Privacy

What cosd stores, why, and what it never does.

Cookies and browser storage

When you sign in with Discord, a strictly necessary session cookie keeps you signed in. Product analytics does not set an analytics cookie, but it does store an anonymous identifier in your browser's local storage so separate page visits can be counted together.

Product analytics

cosd uses PostHog's EU service to record page views and a small set of explicit actions, such as opening a cosplay or submitting a vote. Analytics is active by default and sent through cosd.app. Broad click or form autocapture and session replay are disabled. Query strings, fragments, IP addresses, location enrichment, raw user agents, form contents, emails, and Discord account IDs are not retained in analytics.

After sign-in, the analytics identity uses cosd's internal user ID, your display name, and your public creator handle when you have one. Browser and device categories may be retained for aggregate compatibility analysis. Analytics is never sold or used for advertising.

Discord sign-in and voting

Signing in uses your Discord account. cosd stores your Discord identity (username, avatar, email) to create your account, and checks your membership in a creator's Discord server solely to decide whether you can vote in that creator's rounds. cosd never posts to Discord on your behalf.

Browsing without an account

Public profiles, cosplays, and vote results can be viewed without an account. Anonymous page views and explicit product interactions may still be counted, but no PostHog person profile is created until you sign in.

Your votes

Vote tallies shown to creators and visitors are aggregated per option. Individual ballots are only used to compute totals and to let you review or withdraw your own submission.

Retention and deletion

Product analytics is retained for no longer than 12 months. You can contact cosd support to request access to or deletion of your account and linked analytics. Analytics deletion includes the PostHog person and associated events; provider-side event purging may complete asynchronously after the request is accepted.