Fifteen is a personal feed reader. You follow real people — writers, thinkers, creators — and see their work in one place, in the order they published it. No algorithm, no ads.
We built this in Givoletto, Turin, Italy, which means GDPR applies. This policy explains what we collect, why, and what you can do about it. We've tried to make it readable.
What we collect
- Account data: Your name (optional), email address, and a hashed password when you register.
- Feed data: The people you follow and their public RSS/feed URLs. This is stored so we can fetch their posts for you.
- Usage data: When you last refreshed your feed, which items you've saved, and basic page view analytics (no tracking pixels, no third-party analytics).
- Payment data: If you upgrade to a paid plan, payments are processed by Stripe. We store your subscription tier and status, not your card details.
- Support messages: If you contact us via the support form, we receive your message and email.
What we don't collect
We don't track you across the web. We don't sell your data. We don't use third-party advertising. We don't build profiles for targeting. We don't read your feed content for any purpose other than showing it to you.
Why we use your data
- To run your account: Authentication, feed delivery, bookmarks, settings.
- To deliver the service: Fetching and caching posts from the people you follow.
- To process payments: Managing your subscription through Stripe.
- To respond to support requests: When you reach out, we reply.
- To understand how the product is used: Aggregate, anonymous metrics (how many people visited, how many refreshed their feed today). No individual tracking.
Where your data is stored
Your data is stored in a PostgreSQL database hosted on Neon (US-based cloud). We use Render for hosting (also US-based). By using Fifteen, you acknowledge this cross-border transfer. If you'd like your data deleted, see the section below.
How long we keep it
We keep your account data for as long as your account exists. If you delete your account, we delete your personal data within 30 days. Feed content is cached temporarily to improve performance and deleted when you remove a person from your feed.
Your rights (GDPR)
If you're in the EU or UK, you have the right to:
- Access: Get a copy of the personal data we hold about you.
- Rectification: Correct inaccurate data (you can do this directly in Settings).
- Erasure: Ask us to delete your account and all associated data.
- Portability: Receive your data in a machine-readable format.
- Objection: Object to certain types of processing.
- Withdraw consent: If processing was based on consent, you can withdraw it at any time.
Cookies
We use a single session token stored in your browser's local storage to keep you logged in. No tracking cookies, no third-party cookies, no cookie banners needed.
Third parties
- Stripe: Handles payment processing. Their privacy policy applies to payment data.
- Google Fonts: Used for typography (Space Grotesk, DM Sans). Requests are made to Google's servers.
- RSS/feed providers: When we fetch posts on your behalf, those requests originate from our servers — the feed provider sees our server IP, not yours.
Children
Fifteen is not intended for children under 16. We don't knowingly collect data from anyone under 16.
Changes to this policy
If we make material changes, we'll update the "last updated" date at the top and, if the changes are significant, notify you by email.