Your answers stay yours.

What we collect

• Your county and constituency — selected or auto-detected at step 1, so your civic identity is anchored to where you vote.
• Your top issues — the (up to five) issues you tap as most pressing to you at step 2.
• Your issue specifics — the sub-concerns you check inside each chosen issue at step 3 (e.g. SHA transition, food prices, housing levy).
• Your emotions — the (up to three) frustrations you mark at step 4.
• Your trust ranking — the order you put six leadership-trust signals into at step 5.
• Your civic identity output — the archetype, secondary archetypes, and contradictions computed locally from your answers, plus internal candidate-fit scores used only for shared snapshots.
• A random session identifier — a 12-character opaque ID stored as an HttpOnly cookie so the same browser can update its mirror later without creating duplicates.

What we don't collect

• Your name, email, phone number, or ID number.
• Your IP address (we hash it only for rate-limiting, never store it).
• Your browser fingerprint or device info beyond standard cookies.
• Cross-site tracking cookies or third-party analytics in the journey.

How the journey works (and where the data goes)

Everything you answer in steps 1–5 lives in your browser tab. When you reach the mirror at step 6, your snapshot is sent once to our server, encrypted before storage, and used to (a) compute the global concern leaderboard and (b) generate your private shareable mirror URL. There is no AI inference on your journey answers — the civic-identity scoring is deterministic and runs entirely on rules we publish in the code.

How we protect it

• Every stored snapshot is encrypted with AES-256-GCM before it touches our database. The key lives only in server-side environment variables.
• Snapshots automatically delete themselves 30 days after creation via a hard TTL on the storage layer.
• Admin access requires per-user accounts with scrypt-hashed passwords and 7-day cookie sessions. Admin requests are IP rate-limited and access is logged (timestamp + hashed IP + actor) so credential misuse is detectable.

Third parties

• Upstash (Vercel KV) stores the encrypted snapshots and rate-limiting counters.
• Vercel hosts the site and may log standard server access (unstructured, not retained by us).
• OpenAI is used only on the admin side to summarise public news sentiment about candidates. It is never passed your journey answers or any user-submitted content.

Your rights

You can delete your stored snapshot at any time by clearing your browser cookies for this site and starting a fresh journey — the old record will age out with the 30-day TTL. You can also stop using kuraFinder entirely; nothing prevents an existing snapshot from expiring.

Because we hold no personal identifiers, we can't look up records by a person's name if you later request one. If you need a specific snapshot removed sooner, contact us with the session ID (visible in your browser cookies) and we'll delete it on request.

Non-partisan disclosure

kuraFinder is a civic mirror, not a verdict on any candidate. The archetype, contradictions, and any candidate-fit numbers surfaced on shared snapshots are informational and should be weighed against your own judgement and lived experience. We do not endorse candidates, parties, or coalitions.