On Privacy at Foolscap
We collect the minimum data needed to match you with a correspondent — your name, email, postal address, age range, and your answers to our profile questions.
We never sell, rent, or share your data with third parties. Not for any amount of money. This is a rule, not a policy.
Your postal address is never shared with your correspondent until you explicitly confirm you want to exchange addresses.
You can ask us to delete everything we have about you, at any time, by writing to hello@foolscap.space. We'll do it within seven days.
What we collect, and why
| What | Why we need it |
|---|---|
| Name | To address you in our emails and for your correspondent to know what to call you. |
| Email address | To send you our matching questionnaire, introductions, and check-ins. |
| Postal address | To pass to your correspondent once you've both consented to exchange addresses. Never before. |
| Age range | To match you within an appropriate cohort. |
| City / country | To match across appropriate distances and time zones. |
| Your profile answers | To match you thoughtfully. Read personally, by us, and used only for matching. |
| Payment information | Handled entirely by Stripe. We never see or store your card details. |
| Identity verification data | Collected and held by Stripe Identity. We receive only a confirmation that verification passed. |
| Cloudflare Analytics | Anonymous page view counts. No cookies, no fingerprinting, no personal tracking. |
Where your data lives
Your data is held in a small number of well-regarded tools, each with their own strong privacy and security practices:
- Google Workspace — our emails and the spreadsheet that holds member profiles.
- Stripe — payment processing and identity verification.
- Cloudflare — hosting the Foolscap website.
We do not use advertising networks, retargeting pixels, behavioral analytics tools, CRM integrations, or any third-party service that would receive your personal data outside of the above three. If we ever add a new tool that touches your data, we'll update this page and tell you directly.
What we never do
- We never sell your data. Not your email, not your address, not your profile answers. Not to anyone, at any price.
- We never share your postal address with your correspondent without your explicit consent.
- We never read your physical letters. They travel through the postal service, not through us.
- We never run advertising, sponsored content, or data-driven marketing targeted at you based on what you've told us.
- We never use your profile answers to train AI models, either ours or anyone else's.
Your rights — wherever you live
Regardless of where you live, you have the right to:
- See any personal data we hold about you. Email us and we'll send it in a readable format within seven days.
- Correct anything that's wrong.
- Delete all of your data. Email us and we'll erase everything in our systems within seven days, except what we're legally required to keep for tax or accounting purposes (basic transaction records).
- Export your data in a portable format.
- Object to how we use your data, and request we stop processing it.
If you're in the European Union, the United Kingdom, California, or India, your law gives you additional specific rights (under GDPR, UK GDPR, CCPA/CPRA, or the DPDP Act respectively). We comply with all of them, and the simple way to exercise any of them is to email hello@foolscap.space. A real person will read it and act on it.
How long we keep your data
For active members: as long as you're a member, plus a grace period of thirty days after cancellation in case you rejoin.
For former members: we keep basic transaction records for up to seven years, as required for tax and accounting purposes under Indian law. Everything else — your profile answers, postal address, email — is deleted within thirty days of your request, or sooner if you specifically ask.
For waitlist signups who never become members: we delete your data after eighteen months of inactivity, or immediately upon request.
Children
Foolscap is for adults eighteen and over. We do not knowingly collect data from anyone under eighteen. If you believe we've collected data from a minor, please tell us at once and we'll delete it.
Cookies
We don't use marketing or tracking cookies. Cloudflare sets a small number of essential technical cookies for security and performance — these are anonymous and don't track you across sites. Stripe sets its own cookies on its checkout page to process payments, which is between you and Stripe and covered by their privacy policy.
Security
We use standard security practices: SSL on the website, two-factor authentication on all the tools we use to handle your data, access limited to the founder, and regular backups. We are a small, careful operation — but we are not immune to the risks any online service faces. If we ever have a security incident that might affect your data, we'll tell you within seventy-two hours, by email, with an honest explanation of what happened and what we're doing about it.
Changes to this policy
If this policy changes materially, we'll email every active member at least thirty days before the change takes effect. For anything that expands what we collect or how we use it, we'll ask for your consent.
Questions, requests, or concerns about your data?
Write to hello@foolscap.space.
We respond within seven days, often faster.