Privacy policy
What we store
ChainKu does not collect personal data, accounts, or email addresses. The only identifier used is an anonymous UUID generated in your browser and stored in localStorage. It is sent to our backend only when you submit a haiku, a proposal, or a choice, where it is used to (a) recognise you as the initiator of haiku you started, (b) enforce “one proposal per user per line”, and (c) apply rate limits. It is never shared with third parties.
Your UUID is never publicly visible. For haiku you initiate, it is stored on the haiku document as the initiator identifier (used only by the server to authorise your choices); for proposals you submit, it is stored in a private subcollection that no client can read and is deleted once the proposal window closes. When a proposal is accepted into the final haiku, only its text is kept — the proposer's UUID is not. Accepted contributions therefore cannot be linked back to you, or to each other, by anyone reading the site.
Browser storage
A few values are stored in your browser's localStorage. No cookies are used.
chainku.uuid— your anonymous identifier. Clearing browser data resets this and your authorship history.chainku.onboardingDismissed— whether you have dismissed the welcome message.chainku.syllableCounterEnabled— your syllable counter preference (on or off).chainku.proposals— a local record of which haiku lines you have proposed, used to show you the correct status on the detail page.chainku.bookmarks— a local record of which completed haiku you have bookmarked, used to show the bookmark state on your device. Only an anonymous total count is stored on our side, never a link between you and a haiku.
Rate limiting
To prevent abuse, your IP address is used for rate limiting. IP addresses are not stored beyond the duration of the rate-limit window (one hour) and are deleted automatically after expiry.
CAPTCHA (Cloudflare Turnstile)
Form submissions are protected by Cloudflare Turnstile, a privacy-friendly CAPTCHA. ChainKu uses the invisible variant: no challenge or checkbox is shown, and the check runs in the background to verify that submissions come from a real browser rather than a bot. Turnstile does not use cross-site tracking cookies or device fingerprinting.
To make this assessment, Turnstile processes a limited set of signals from your browser, including your IP address, request headers, and minor interaction data. Cloudflare acts as a data processor on our behalf for this purpose. See Cloudflare's privacy policy and the Turnstile privacy addendum for full details.
Third-party services and data processors
ChainKu does not use analytics, advertising, or social tracking of any kind. The following third-party services are used as data processors:
- Cloudflare Turnstile — a privacy-friendly CAPTCHA used on form submissions. Cloudflare's privacy policy governs their service.
- Firebase / Google Cloud — the application backend (Firestore database, Cloud Functions, Hosting) is operated by Google Ireland Limited (EEA) / Google LLC (US). Content you submit (haiku lines) is stored in Firestore. Google's Firebase privacy information applies.
- Google reCAPTCHA Enterprise — used by Firebase App Check to verify that requests originate from the genuine web app. No challenge is shown to users. Google's privacy policy applies.
External links
ChainKu may link to external sites — such as our Ko-fi support page. These sites are operated by third parties and have their own privacy policies; ChainKu does not share any data with them, and they apply only once you choose to visit them.
Contact
For privacy-related questions, contact us at info@chainku.art.