Skip to content
← Phobos

Privacy Policy

Last updated: March 29, 2026

Overview

Phobos (“we”, “us”, or “our”) is a wishlist app that lets you track and share the things you want. We take your privacy seriously. This policy explains what information we collect, how we use it, and your rights.

Information We Collect

  • Account information — When you register, we collect your username, email address, and a hashed password. We never store your password in plain text.
  • Wishlist content — Items, names, notes, links, and images you add to your wishlists.
  • Usage data — Standard server logs (IP address, browser type, pages visited) for security and debugging. These are not sold or used for advertising.
  • Uploaded images — Images you attach to wishlist items are stored on our servers.

How We Use Your Information

  • To create and manage your account
  • To send transactional emails (email verification, password resets)
  • To provide and improve the Phobos service
  • To detect and prevent fraud or abuse

We do not sell your data. We do not use your data for advertising or share it with third parties for marketing purposes.

Third-Party Services

Phobos uses the following trusted third-party services to operate. Each has its own privacy policy.

  • Railway — Backend hosting and PostgreSQL database provider where your account and wishlist data is stored
  • Vercel — Frontend hosting provider that serves the Phobos web app
  • Resend — Email delivery service used to send verification and password reset emails
  • Google OAuth — If you choose to sign in with Google, Google shares your name and email address with us. See Google's Privacy Policy for details.
  • Sightengine & OpenAI — Content moderation services used to automatically review uploaded images and text for harmful content. Content you submit may be processed by these services.

Cookies & Local Storage

Phobos uses an httpOnly cookie to manage your login session — this cookie cannot be accessed by JavaScript. We also use your browser's local storage solely to save your theme preference (light/dark). We do not use tracking cookies or third-party analytics cookies.

Data Retention

Your data is retained as long as your account exists. If you delete your account, your personal information and wishlist content will be removed from our systems within 30 days.

Your Rights

  • Access — You can view your account information from your profile page.
  • Correction — You can update your username and email from your settings page.
  • Deletion — You can request deletion of your account and all associated data by contacting us.
  • Portability — You can contact us to request an export of your data.

Children's Privacy

Phobos is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with their information, please contact us.

Changes to This Policy

We may update this policy from time to time. When we do, we will update the date at the top of this page. Continued use of Phobos after changes means you accept the updated policy.

Contact

Questions or requests about your privacy can be sent to myphoboslist@gmail.com.

Back to sign in