children’s Privacy
Otto is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13 without the consent of the child’s parent or guardian as required by law, we will delete it.
Your Rights
You can update your profile information, change your email address, or change your password from the settings page at any time. You may request deletion of your account by contacting us via our contact form.
Data Retention
Your account data is retained for as long as your account is active. If your account is deleted, we will remove your personal information (username, email, password). Posts and comments you created will remain visible to preserve community discussions, but your username will be replaced with “[deleted]” so they are no longer linked to your identity. You can delete individual comments before deleting your account if you wish to remove specific content. After account deletion, you may still request removal of specific comments by contacting us via our contact form.
Hashed IP addresses used for rate limiting are retained temporarily and cannot be linked back to you. Raw IP addresses stored for session security are automatically deleted after 30 days.
California Residents
Under the California Consumer Privacy Act (CCPA), California residents have the right to: know what personal information we collect and how it is used (described above); request deletion of their personal information; and opt out of the sale of personal information. We do not sell personal information to third parties. We will not discriminate against you for exercising any of these rights. To make a request, please use our contact form.
Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through a notice on the platform. Continued use of Otto after changes take effect constitutes acceptance of the revised policy.
Contact
If you have questions about this Privacy Policy, please contact us via our contact form.
Last updated: March 2026. See also our Terms of Service and Rules.