What we see, store, and don't.

What We Collect

When you use Tisket, the following information is collected:

• Tisket content you create when issuing a citation — offense title, code, violator identifier, location, description, fine tier, Tasket text, issuing-officer pseudonym, badge number. Stored indefinitely as the platform's public record.
• Response content you submit on a Tisket — public statements, Tasket proof/notes, tip-acknowledged flags. Stored indefinitely.
• Fraud reports you submit via the Report form, including any optional name/email you provide. Stored indefinitely.
• A hashed IP address. Your IP is immediately passed through SHA-256 with a server-side salt before storage. We never store raw IPs. The hash is used for rate-limiting and abuse-prevention.
• Approximate timestamps of each Tisket, response, and rate-limit event.
• Analytics data via Google Analytics — page views, anonymized IPs, browser/device characteristics, event names (e.g., "tisket_issued," "tip_marked"). See Cookies and Analytics below.

What We Don't Collect

We do not ask for accounts, email, phone numbers, or any other personal information to use the core features. We don't fingerprint you across sites. We don't sell or rent your data — to anyone — ever. We have no advertising network, no tracking pixels, no remarketing.

How We Use Your Data

• Display the citation to whoever you send the URL to (that's the point of the product).
• Aggregated leaderboards show top issuers (by pseudonym), most-cited offenses, and recent Tiskets. These are public.
• Rate-limit and abuse-prevention via the IP hash — without storing your raw IP.
• Operational analytics (Google Analytics) to understand which pages are used and where things break.
• Respond to legal process on receipt of valid law-enforcement subpoenas, court orders, or other lawful demands.

Cookies and Analytics

Tisket itself sets no cookies. Google Analytics (operated by Google LLC) sets cookies (typically _ga, _gid) on your browser when you visit any Tisket page. This is used solely for traffic measurement. You can opt out by:

• Using a browser that blocks third-party cookies, or
• Installing the Google Analytics opt-out browser add-on, or
• Enabling "Do Not Track" or equivalent in your browser.

Note: Tisket does not currently honor Do Not Track at the server level, only via the Google Analytics opt-out described above.

Public Record

Tiskets you issue, statements you post, and the public leaderboard are public by default — anyone with the URL can view a Tisket, and aggregated stats appear on the leaderboard. Do not put anything in a Tisket you wouldn't want public. The violator identifier you enter (a name, plate, "Brad from Marketing") becomes part of the public record for that Tisket.

What We Share

We do not share user data with third parties except:

• Google Analytics — analytics data described above, governed by Google's privacy policy;
• Hosting infrastructure — Opalstack and Cloudflare handle traffic and storage; they have access to the data necessary to operate the service;
• Law enforcement — only on valid legal process, and we publish notice of any government request unless legally prohibited.

Data Retention

• Tiskets and responses — retained indefinitely as the platform's public record.
• IP hashes — retained for 90 days for rate-limiting purposes, then purged.
• Fraud reports — retained indefinitely.
• Analytics data — retained per Google Analytics' default retention (2 months for user-level data, 14 months for event-level data, configurable).

Your Rights

You may request:

• Deletion of a specific Tisket or response if you can demonstrate you were its issuer (provide the citation number and authentication context);
• Correction of factual errors in a Tisket;
• A copy of any data we hold associated with you (subject to the limits of an anonymous service).

Send requests to [email protected]. We respond within 30 days. EU and California residents have additional rights under GDPR and CCPA respectively; see those sections of applicable law.

Children

Tisket is for users 18 and older. We do not knowingly collect data from anyone under 18. If you believe a minor has provided data to Tisket, contact [email protected] and we will delete it.

International Users

Tisket is hosted in the United States. By using the Service from outside the US, you consent to the transfer and storage of data in the US. We do not currently have data-localization measures for any jurisdiction.

Changes to This Policy

We may update this policy from time to time. Material changes will be posted on this page with an updated "Last updated" date. Continued use of the Service after changes take effect constitutes acceptance.

Contact

Privacy questions, data requests, complaints: [email protected]. For abuse or fraud, see the Report Fraud form or [email protected].