Privacy Policy

Effective 14 May 2026

This policy explains what information Setform collects, why, with whom it is shared, and the rights you have over it. Plain English wherever possible.

1. Who runs Setform

Setform is an independent surf-forecasting project operated by Brian Wilson, an individual based in Switzerland. Setform is not a registered company. You can reach the operator at [email protected].

For data-protection purposes, the operator acts as the data controller for any personal data described below.

2. What we collect

2.1 Anonymous visitors

If you visit Setform without creating an account, we collect no personal data. We use cookieless aggregate analytics (Cloudflare Web Analytics and PostHog Cloud EU) to understand which spots are viewed and which features are used. Both services are configured so that no cookies, no localStorage entries, no session recordings, and no cross-site identifiers are created on your device. Your IP address is used briefly to derive an approximate country and is then discarded by the analytics services; we never see or store the raw IP.

2.2 Account holders

If you create a free account we collect:

  • Email address — required, used to sign you in and to send account-related messages (verification, password reset, important service notices).
  • Password — stored as a salted hash by our authentication provider (Supabase). It is never visible to us or to anyone else, including the operator.
  • First name — optional, used only to address you in emails. You may leave it blank.
  • Default surf spot and skill level — optional preferences you may set in your account page. Used to tailor what you see in the app.
  • Marketing-email preference — a single yes/no flag captured during signup and editable from your account page. Off by default.

When you are signed in, our analytics provider (PostHog) associates your usage with an opaque internal identifier so we can understand retention and feature use at the account level. We never pass your email, name, or any other personal field to PostHog — only the opaque identifier.

2.3 Forecast lookups

Every time you view a spot, your selected coordinates are sent to the Open-Meteo APIs to fetch the forecast. No identifier is attached to those requests; Open-Meteo only sees the coordinates and a generic server-side request from our edge.

3. Why we collect it

  • To provide the service: deliver forecasts, sign you in, save your preferences across devices.
  • To keep the service working: aggregate analytics tell us which features are used and which are not, so we can improve them.
  • To communicate with you: account-related messages (always), and marketing emails (only if you opted in).

The legal bases for this processing under the GDPR / Swiss FADP are: performance of the agreement with you (the account and the service), the operator's legitimate interest in running a functional, secure, improvable site (aggregate analytics), and your explicit consent for marketing emails.

4. Who else processes your data

Setform uses a small set of third-party service providers ("sub-processors") to run. Each is named below with what it handles and where it stores the data.

  • Cloudflare — site hosting (Cloudflare Pages) and edge security. Operates globally; serves you from the nearest edge.
  • Cloudflare Web Analytics — cookieless aggregate analytics. IP addresses are not stored.
  • PostHog Cloud EU (Frankfurt, Germany) — cookieless product analytics. For account holders, your events are tagged with an opaque internal identifier; no email or name is shared.
  • Supabase (Frankfurt, Germany) — authentication and account-data storage. Holds your email, password hash, first name, and preferences.
  • Open-Meteo (Germany) — forecast data provider. Receives only coordinates, no account identifier.
  • Resend (United States) — transactional and marketing email delivery, when this is wired up. Receives only the email address it is sending to.

Each of these providers has its own privacy policy. Where data is transferred outside the EU/EEA/Switzerland (Cloudflare, Resend), the transfer is covered by the European Commission's Standard Contractual Clauses and the Swiss Federal Data Protection and Information Commissioner's equivalent recognitions.

5. Cookies and tracking

Setform does not use any cookies for analytics, advertising, or cross-site tracking. For signed-in users, our authentication provider (Supabase) stores a session token in your browser's local storage — this is what keeps you signed in across reloads. Clearing your browser data signs you out.

We do not run advertising, do not embed third-party social-media widgets, and do not load any pixels or trackers from external networks.

6. Your rights

If you are based in the EU/EEA, the UK, or Switzerland (and in many other jurisdictions), you have the following rights over your personal data:

  • Access — see what we hold about you.
  • Rectification — correct anything that is wrong.
  • Deletion — have us erase your account and associated data.
  • Portability — receive a copy in a portable format.
  • Restriction — ask us to stop certain processing.
  • Objection — object to processing based on legitimate interest.
  • Withdraw consent — for marketing emails or any other consent-based processing, at any time.
  • Complain — lodge a complaint with a supervisory authority (in Switzerland, the FDPIC; in the EU, your local data-protection authority).

Most of these rights can be exercised directly from your account page — you can edit your first name, change your password, toggle marketing emails, and delete your account, which immediately erases your account row and all associated data. For everything else, email [email protected] and we will respond within 30 days.

7. How long we keep your data

  • Anonymous analytics — aggregated indefinitely. These cannot be linked back to any individual.
  • Account data — retained while your account exists. When you delete your account, all account data is erased within a small number of days (immediately at the application layer; backups age out shortly after).
  • Email logs — once Resend is wired up, transactional and marketing email-delivery logs are retained by Resend for a short window per their policy.

8. Security

Passwords are stored as salted hashes by Supabase and are never visible to the operator. Account API endpoints are protected by row-level security so that one account can never read another account's data. The site enforces HTTPS site-wide and applies a strict Content Security Policy. No security setup is perfect, but the surface area here is deliberately small.

9. Children

Setform is not directed at children under 16 and we do not knowingly collect personal data from children. If you believe a child has created an account, email [email protected] and we will delete it.

10. Changes to this policy

If we change this policy in a way that materially affects how your personal data is handled, we will notify account holders by email before the change takes effect. The "Effective" date at the top of this page always reflects the current version.

Questions? Email [email protected].