Legal

Privacy Policy

Last updated: March 2026

What Odin is

Odin is a private, invite-only discovery network. You save and search recommendations from people you actually know. We do not show you content from strangers or algorithms.

What we collect

Account information — your name and email address, via Google Sign-In. We use Google OAuth and do not store your password.
Content you add — titles, descriptions, URLs, addresses, photos, and personal notes ("The Word") that you choose to write.
Location — only when you use distance-based features. We do not store your location permanently; it is used only to calculate distances in-session.
Usage data — which items you save, search queries you run, and when you were last active.
Device/session data — standard technical logs (browser type, session tokens) managed by Supabase and Google.

How your content travels — Save Inheritance

This is Odin's core privacy mechanic. You should understand it before adding anything.

When you add an item: your name and personal note are visible to your direct connections only.

If a connection saves your item: their wider circle sees that the item was saved — but not by whom, and not your personal note.

In plain terms: your identity and story travel one hop. Beyond that, only an anonymous signal travels. Your name never appears to people you haven't connected with.

You can set any item to "Only me" to keep it entirely private.

AI processing

Odin uses AI to make search work well. Here is what happens to your content:

Your title, description, and personal note are converted into a numerical "embedding" using OpenAI's API. This is stored in our database and used only for search.
When you search, your query is sent to OpenAI to understand intent and language — it is not stored by us beyond the session.
Your personal notes may be processed by OpenAI's API as part of embedding generation. As of 2025, OpenAI does not use API-submitted data to train models.

What we do not do

We do not sell your data.
We do not show advertising.
We do not share your data with third parties except Supabase (storage), OpenAI (AI processing), and Google (authentication).
We do not build advertising profiles.

Your rights (NZ Privacy Act 2020)

You have the right to access, correct, or delete the personal information we hold about you. To exercise any of these rights, contact us at odin.privacy@gmail.com. We will respond within 30 days.

Data storage

Your data is stored on Supabase, hosted on AWS infrastructure. By using Odin, you consent to this cross-border transfer. Supabase is SOC 2 compliant.

Changes to this policy

We will notify you of material changes via the app before they take effect.

Contact

odin.privacy@gmail.com