Legal

Privacy Policy

Last updated: 2026-05-13

About this policy

ɳFamily is a private, self-hosted family social network built on the ɳSelf platform. This policy explains what data the ɳFamily software and the family.nself.org marketing site collect, how that data is used, and the rights you have over it.

Key fact: when you run your own ɳFamily instance, your family's data — posts, photos, messages, family tree — lives on your server. ɳSelf Inc. does not have access to it.

Data controller

For family.nself.org (this marketing site) and associated API services (ping.nself.org, api.nself.org):

ɳSelf Inc.
Email: privacy@nself.org

For your self-hosted instance, you (the server operator) are the data controller. ɳSelf Inc. is a data processor only to the extent the CLI sends opt-in telemetry (see below).

What we collect

On family.nself.org

Email address — when you join the waitlist or request an invite
Server-side request logs — IP address, User-Agent, timestamp (retained 30 days)
Vercel Analytics — aggregate page views only; no individual tracking cookies

CLI telemetry (opt-in)

The ɳSelf CLI sends anonymous command-count events to ping.nself.org when telemetry is enabled (default: on, opt-out via nself telemetry disable). No family content, no user identifiers beyond a random install UUID.

Your self-hosted instance

All family data — profiles, posts, photos, messages, family tree — is stored exclusively in the Postgres database and MinIO object storage on your server. ɳSelf Inc. has no connection to your instance and cannot access this data.

Children under 13 — COPPA

ɳFamily is designed as a private family social network. Parents may create accounts for children under 13, but only with verified parental consent.

Parental consent required. Before any data for a child under 13 is stored, a parent or legal guardian must provide verifiable consent through the in-app parental-consent flow.
Parents control child accounts. Parents may review, edit, or delete any data associated with a child's account at any time from the family admin panel.
No third-party sharing. Data for users under 13 is never shared with third parties, used for advertising, or transmitted off your server.
Data deletion. Parents may request full deletion of a child's data at any time. Deletion is immediate from your database; there is no 30-day hold.
No behavioural advertising. ɳFamily has no ad model. Child data is never used for any commercial purpose.

Questions about COPPA compliance: privacy@nself.org

If you are located in the European Economic Area, UK, or Switzerland, you have the following rights regarding personal data that ɳSelf Inc. controls (the marketing site, waitlist, and telemetry described above).

Right to access

Request a copy of the personal data we hold about you.

Right to erasure

Request deletion of your personal data. We will erase it within 30 days.

Right to rectification

Request correction of inaccurate personal data.

Right to portability

Receive your data in a structured, machine-readable format.

Right to restrict processing

Ask us to limit how we use your data while a dispute is resolved.

Right to object

Object to processing based on legitimate interests or for direct marketing.

To exercise any of these rights, email privacy@nself.org. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

Right to delete (self-hosted)

On a self-hosted ɳFamily instance, you control all data. To purge a member's social data or remove all activity feed entries, use the CLI:

# Remove all social data for a specific account
nself data purge --plugin social --account <account-id>

# Remove all activity feed entries for an account
nself data purge --plugin activity-feed --account <account-id>

# Remove all photos for an account
nself data purge --plugin photos --account <account-id>

Purge operations are irreversible. Back up your database before running them. Activity feed entries older than the configured retention period (default: 90 days) are pruned automatically by the activity-feed plugin. Photos are retained until explicitly deleted by the user or operator.

Data retention

Data type	Retained for
Waitlist email	Until you unsubscribe or request deletion
Server request logs (IP, UA)	30 days, then deleted automatically
CLI telemetry (install UUID)	Up to 2 years, then aggregated and anonymised
Parental consent records	Stored on your server; deleted when you delete the child account
Family content (posts, photos, messages)	On your server only; deleted when you run nself destroy

Cookies

family.nself.org uses no advertising or tracking cookies. The only cookies set are:

Session cookie — keeps you logged in to the waitlist or invite flow
Vercel deployment ID — Vercel's edge infrastructure sets this for routing; it contains no personal data

Changes to this policy

We may update this policy as the product evolves. The "last updated" date at the top of this page will always reflect the most recent revision. Material changes will be announced on the changelog.

Contact us

For privacy questions or to exercise your rights: privacy@nself.org

For ɳSelf platform issues: GitHub Issues

Legal

Privacy Policy

Last updated: 2026-05-13

About this policy

Key fact: when you run your own ɳFamily instance, your family's data — posts, photos, messages, family tree — lives on your server. ɳSelf Inc. does not have access to it.

Data controller

For family.nself.org (this marketing site) and associated API services (ping.nself.org, api.nself.org):

ɳSelf Inc.
Email: privacy@nself.org

For your self-hosted instance, you (the server operator) are the data controller. ɳSelf Inc. is a data processor only to the extent the CLI sends opt-in telemetry (see below).

What we collect

On family.nself.org

Email address — when you join the waitlist or request an invite
Server-side request logs — IP address, User-Agent, timestamp (retained 30 days)
Vercel Analytics — aggregate page views only; no individual tracking cookies

CLI telemetry (opt-in)

Your self-hosted instance

Children under 13 — COPPA

ɳFamily is designed as a private family social network. Parents may create accounts for children under 13, but only with verified parental consent.

Parental consent required. Before any data for a child under 13 is stored, a parent or legal guardian must provide verifiable consent through the in-app parental-consent flow.
Parents control child accounts. Parents may review, edit, or delete any data associated with a child's account at any time from the family admin panel.
No third-party sharing. Data for users under 13 is never shared with third parties, used for advertising, or transmitted off your server.
Data deletion. Parents may request full deletion of a child's data at any time. Deletion is immediate from your database; there is no 30-day hold.
No behavioural advertising. ɳFamily has no ad model. Child data is never used for any commercial purpose.

Questions about COPPA compliance: privacy@nself.org

Right to access

Request a copy of the personal data we hold about you.

Right to erasure

Request deletion of your personal data. We will erase it within 30 days.

Right to rectification

Request correction of inaccurate personal data.

Right to portability

Receive your data in a structured, machine-readable format.

Right to restrict processing

Ask us to limit how we use your data while a dispute is resolved.

Right to object

Object to processing based on legitimate interests or for direct marketing.

To exercise any of these rights, email privacy@nself.org. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

Right to delete (self-hosted)

On a self-hosted ɳFamily instance, you control all data. To purge a member's social data or remove all activity feed entries, use the CLI:

# Remove all social data for a specific account
nself data purge --plugin social --account <account-id>

# Remove all activity feed entries for an account
nself data purge --plugin activity-feed --account <account-id>

# Remove all photos for an account
nself data purge --plugin photos --account <account-id>

Data retention

Data type	Retained for
Waitlist email	Until you unsubscribe or request deletion
Server request logs (IP, UA)	30 days, then deleted automatically
CLI telemetry (install UUID)	Up to 2 years, then aggregated and anonymised
Parental consent records	Stored on your server; deleted when you delete the child account
Family content (posts, photos, messages)	On your server only; deleted when you run nself destroy

Cookies

family.nself.org uses no advertising or tracking cookies. The only cookies set are:

Session cookie — keeps you logged in to the waitlist or invite flow
Vercel deployment ID — Vercel's edge infrastructure sets this for routing; it contains no personal data

Changes to this policy

We may update this policy as the product evolves. The "last updated" date at the top of this page will always reflect the most recent revision. Material changes will be announced on the changelog.

Contact us

For privacy questions or to exercise your rights: privacy@nself.org

For ɳSelf platform issues: GitHub Issues

Privacy Policy

About this policy

Data controller

What we collect

On family.nself.org

CLI telemetry (opt-in)

Your self-hosted instance

Children under 13 — COPPA

GDPR rights

Right to access

Right to erasure

Right to rectification

Right to portability

Right to restrict processing

Right to object

Right to delete (self-hosted)

Data retention

Cookies

Changes to this policy

Contact us

Privacy Policy

About this policy

Data controller

What we collect

On family.nself.org

CLI telemetry (opt-in)

Your self-hosted instance

Children under 13 — COPPA

GDPR rights

Right to access

Right to erasure

Right to rectification

Right to portability

Right to restrict processing

Right to object

Right to delete (self-hosted)

Data retention

Cookies

Changes to this policy

Contact us