We judge your purchases,
not your data.
Last updated 7 July 2026 · getreally.app · beatthealgo@getreally.app
really? exists to stop you buying things. It does not exist to harvest, sell, or get weird with your data. This policy says exactly what we touch, why, and how to make us forget you ever hesitated at a checkout.
The short version: no bank access, ever. No selling or sharing your browsing. No ads, no trackers, no mouse-movement surveillance. Card details go to Stripe, never to us. By default, everything the extension knows lives in your own browser and dies when you uninstall it.
1. Who we are
really? ("we") operates getreally.app and the really? browser extension from the United Kingdom. For data-protection purposes we are the controller of the personal data described here. Contact: beatthealgo@getreally.app.
2. What we collect, and why
Sign-up / early access
Name, email, and the gender you select — so we can let you in, address you correctly, and understand who the product resonates with. Legal basis: consent. We do not require your real name; the Face judges pseudonyms equally.
Accounts
Your email, used solely for magic-link sign-in and account communication. No passwords exist to leak. Legal basis: contract.
Checkout events (only if you connect sync)
If — and only if — you create a sync token and connect the extension, it sends us the judgement events: merchant name, site domain, page path (never query strings, which is where personal details hide), approximate amount, category, your chosen tone, your goal name, the excuse you typed, and whether you backed out, saved instead, or proceeded anyway. This exists so your dashboard works. Legal basis: contract. Without a token, none of this leaves your browser.
Payments
Handled entirely by Stripe. We receive confirmation that you paid and your subscription status — never card numbers. Stripe's own privacy policy governs what they process.
What the extension keeps locally only
Your goal, tone and judge settings, chosen sites, interruption stats, and a random install identifier. On your machine, in your browser's storage, not ours.
3. What we never collect
- No bank connection. Not now, not by default, not sneakily later.
- No browsing history. The extension acts on checkout-shaped pages and reports only the judgement events above; your general browsing is none of our business.
- No keystroke logging, mouse tracking, or session recording. We are judging purchases, not running surveillance theatre. Website analytics count pages, not people.
- No purchase confirmation. We only know whether you clicked past us — never whether a transaction actually completed. Our numbers say "estimated" because they are.
4. The live counters, since you'll ask
The community stats on our landing page are aggregates (never individual events) and, during beta, include disclosed demo seed data plus on-page animation — the page says so right under the numbers. Your individual data is never displayed to anyone but you.
5. Who touches the data (sub-processors)
- Supabase — database and authentication (accounts, waitlist, synced events).
- Railway — hosts this website.
- Stripe — payments, entirely.
- Google Fonts — serves the typefaces; your browser requests them directly.
- Google Analytics — tells us how many people visit this website and which pages they read. Website only — the extension itself contains no analytics of any kind.
Some providers process data outside the UK/EEA under standard contractual safeguards. We do not sell personal data to anyone, and no affiliate or advertiser influences what the Face says.
6. Cookies and local storage
No advertising cookies. This website uses Google Analytics to count visits and see which pages people actually read — standard, aggregate, and never joined to your account or your checkout events. The extension contains no analytics whatsoever: what the Face sees stays in your browser. Beyond that we use local storage for exactly two mundane things: keeping you signed in, and remembering that you've signed up (so the download stays unlocked). Thrilling stuff.
7. How long we keep things
Account and synced data: while your account exists. Waitlist entries: until launch-related communication is done or you ask out. Payment records: as long as tax law insists (longer than any of us would like). Deleted means deleted from live systems within 30 days.
8. Your rights
Under UK GDPR you can ask for access, correction, deletion, portability, or restriction of your data, and withdraw consent at any time. One email to beatthealgo@getreally.app does any of these — no forms, no countdown timer, no essay required. We answer within a month, usually much faster. If we disappoint you, you can complain to the ICO at ico.org.uk — though we'd rather you told us first so we can fix it.
9. Deleting everything
- The extension: uninstall it. Local data is destroyed instantly.
- Your account and events: email "delete my data" from your account email.
- The waitlist: same email, same clean ending.
We keep no shadow copies and hold no grudges. The Face forgets you the moment the row is gone.
10. Children
really? is for people 16 and over. It is a product about spending money at checkouts; if that is your childhood, we have separate concerns.
11. Changes
If this policy changes materially we'll say so on the site or by email, in plain words, before it takes effect. The date at the top always tells the truth.
Questions, requests, complaints, compliments about the Face: beatthealgo@getreally.app