Privacy Policy

Welcome to Ostraca, operated by Robin Press (part of SLCK Holdings). We respect your privacy and are deeply committed to protecting your personal data. This Privacy Policy details the exceedingly limited data we collect, why we collect it, and the robust lengths we go to ensure it is handled legally and safely across all global jurisdictions.

1. Data We Collect

Because our current platform serves predominantly to grant access, distribute lore, and accept waitlist requests, our data footprint is strictly minimal:

• Email Addresses: Provided explicitly and directly by you via our waitlist/newsletter forms.
• Technical Analytics: Only if you have explicitly given us consent, we collect passive page view metrics (like browser type and general region routing) via our analytics partner.

2. Cookie Policy

We maintain strict categorization of cookies deployed on our site in full compliance with the ePrivacy Directive:

• Strictly Necessary: We utilize local browser storage (`localStorage`) solely to permanently remember choices you've strictly initiated—such as whether you have already submitted your email or set a system theme. These are functionally vital and do not track.
• Analytics (Optional): We utilize PostHog for site analytics. PostHog employs a statistical tracker to quantify traffic. This is disabled entirely by default. It will not write a cookie nor trigger a tracking packet onto your device unless you physically accept it via our privacy modal.

3. How We Process Data

We deploy an isolated backend architecture for communications. Emails provided to us are bridged securely and directly into Loops, our dedicated secure email dispatch service, ensuring your address remains vaulted strictly for newsletter distribution.

We do not sell, rent, or structurally exchange your data with any third-party ad networks. We run zero passive marketing pixels.

4. Global Jurisdictional Disclosures

European Union (GDPR) & UK GDPR

Under the GDPR, Robin Press acts as the Data Controller. Our lawful basis for processing your email is your explicit consent provided alongside form submission. You definitively possess the right to access, rectify, or demand full erasure of your personal data at any time ("Right to be Forgotten").

Switzerland (FADP)

In compliance with the Swiss Federal Act on Data Protection, we ensure that if your data crosses borders into our US processing centers, it is protected by adequate safeguards commensurate with Swiss legal requirements.

United States (CCPA, CPRA, VCDPA)

We strictly recognize California, Virginia, and broader US state data privacy regulations. We strictly do not "sell" or "share" your personal information for cross-context behavioral advertising. You have the legal right to request precisely what details we have stored regarding your identity.

Brazil (LGPD)

Residents of Brazil natively command the exact legal protections guaranteed by the LGPD. Processing of any identification relies exclusively on your active consent or contractual necessity.

5. Your Privacy Controls

You hold total control over technical analytics. Even after accepting, you can dynamically revoke tracking capabilities at any time. Look for the persistent Privacy Shield icon anchored at the bottom right corner of the site or listed securely in our footer.

6. Contact Information

If you have any questions, concerns, or legal requests regarding your data, privacy rights, or this policy, please reach out explicitly to our Data Controller team at: