Effective July 16, 2026

Privacy Policy

You are trusting us with information about someone’s incarceration. We designed OutDate so we hold as little as possible, encrypt what we do hold, and never monetize it.

What we collect

  • Account data: your email address, a password hash (argon2 — we cannot read your password), and an optional phone number for reminders.
  • Case data you enter: sentence facts, dates, program participation, and optionally a name and register number for the person inside. Names and register numbers are encrypted at rest (AES-256-GCM). A real name is never required — aliases work everywhere.
  • Mail data (if you use physical mail): your verified name and return address, and the contents of letters you approve for printing.
  • Usage data: anonymous feature counters (e.g. “a calculation ran”) with no case content, plus standard server logs. No third-party analytics or advertising trackers, and the only cookie is your session.
  • The anonymous calculator stores nothing server-side.

How we use it

To run the product: computing dates, sending the reminders and rules-change notifications you signed up for, processing payments, and (if you choose) printing and mailing letters. We do not sell or rent personal data, we do not use case content for advertising, and we do not train machine-learning models on your data.

Who else touches your data

  • Stripe processes payments; card numbers never reach our servers.
  • Mailgun delivers our emails (your address and message contents pass through it).
  • A print-and-mail vendor prints and posts letters you explicitly approve — it receives the letter contents and both addresses, and nothing else.
  • We disclose data beyond this only if legally compelled, and where lawful we will tell you before we do.

Sensitivity, retention, and deletion

  • We treat everything about a case as sensitive — incarceration status is not a marketing attribute, and we will never use it as one.
  • Deleting a case permanently removes every associated record: sentence facts, ledger history, documents, and mailing records. Deleting your account removes the account and all its cases.
  • Encrypted database backups are kept for a limited window for disaster recovery and age out automatically.

Security

TLS everywhere, field-level AES-256-GCM encryption for names and register numbers at rest, argon2id password hashing, single-use hashed tokens for password resets, and server-side access control on every route. No security is perfect; if we learn of a breach affecting your data we will notify you promptly at your account email.

Your rights

You can export your case data from the product, correct anything in place, and delete cases or your whole account yourself — no support ticket required. For access, portability, or deletion requests you cannot self-serve (or any privacy question), email [email protected] and we will respond within 30 days. We honor applicable rights under state privacy laws (including the CCPA) and, for anyone in scope, the GDPR. The Service is not directed to children under 18.

Privacy Policy · OutDate