# Privacy

Date: 2026-05-22  
Status: public policy draft

ErgoCommunity.org should collect the least possible data needed to coordinate community work.

## Limited Preview

The current prototype is static. It does not include accounts, wallet login, analytics, cookies or server-side storage.

Local ops mode can create task claim, proof submission and safety report preview records in the visitor's browser using
`localStorage`. These records stay on the same device/browser until the visitor exports or clears them. They are not sent
to a server by the static preview.

Trollbox preview mode can store a selected provider label, nickname and local preview messages in `localStorage`. These
records are not provider-verified in the static preview and are not sent to a server until a production backend is
connected.

The Sage proof stream is embedded from the official Ergo website as a read-only iframe/drop-in. It should remain optional and should not be used to collect private visitor data on this portal.

## Future Forms

If contribution, project or report forms are added later, they should collect only:

- public handle or optional contact
- contribution or project details
- source links
- proof links
- safety report evidence where relevant
- provider identity metadata for trollbox login where relevant

Forms must not request wallet recovery data, private keys, passwords or unnecessary personal information.

## Analytics

If analytics are added later:

- use privacy-friendly analytics
- avoid cross-site tracking
- avoid fingerprinting
- do not track wallet addresses as identity
- publish the analytics provider and retention window

## Contributor Recognition

Contributor spotlights should be opt-in. Use handles or names only with consent, and link to public artifacts rather than exposing private contact details.