Privacy Policy

Last updated: January 2026  ·  Detectorist BETA

1. Who We Are

Detectorist is a metal detecting platform ("the Platform", "we", "us", "our") currently in public beta. We provide tools for logging finds, tracking GPS sessions, and connecting with a community of metal detector enthusiasts. If you have questions about this policy or your personal data, contact us at support@detectorist.zone.

2. Data We Collect

Account & Profile Data

• Email address and hashed password (via Supabase Authentication)
• Display name and username (chosen by you)
• Profile photo (uploaded by you)
• Country, bio, and other optional profile fields
• Account creation date and last login timestamp

Detecting Activity

• Finds: Name, category, metal type, description, depth, date, and GPS coordinates (optional) of items you log
• Sessions: GPS track data, start/end times, location name, notes, and linked equipment
• Photos: Images uploaded with finds, sessions, and profile
• Equipment: Metal detector make, model, settings, and notes

Community Data

• Community posts, comments, and reactions you publish
• Direct messages and group/project chat messages
• Group memberships, roles, and project contributions
• Achievements earned and statistics generated from your activity

Technical Data

• IP address and device/browser information (collected automatically by Supabase Auth and our hosting infrastructure)
• Session tokens stored in your browser's local storage for authentication
• Error logs and performance data used to improve the service

3. Legal Basis for Processing (GDPR)

• Contractual necessity: To provide the platform and services you signed up for
• Legitimate interests: To maintain security, prevent fraud, and improve the platform
• Consent: For optional features such as GPS location tracking in sessions — you control when location is recorded
• Legal obligation: Where we are required to process data by applicable law

4. How We Use Your Data

• To create and maintain your account
• To display your finds, sessions, and profile to other users (according to your privacy settings)
• To enable community features including posts, messages, groups, and projects
• To generate statistics and achievements based on your activity
• To send notifications relevant to your activity (group invites, community replies, etc.)
• To detect and prevent abuse, fraud, or violations of our Terms of Service
• To improve and develop the platform

5. Data Retention

We retain your data for as long as your account is active or as needed to provide services.

• Active data: Retained until you delete it or your account is closed
• Soft-deleted content: Deleted finds, posts, and messages are retained for up to 30 days in a non-visible state before permanent deletion, to allow recovery in case of accidental deletion
• Account deletion: Upon request, your personal data is permanently deleted within 30 days, except where retention is required by law
• Messages: Direct and group messages you delete are soft-deleted for 30 days then permanently removed

6. Your Rights Under GDPR

As a user in the EU/EEA or subject to GDPR, you have the following rights:

• Access: Request a copy of all personal data we hold about you
• Rectification: Correct inaccurate or incomplete personal data
• Erasure ("Right to be forgotten"): Request permanent deletion of your account and associated data
• Data portability: Receive your data in a structured, machine-readable format
• Restriction: Request that we restrict processing of your data in certain circumstances
• Objection: Object to processing based on legitimate interests
• Withdraw consent: Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, contact us at support@detectorist.zone. We will respond within 30 days.

You also have the right to lodge a complaint with your national data protection authority if you believe we have not handled your data in compliance with GDPR.

7. Sharing Your Data

We do not sell your personal data. We share data only with the following service providers:

• Supabase — Database hosting, file storage, and authentication services. Your data is stored on Supabase infrastructure (EU region where available). Supabase Privacy Policy
• Stripe — Payment processing for any future premium features. We do not store payment card details. Stripe Privacy Policy
• Replit — Platform hosting during the beta phase. Replit Privacy Policy

All service providers are bound by data processing agreements and are required to handle your data in accordance with GDPR.

8. Cookies and Local Storage

We use minimal local storage in your browser:

• Authentication tokens: Stored in browser local storage to keep you logged in. These are essential for the service and cannot be disabled.
• User preferences: Settings like sidebar visibility stored locally on your device.

We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• All data is transmitted over encrypted HTTPS connections
• Passwords are hashed and never stored in plain text
• Access to production data is restricted to authorized personnel
• Row-level security is enforced at the database level
• Regular security reviews are conducted

No system is 100% secure. If you discover a security vulnerability, please report it responsibly to support@detectorist.zone.

10. International Data Transfers

Your data may be processed in countries outside your own. Where data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses, in accordance with GDPR requirements.

11. Children's Privacy

Detectorist is not intended for use by persons under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us so we can delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you via the platform or by email. The "Last updated" date at the top of this page reflects the most recent revision.

13. Contact

For any questions, data access requests, or to exercise your rights:

Email: support@detectorist.zone