Privacy

The short version: atjam doesn’t host your data. Your jams, rounds, signups, and submissions are records on your own ATProto PDS, not on atjam servers.

What we don’t collect

No analytics, no tracking pixels, no third-party cookies. atjam doesn’t run analytics scripts and doesn’t send your behavior to any third party.

What we store, and where

When you sign in with Bluesky, atjam holds your ATProto OAuth session in your browser’s localStorage. It never leaves your device. Signing out clears it.

Records you create through atjam (jam, round, signup, submission) are written to your own PDS via the ATProto API. atjam does not store a copy.

atjam reads public records from other people’s PDSes to render rounds and feeds. Those reads go directly from your browser (or atjam’s server, during SSR) to the relevant PDS or to public infrastructure like Constellation and plc.directory.

Server logs

The atjam web server (hosted on Fly.io) writes standard HTTP request logs: timestamps, paths, response codes. These are kept for debugging and are not shared with third parties.

The ATProto network

Records on the ATProto network are public by default. Anything you publish through atjam is publicly readable by anyone with access to the network — same as a Bluesky post. If you want something private, don’t put it in a record.

Changes

atjam is in alpha. This policy may change as the project evolves. Material changes will be reflected in the “Last updated” date above.

Contact

Questions: open an issue at tangled.org/natespilman.at/atjam.at.