My Weak Ties

Privacy Policy

Last updated: March 15, 2026

1. Information We Collect

We collect the following information when you register and use MyWeakTies:

  • Account data: Email address, authentication provider (email or Microsoft Entra ID)
  • Profile data: Full name, WEMBA year, cohort, city, state, business title, company, phone number, bio, profile photo
  • Content: Forum posts, replies, showcase links, event submissions, job listings, comments, likes, RSVPs
  • Usage data: Login timestamps, session data (stored in secure cookies)

2. How We Use Your Information

  • To provide and operate the alumni community platform
  • To display your profile in the member directory to other approved members
  • To send SMS notifications about account approval (if phone number provided)
  • To notify administrators of new registrations
  • To enforce community guidelines and moderate content

3. Data Storage

Your data is stored securely in Supabase (PostgreSQL) hosted infrastructure. Authentication tokens are managed via secure HTTP-only cookies. Profile photos are stored in Supabase Storage with access controls.

4. Data Sharing

We do not sell your data. Your information is shared only:

  • With other members: Your profile, posts, and activity are visible to approved Platform members
  • With service providers: Supabase (database/auth), Vercel (hosting), Twilio (SMS notifications)
  • As required by law: If legally compelled to disclose information

5. Cookies

We use the following cookies:

  • Authentication cookies: Secure session tokens managed by Supabase Auth (essential for login)
  • Preference cookies: preferred_auth_provider in localStorage (remembers your login method)
  • Consent cookie: cookie_consent in localStorage (remembers your cookie preference)

We do not use third-party tracking cookies, analytics cookies, or advertising cookies.

6. Your Rights

You may:

  • View and edit your profile information at any time
  • Request deletion of your account by contacting an administrator
  • Withdraw from the Platform at any time by signing out

7. Data Retention

Your data is retained for as long as your account is active. If your account is deactivated by an administrator, your content is preserved but your login is disabled. Account deletion removes your authentication data; content may be anonymized rather than deleted.

8. Security

We implement row-level security (RLS) on all database tables, JWT-based authentication with role claims, and server-side validation on all operations. Service role keys are never exposed to client-side code.

9. Changes to This Policy

We may update this Privacy Policy at any time. Changes will be posted on this page with an updated "Last updated" date.

10. Contact

Privacy questions may be directed to admin@myweakties.com.