Privacy Policy

1. Information We Collect

Undercurrent does not require account registration or collect personally identifiable information (PII) as part of normal Platform use. However, we may automatically collect the following technical data when you access the Platform:

• Log Data — IP address, browser type and version, operating system, referring URL, pages visited, and timestamps. Retained for up to 30 days for security and operational purposes.
• Usage Data — Anonymized, aggregated interaction data (e.g., feature usage frequency, dashboard navigation patterns) used solely to improve Platform performance and usability.
• Device Information — Browser capabilities and viewport size, used to optimize display of visualizations.

We do not collect names, email addresses, payment information, or any other personally identifiable information unless you voluntarily provide it (e.g., by contacting us directly).

2. How We Use Information

Information collected is used solely for the following purposes:

• Operating, maintaining, and improving the Platform
• Monitoring and ensuring the security and integrity of the Platform
• Detecting and preventing unauthorized access, abuse, or fraud
• Diagnosing technical issues and analyzing performance
• Complying with applicable legal obligations

We do not sell, rent, lease, or otherwise share your information with third parties for marketing or advertising purposes.

3. Cookies and Tracking Technologies

The Platform does not use third-party tracking cookies, advertising cookies, or persistent cross-site tracking technologies.

We may use strictly necessary session-level browser storage (e.g., localStorage) to retain user interface preferences such as selected filters or time ranges. This data is not transmitted to our servers and is cleared when you close your browser session or clear site data.

We do not use cookies for analytics, advertising, or behavioral profiling.

4. Third-Party Data Sources

The Platform aggregates and presents data from publicly available third-party sources, which may include GDELT, YouTube, Reddit, Wikipedia, news publications, and social media platforms. This aggregated data consists of public media content and signals — it does not include personal information of end users of those platforms.

Undercurrent does not control the data collection or privacy practices of any third-party source. We encourage you to review the privacy policies of those platforms directly.

5. Data Retention

We retain technical log data for a maximum of 30 days, after which it is deleted or anonymized. Aggregated, non-identifiable usage analytics may be retained indefinitely for Platform improvement purposes. Any information you voluntarily provide (e.g., via email contact) is retained only as long as necessary to fulfill the purpose for which it was provided.

6. Data Security

We implement industry-standard technical and organizational security measures to protect information processed by the Platform, including:

• HTTPS/TLS encryption for all data in transit
• Server-side access controls and authentication
• Regular security monitoring and review

No method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining reasonable safeguards.

7. Disclosure of Information

We do not disclose your information to third parties except in the following limited circumstances:

• Legal compliance — When required by applicable law, regulation, court order, or governmental authority
• Protection of rights — To protect the rights, property, or safety of Undercurrent, its users, or the public
• Service providers — To trusted infrastructure providers (e.g., cloud hosting) operating under confidentiality obligations, solely to support Platform operations

8. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access — Request a copy of personal information we hold about you
• Correction — Request correction of inaccurate information
• Deletion — Request deletion of your personal information, subject to legal retention requirements
• Opt-out — We do not sell personal information; there is nothing to opt out of in that regard

Because the Platform does not collect PII in the ordinary course of use, most of these rights will not be applicable to typical users. To exercise any rights or make a privacy inquiry, contact us at the address below.

9. Children's Privacy

The Platform is not directed at individuals under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately and we will take steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. The "Last Updated" date at the top of this page will reflect the most recent revision. We encourage you to review this policy periodically. Continued use of the Platform following any update constitutes acceptance of the revised policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

Undercurrent
nlomnitz@berkeley.edu