Last updated: May 2026
When you create an account we store your email address and a bcrypt-hashed password. We log the timestamp of each search request for rate-limiting purposes. We do not collect browsing history, device fingerprints, or any personally identifying information beyond your email.
Your email and password hash are used solely for authentication. Search timestamps are used to enforce daily rate limits. We do not sell, share, or transfer your data to third parties for marketing purposes.
We use a single HTTP-only session cookie (session_token) to keep you logged in for 7 days. Your age-verification confirmation and cookie consent preference are stored in browser localStorage. No third-party tracking cookies are used.
Search queries are processed by a third-party LLM API (Featherless.ai) to expand and interpret your search. Queries are not stored by us beyond the duration of your request.
Account data is retained until you request deletion. Rate-limit records are purged after 90 days.
If you are in the EEA, you have the right to access, correct, or delete your personal data. Email dmca@yourdomain.com and we will respond within 30 days.
This service is hosted in Luxembourg, European Union.