Privacy Policy

Supper uses your Atmosphere account to sign you in and to show your public identity, such as your DID, handle, display name, and avatar. Sign-in uses AT Protocol OAuth: Supper stores OAuth session tokens so it can keep you signed in and write records you ask it to publish, and Supper never sees or stores your account password. We also store Supper-specific settings such as your page profile, customization, posts, products, commissions, DMs, reports, and order workflow information. You can also support creators as a guest without an Atmosphere account; guest contact details are collected by ATM during checkout rather than through a Supper account.

Some Supper activity is intentionally public. Public AT Protocol records may be stored on your PDS and read by other apps, relays, indexers, or archives. Signed-in payments you have authorized can also create public payment records on your repo, and creators may publish payment proofs and minimal entitlement records; those records carry only the final amount, currency, status, and opaque references — never emails, addresses, buyer notes, or card details. You should not put private personal information in public page text, public feed messages, product descriptions, or public commission listings.

Supper can also display public social content from Bluesky and other AT Protocol apps, such as posts, replies, profile details, handles, avatars, public engagement counts, and links to original posts. Supper reads this public information so creator pages and support feeds can show social context. If you delete, edit, label, appeal, or report that original social content, you may also need to use the app or service where it was posted, because Supper does not control the original Bluesky post, AT Protocol record, or third-party app view. Bluesky content is also subject to Bluesky's Terms of Service and Community Guidelines.

Private purchase and fulfillment information is kept private. This can include email addresses, shipping addresses, phone numbers, buyer messages intended for creators only, commission briefs, attachments, paywalled files, download keys, and moderation evidence. We share the minimum information needed with creators, ATM, and the vendors that help Supper operate. Today those vendors include Stripe (payment processing, through ATM), Cloudflare R2 (image and file storage — public images such as avatars and previews are served from a public bucket, while paywalled files live in a private bucket and are delivered through short-lived signed links), Resend (transactional email such as receipts and order updates), Vercel (web hosting), Turso (database hosting), and Upstash Redis (sign-in session storage). We do not sell private buyer contact information. See what personal information is shared for more detail.

ATM currently uses Stripe for payment processing. Payment details, checkout sessions, Stripe Connect information, KYC/KYB details, card network information, chargebacks, refunds, and tax/payment reporting may be handled by ATM, Stripe, banks, card networks, or other payment partners. Card numbers and payment credentials go directly to ATM and Stripe; Supper never receives or stores them. Supper passes order context — and, if you are signed in with a confirmed account email, that email as a checkout prefill — to ATM. After a payment completes, ATM sends Supper signed webhook updates with the payment status and the buyer contact and shipping details collected at checkout so Supper can deliver purchases, send receipts, and run order workflows. Guest subscription management links that ATM emails to guests are single-use and expire within 24 hours. ATM's own Privacy Policy explains how ATM handles payment data. Our checkout help, creator payments guide, and refunds policy explain how those flows work.

Creators receive the supporter information needed to fulfill a purchase or manage a supporter relationship. Creators must use that information only for the transaction, support relationship, compliance, and related communications. They must not add supporters to unrelated mailing lists or disclose supporter information without a lawful basis.

We may retain moderation reports, audit logs, evidence snapshots, payment/order records, and safety records where needed for legal, security, fraud-prevention, accounting, tax, dispute, or trust and safety reasons. You can contact us through the report or appeal flows if you need access, correction, deletion, or review of information associated with your Supper account.