Not Just YouGitHub

Privacy

Not Just You is a small public status board. It does not require an account, login, email address, or profile.

Community reports

When you submit a report, the app stores aggregated counters for the selected service and status. Reports are kept in short-lived Redis buckets for the recent status window.

Duplicate prevention

To reduce duplicate reports, the app creates a short-lived hash from request metadata such as IP address, user agent, and language. The hash is used for cooldown only and expires after a few minutes.

Installed-client signals

SDK and local-tool collectors are opt in. When enabled, they send service-level metadata such as service id, symptom category, duration, status code, short error code, client version, and a random local installation id. Server aggregation stores derived installation hashes, not the raw installation id.

Collector setup

Collector setup stores an anonymous collector id, allowed source, allowed services, client name and version, registration time, and revocation time when applicable. Raw collector tokens are saved locally by setup tools and are not printed. Server-side lookup uses derived token data instead of storing raw tokens.

Collector heartbeat checks can update last-seen metadata using the collector id, derived installation hash, and client version.

Local hook reporting

If you opt in to local hook reporting, a local adapter may receive a vendor hook payload in memory to derive a metadata-only signal. Raw hook payload fields such as prompts, commands, outputs, file paths, transcript paths, headers, cookies, tokens, and emails are not stored, queued, logged, or sent to Not Just You.

Analytics

Vercel Web Analytics may be used to understand page views, referrers, and basic traffic patterns. Fallback report control clicks and provider tabs are stored as aggregate Redis counters.

Not stored

Not Just You does not store prompt text, provider request or response bodies, provider request or response headers, API keys, cookies, source files, diffs, clipboard content, exact IP addresses, account emails, machine names, or local usernames.

Source separation

Community reports, official provider status, and installed-client signals remain separate in storage and API contracts. The dashboard can summarize recent problems together, but it keeps source breakdown visible.