Last updated: April 2026
When you create a RECsy profile: your name, email, and profile photo from your Google account via Clerk. When you leave a recommendation: your name and photo snapshot from Google — never your email address. We also record an anonymised, salted hash of your IP address for anti-fraud purposes. We never store raw IP addresses.
We never sell your data. We never post to your Google account. We never show your email address to anyone — not even the provider you recommended. Recommendations can only be left voluntarily by signing in with Google.
Authentication is handled by Clerk. We use Google OAuth only — we store no passwords. Clerk’s privacy policy applies to the auth flow.
Your name and photo appear publicly on the provider’s page. You can request removal at any time by emailing us. We enforce one recommendation per Google account per provider — this dedup record is retained to prevent fraud.
We use privacy-respecting analytics (PostHog, when enabled) and Sentry for error monitoring. No third-party ad tracking pixels are used.
Questions? Email privacy@recsy.io. We’ll respond within 5 business days.