Privacy

Beta status

Regali is currently invite-only beta software run as a personal project. It is not a commercial service. Sign-ups are disabled; accounts are created manually for invited testers.

What we store

• Your email address and an encrypted password (via Supabase Auth)
• Wishlist items you create — title, optional URL, optional notes
• Groups you create or join, the join codes for groups you own, and which groups you share each wishlist item with
• Purchase claims you make on other people's items — the item, your identity as the claimer, and the status (planning or purchased)

Who can see what

• Wishlist items are private until you share them with a group
• Group members see the items shared to that group and who owns each one
• When you claim someone's item, other group members see your name; the item owner sees only that someone may be sorting it — never who, and never the status. This is a core promise of the app.
• Group join codes are visible only to the group owner. Owners can regenerate or revoke them.

Where data is stored

All application data lives in a Supabase project. Authentication sessions are managed by Supabase Auth. Database rows are protected by Postgres row-level security and by application-level scoping in our server code.

Errors and diagnostics

We send technical error reports to Sentry when something breaks in the app, so we can fix it. Before sending, we strip your email, name, request bodies, cookies, and authentication headers — no personal data leaves the app this way.

Account removal

If you want your account and data deleted, contact the person who invited you and they'll remove it from the Supabase dashboard. Cascading deletes will remove your wishlist items, group memberships, and claims.