Agorà data transparency

This Privacy Policy explains how AGORÀ may collect, use, store, and protect personal data.

AGORÀ is designed for public discourse, profiles, posts, moderation, and related platform features. Because the service processes account information, user content, and technical data, users should be able to understand what is collected, why it is processed, how long it may be kept, and what rights may be available under applicable law.

Minimum age AGORÀ is intended only for users aged 16 and over, consistent with the platform rules.

Public content Posts, profile elements, and public interactions may be visible to other users depending on platform settings.

User rights Depending on applicable law, users may request access, correction, deletion, restriction, objection, or portability.

Effective date: 2026-03-18
Version: 2026-03-18-v1
This policy is a platform privacy draft and should be completed with the final legal identity, technical stack, jurisdictions, and real operational practices of the live service.

Contents

1. Service operator / controller 2. Scope of this policy 3. Data we may collect 4. Public content and visibility 5. Why data may be processed 6. Legal bases 7. Retention periods 8. Sharing and disclosure 9. International transfers 10. Security and safeguards 11. User rights 12. Children and minimum age 13. Policy updates 14. Contact for privacy matters

1. Service operator / controller

The controller or service operator of AGORÀ is:

[Insert legal name / full name / company name]
[Insert registered address or business address]
[Insert country of establishment]
[Insert legal contact email]

If AGORÀ later appoints a data protection contact, representative, or other designated legal contact, this page may be updated accordingly.

2. Scope of this policy

This Privacy Policy describes how AGORÀ may process personal data when users visit the website, create an account, sign in, publish posts, interact with other users, use platform tools, contact support, submit reports, or otherwise use the service.

This policy applies to personal data processed through the AGORÀ website and related platform functions. It should be read together with the Terms of Service and the Cookies & Storage Notice.

3. Data we may collect

Depending on how AGORÀ is used, the platform may process categories of data such as:

Account and identity data — such as username, display name, login identifier, email address, profile data, and authentication-related records;
User-generated content — such as posts, comments, replies, profile text, saved items, uploaded media, reports, moderation appeals, or other content submitted by users;
Technical and device data — such as IP address, browser type, operating system, device identifiers, session information, timestamps, request logs, and security events;
Usage data — such as pages visited, features used, interactions, account actions, navigation events, saved preferences, and platform activity patterns;
Support and communication data — such as messages sent to support, legal notices, abuse reports, or correspondence with AGORÀ;
Moderation and trust & safety data — such as reports, enforcement records, restriction history, anti-abuse signals, and investigation notes reasonably necessary to protect the platform and users;
Local storage and browser-side data — such as theme preferences, acceptance records, session continuity markers, or other device-side data described in the Cookies & Storage Notice.

AGORÀ should collect and retain only the data reasonably necessary to operate, secure, improve, and legally maintain the service.

4. Public content and visibility

AGORÀ is designed as a public or semi-public discussion platform. This means that some profile information, posts, comments, reactions, or other user activity may be visible to other users or, depending on platform design, to the wider public.

Users should assume that content intentionally published to the platform may be viewed, copied, quoted, screenshotted, archived, or discussed by others, even if AGORÀ later limits or removes access. AGORÀ cannot guarantee that third parties will not reproduce or retain content they have already seen.

5. Why data may be processed

AGORÀ may process personal data for purposes including:

creating and maintaining user accounts;
authenticating users and keeping sessions secure;
publishing, displaying, storing, and delivering user content and profile information;
operating features such as posts, comments, saved items, maps, games, discovery, or future modules;
detecting, preventing, and investigating spam, abuse, fraud, platform misuse, or security incidents;
reviewing reports, moderating content, and enforcing the Terms of Service;
communicating with users about the service, updates, security matters, or policy changes;
fulfilling legal obligations, defending rights, responding to lawful requests, or preserving evidence where necessary;
improving reliability, performance, accessibility, and user experience;
maintaining internal logs, backups, business continuity, and administrative records.

6. Legal bases

Where data protection law such as the GDPR applies, AGORÀ may rely on one or more legal bases depending on the context of processing. These may include:

Performance of a contract — when processing is necessary to provide the service requested by the user;
Legitimate interests — when reasonably necessary to protect platform security, prevent abuse, improve the service, operate moderation systems, or defend legal rights, provided such interests are not overridden by the user’s rights where the law requires balancing;
Consent — where the law requires consent, including for some non-essential cookies, storage, or comparable technologies;
Legal obligation — when AGORÀ must retain, disclose, or process data to comply with applicable law;
Protection of vital interests or public-interest grounds — only where applicable and legally justified.

AGORÀ should identify the correct basis for each processing activity in actual operation and should not rely on consent where another legal basis is the proper one.

7. Retention periods

AGORÀ may retain personal data only for as long as reasonably necessary for the purposes for which it was collected, including operation of the service, account continuity, moderation, fraud prevention, backup integrity, dispute handling, legal compliance, and evidentiary preservation.

Retention periods may vary by category. For example:

account data may be retained while the account remains active and for a limited period afterwards where reasonably necessary;
public content may remain visible until deleted by the user, removed by AGORÀ, or otherwise archived under platform rules;
security logs and moderation records may be retained longer where abuse prevention, investigations, or legal preservation require it;
backup copies may persist temporarily even after deletion from active systems.

9. International transfers

Depending on hosting, delivery networks, third-party services, or support operations, data may be processed in countries other than the user’s own country.

Where applicable law requires safeguards for international data transfers, AGORÀ should use appropriate legal mechanisms and organizational measures before transferring protected personal data across borders.

10. Security and safeguards

AGORÀ should use reasonable technical and organizational measures designed to protect personal data against unauthorized access, unlawful disclosure, misuse, destruction, or accidental loss.

These measures may include access controls, authentication controls, rate limits, logging, secure transport, backup measures, anti-abuse systems, internal permissions, and other security practices appropriate to the size and risk profile of the service.

No online system can guarantee absolute security. Users should also protect their accounts, devices, and credentials appropriately.

11. User rights

Depending on applicable law, users may have rights such as:

the right to request access to personal data;
the right to request correction of inaccurate or incomplete data;
the right to request deletion of data in certain circumstances;
the right to request restriction of processing in certain circumstances;
the right to object to certain processing, especially where based on legitimate interests;
the right to data portability where the law provides it;
the right to withdraw consent where processing relies on consent;
the right to lodge a complaint with a competent supervisory authority where the law provides that right.

AGORÀ may need to verify identity before acting on certain requests and may refuse or limit a request where applicable law permits or requires such limitation.

12. Children and minimum age

AGORÀ is not intended for users under the age of 16. The platform’s own rules require users to be at least 16. If AGORÀ becomes aware that it has collected personal data from a person below the permitted minimum age in violation of its platform rules, AGORÀ may restrict or remove the account and take reasonable steps to delete or limit the related data, subject to legal retention requirements.

13. Policy updates

AGORÀ may update this Privacy Policy from time to time to reflect legal, operational, technical, or product changes. The most recent version should be made available on this page, together with an updated effective date.

Where required by law or appropriate for the importance of the change, AGORÀ may provide additional notice or request renewed acknowledgment.

14. Contact for privacy matters

Privacy-related requests, notices, or questions may be sent to:

[Insert privacy email address]

If AGORÀ later publishes a specific legal or data protection contact form, that channel may be used instead or in addition.