Legal

Privacy Policy

Short version: we collect as little as possible, we don't sell anything, and you can delete your data at any time.

Who we are

Let's Metta is operated by an independent developer. Questions? mettame@nodehop.org

What we collect

We only collect what's strictly necessary to run the service:

• Email address — used to send you a login link. Nothing else. You can remove it from your account at any time, and it will be permanently deleted from our database.
• Username — chosen by you during onboarding. Never your real name unless you choose it.
• Thoughts and taps — stored anonymously. Recipients never see who sent a thought — only that someone did.
• IP address — briefly processed by our server for rate limiting. Not stored.
• Session token — when you log in, a session token is stored in your browser's local storage. This token identifies your session and is never shared with third parties. You can clear it at any time by logging out or clearing your browser data.

What we don't collect

• No cookies
• No analytics or third-party scripts
• No advertising data
• No real name, phone number, or location

Who we share data with

We use one external service:

• Resend (resend.com) — for sending login emails. Your email address passes through their infrastructure. They operate under a Data Processing Agreement compliant with GDPR. We keep email logs to a minimum.

We do not sell, rent, or share your data with anyone else.

How long we keep your data

• Your account and data remain as long as your account exists.
• If you remove your email address from your account, it is permanently deleted immediately.
• You can request full account deletion at any time by emailing mettame@nodehop.org.

Your rights (GDPR)

If you're in the EU, you have the right to access, correct, or delete your personal data. Email us and we'll respond within 30 days.

Security

We use magic links instead of passwords. Sessions are secured with random tokens. All traffic is encrypted via HTTPS. We don't store passwords — because there aren't any.

Changes

If we change this policy in a meaningful way, we'll update the date below. We won't notify you by email unless required by law — this page is the source of truth.

Last updated: April 2026