Direct messages on sovraSpace are private. Access is enforced at the database level using row-level security: only the participants of a conversation can read them. No other user, no admin in the normal course of business, and no third party can see your DM content.
Messages are stored as plaintext in our database (Supabase, hosted on AWS). We do not read, sell, or share your DM content.
End-to-end encryption is something we're considering for a future update. We're not committing to a timeline; when there's a concrete plan, this section will be updated and you'll be notified.
We collect the minimum data necessary to run a civic platform. Here's exactly what we store:
Because sovraSpace is a civic platform, your activity here, the bills you follow, the representatives you grade, the petitions you sign, the stances you take, can reveal your political opinions and civic beliefs. Under U.S. and international privacy law (including GDPR Article 9 and California's CPRA), this is sensitive personal data and gets heightened protection.
We treat it accordingly:
When you create your account, we record your explicit consent to process this sensitive data. You can withdraw consent at any time by deleting your account.
For full details, including your specific rights with respect to civic data, see our Civic-Data Sensitivity Disclosure.
sovraSpace does not optimize for outrage or engagement at any cost. Our feed algorithm is designed around civic relevance.
Your Civic Lens preference controls how diverse your feed is. Here's exactly what we store and how it's used:
We use the minimum cookies needed for sovraSpace to work: keeping you logged in, maintaining your session, remembering your basic preferences. Where we use anything beyond essential cookies, you'll see a consent banner and you control what runs.
For full details, see our Cookie Policy.
We retain data only as long as it's needed for the purposes described in this policy, or as required by law:
sovraSpace is an 18+ platform. We do not permit accounts for users under 18, and we do not knowingly collect data from anyone under 18. If you believe a minor has somehow created an account, please contact privacy@sovraos.com and we'll remove the account.
sovraSpace uses AI (Claude by Anthropic) to generate plain-English summaries of bills, court decisions, executive orders, and financial legislation. Here's how it works:
AI summaries may contain errors. We encourage you to report any inaccurate summary using the Report button — your reports help us improve data integrity for everyone. We never present AI-generated text as official government content.
The 24-hour cache is for fast display, not long-term retention. Separately, we improve the AI's accuracy over time using a self-training feedback loop documented in the next section.
Your account security matters as much as your privacy.
sovraHeadlines improves over time through a self-training feedback loop. Here's exactly how it works and what data is — and is not — involved.
AI training is strictly limited to sovraHeadlines' own generated content and publicly available government and news sources. No user data — posts, comments, DMs, or personal information — is ever used to train the AI. Users can report AI inaccuracies via the in-app feedback system.
To run sovraSpace we work with vetted service providers for hosting, storage, transactional email, error monitoring, and AI features. They process data only as necessary to operate the platform on our behalf, and only under contracts that bind them to substantially equivalent privacy protections.
If you'd like the full list of our current sub-processors, email privacy@sovraos.com.
Sovra OS LLC is based in the United States. If you access sovraSpace from outside the U.S., your data is processed in the U.S. under standard contractual protections for international transfers.
sovraSpace uses these third-party tools, all consent-gated:
All of these are off by default. You actively choose to enable them, and you can disable them at any time from the footer link "Cookie Preferences" or in Settings > Privacy.
sovraSpace's share features let you send content to others via email, SMS, and social media. Here's what happens — and what doesn't — when you share.
Recipients of shared links see only public sovraSpace content — no private user information is transmitted. Third-party platforms such as Twitter/X, Facebook, and others have their own privacy policies that govern how they handle shared links.
You can delete individual posts and comments at any time. Deleted content is removed from public view immediately and purged from active database tables within 30 days. During that 30-day window, you can recover deleted content by emailing support@sovraos.com.
You can delete your entire account from your account settings or by emailing privacy@sovraos.com. When you delete your account:
One exception worth being clear about.
If we're required to report content to law enforcement under federal law, most importantly, child sexual abuse material under 18 U.S.C. § 2258A, we remove the content immediately and report to the National Center for Missing & Exploited Children.
What we report is the account information of the poster and the fact of the violation. We do not retain the content itself. The content is removed; the report record is kept as required by law.
You have full control over your data at all times.
We may update this Privacy Policy from time to time; material changes will be communicated via email and in-app notification at least 14 days before they take effect, and you can always find the current version at sovraspace.com/privacy.