this notice covers sol pbc's read-only use of third-party platform APIs. it is separate from our main privacy policy, which covers data from people who use sol pbc's own products and services.
the short version
sol pbc runs a small number of internal, read-only tools that read public content from third-party platforms — like Reddit — through those platforms' official APIs, so a person at sol pbc can stay aware of relevant public conversations (and, where it fits, take part in them as themselves, through the platform's own app — never through these tools). the tools read public posts and comments only. they never touch private messages, private communities, or anything that isn't already public.
they also don't warehouse what they read: they keep only the platform's own item IDs and permalinks plus our own read-state markers (which items we've already surfaced) — none of which contain any post or comment text — and they discard the content itself after a person has looked at it. there is no archive, no database of platform content, no corpus.
what we read, we never sell, license, or lease — in any form, including de-identified or aggregated — and we never use it for advertising or profiling. these are binding covenants in our articles of incorporation, enforceable against the company forever. we don't hand it to anyone else, and we never use it to train, fine-tune, or evaluate any AI model — firm commitments those same covenants reinforce.
who we are
sol pbc is a Colorado public benefit corporation. our benefit purpose, as filed with the Colorado Secretary of State, is to advance digital self-determination by providing open-source, privacy-respecting tools and services that enable individuals to directly collect and gain insight from their personal data.
sol pbc has one director: jeremie miller, the founder. the covenants described below are in the articles of incorporation and cannot be weakened — see what we will never do.
contact: contact us.
what this notice covers
this notice governs sol pbc's consumption of third-party platform APIs by our own internal tools — what those tools do with the public data they read from a platform.
it is separate from, and does not change, our main privacy policy, which covers data from people who use sol pbc's own products and services (solstone, vit, and our hosted services). that policy still says what it says: sol pbc's own software runs on your hardware and sends us nothing. this notice is about the other direction — the public platform content our tools read — and it applies the same covenants to it.
each platform we access this way is named in the platforms section below. Reddit is the first.
what our tools do
for every platform covered here, our tools are the same shape:
- read-only. they use the platform's official API and request read access only. they do not post, comment, vote, message, moderate, or take any other action through the API. no write access is requested or held.
- public content only. they read public posts and comments in the specific public contexts named in that platform's section below, and run public searches. they do not access private messages, non-public communities, restricted content, or any non-public profile data.
- clearly identified as sol pbc. each tool authenticates as a dedicated sol pbc account used only for this read-only access, and identifies itself honestly to the platform (including in any identifying string the platform's API requires). it is never a hidden or misrepresented identity.
- surfaced to a person, not to a pipeline. the point of the tool is to put relevant public conversation in front of a person at sol pbc so they can stay aware of it and, where appropriate, take part in it as themselves. the tool is a read-only sensor for a human, never an autonomous poster and never an ingestion pipeline.
what we collect — and what we don't keep
when a tool reads public content, it surfaces it to a person at sol pbc. after that, the only things it retains are:
- the platform's own item IDs and permalinks (pointers back to the original content on the platform), and
- our own read-state markers — a record of which items we've already surfaced, so we don't show the same thing twice.
it does not store the content itself. post and comment text is discarded after it's surfaced — we don't keep a copy. an ID or a permalink is a pointer to content that still lives on the platform, not a copy of it; if the platform's author deletes something, following our pointer returns only the platform's deletion marker, never the original content.
so we build no store of platform content — no archive, no dataset, no corpus. the pointers and read-state markers we do keep are minimal and carry no content, and we treat them as protected data held only as long as the tool needs them (see deletion and retention, below).
how we use it
we use what we read for exactly one purpose: so a person at sol pbc can stay aware of, and where appropriate take part in, relevant public conversations — participating as themselves, through the platform's normal interface, under the platform's own rules.
that's the only use. our covenants flatly forbid us to:
- sell, license, sublicense, or lease it — in any form, including de-identified, anonymized, or aggregated (this one is absolute — no exceptions, ever); or
- use it for advertising, profiling, or behavioral targeting, or build any profile of anyone.
and beyond what the covenants forbid, we commit that we:
- don't provide it to anyone outside sol pbc. the only thing that could ever compel us to is a legal demand we can't lawfully refuse — which we resist to the maximum the law allows, limit to the minimum required, and tell you about when we're permitted to;
- don't use it to train, fine-tune, or evaluate any AI or machine-learning model; and
- don't build it into any dataset, product, or index.
the covenants reinforce every one of these: because we can never sell, license, or lease what we read or anything derived from it, and can never profile with it, there's nothing for a model, a dataset, or a third party to be fed.
the covenants — and the commitments they reinforce
the first three items below are binding covenants in sol pbc's articles of incorporation; the rest are firm commitments those covenants reinforce. while the founder serves as a director, any amendment to the covenants requires his personal written consent; after he ceases to serve, amendments are permitted only to strengthen these protections or to comply with mandatory law to the minimum strictly required. weakening amendments are foreclosed forever — and Article 8 is written to be read for the greatest privacy protection the law allows. (Articles of Incorporation, Article 8, §§ 8.2(c), 8.6.)
a note on "public." the posts and comments our tools read are already public. under our covenants that doesn't put them out of reach: Article 8 keeps as protected Customer Data any records, metadata, inferences, or associations showing that a person posted, viewed, or interacted with public content — even though the underlying content is public (Article 8, § 8.1(c)) — and it treats a person whose data we process as a Customer even if they never used a sol pbc product (§ 8.1(b)). so everything below genuinely reaches what we read and anything we derive from it.
the binding covenants:
- never sell, license, sublicense, or lease what we read — including any de-identified, anonymized, or aggregated form of it. most privacy laws let companies share "de-identified" data freely; Article 8 closes that gap entirely, and makes this one absolute. (Articles, Article 8, § 8.3(a)(1); § 8.1(c).)
- never use it for advertising, profiling, or behavioral targeting — no behavioral profiles, no tracking, no analytics vendors, no exceptions. (Articles, § 8.3(b); Bylaws, Article III, § 3.3.)
- never let an acquisition weaken this — any merger, acquisition, or transfer of control is conditional: a successor must be legally bound to a substantially equivalent benefit purpose and must assume covenants no less protective than Article 8. (Articles, § 8.5.)
the commitments the covenants reinforce:
- we don't provide what we read to anyone outside sol pbc. Article 8 permits sol pbc to provide Customer Data outside the company only in three narrow ways — to a service provider strictly needed to deliver a service the person asked for, at the person's own specific direction, or when a law we can't lawfully refuse compels it (Article 8, § 8.3(a)(2)). for the public platform content these tools read, the first two never apply — the platform's users asked nothing of us and directed nothing to us — so the only path is a legal demand we can't refuse, which we resist to the maximum the law allows, limit to the minimum required, and notify the person about when we're permitted to (Bylaws, Article III, § 3.2). we never sell, license, or trade it, and we never share it for anyone else's purposes.
- we never use it to train, fine-tune, or evaluate any AI model. a firm commitment, and one the covenants make hard to break: because we can never sell, license, or lease the data or anything derived from it, and can never profile with it, it can't feed any model or dataset; and our benefit purpose limits what we do with it to a person's awareness and participation.
sol pbc is a company built to hold personal data lightly. reading public platform conversation so a person can take part in it is the whole use — and these covenants make sure it stays that way.
deletion and retention
our tools keep no copy of platform content. what they retain is limited to the platform's own item IDs and permalinks — pointers back to content that still lives on the platform — plus our own read-state markers, a record of which items we've already surfaced so we don't show the same thing twice. none of these contain any post or comment text.
- content: we don't store it. so where a platform requires that copies of its content be deleted within a set window, we satisfy that by construction — there is no content copy to delete. each platform's specific window is noted in its section below. when a platform's author deletes something, our pointer to it returns only the platform's deletion marker, never the original content.
- the pointers and markers we do keep are, under our covenants, protected Customer Data (see the note on "public"). we hold them only to run the tool, never longer than that use needs, and we delete them on request. we keep no residual copy of anything we delete in any form — including de-identified, anonymized, or aggregated (Article 8, § 8.1(c) forecloses that gap).
your rights and how to reach us
if you're a person whose public content one of these tools has read, you can:
- ask what, if anything, we hold that relates to you (in practice: at most an item ID, a permalink, and a read-state marker — never the content);
- ask us to delete it;
- correct, or get a copy of, anything we hold, and opt out of sale, targeted advertising, or profiling (we do none of those, for anyone, ever); and
- raise a question or a concern.
reach us through our contact page. we'll respond as fast as we can, and within the time the law requires — 45 days under the Colorado Privacy Act, with the extensions the law allows. if we deny a request, you can appeal through the same page; we'll respond to the appeal within 45 days, and if we deny it you can raise it with the Colorado Attorney General.
sol pbc does not sell your data, does not profile you, and does not make automated decisions about you — for anyone, ever. residents of Colorado (CPA), California (CCPA/CPRA), and the EU/UK (GDPR) have the specific rights those laws grant, exercisable through the same channel; our covenants go further than any of them require. where a lawful basis is needed to process this limited, public information — as under the GDPR — we rely on our legitimate interest in staying aware of and taking part in public conversations, weighed against the minimal, non-content data we keep.
the platforms we access this way
sol pbc names every platform it reads through an official API here. we'll add a section — and a changelog entry — before a new one goes live.
- what we read — public posts and comments in a small set of topic-based public subreddits, and public Reddit search, for mentions of local-first / privacy-preserving personal AI and of our own products (solstone, vit, sol pbc). read-only, via Reddit's official Data API.
- what we don't read — no private messages, no private or restricted communities, no non-public data, no user content behind any access control. no posting, commenting, or voting through the API — a person at sol pbc participates on Reddit as themselves, through Reddit's own app, under Reddit's rules.
- the account — a dedicated sol pbc account used only for this read-only access, identified honestly in the API user-agent, distinct from any personal account used to participate.
- what we keep — Reddit post/comment IDs and permalinks plus our own read-state markers. we discard the post and comment text after surfacing it; we do not warehouse Reddit content.
- deletion — we hold no copy of Reddit content, so Reddit's requirement to delete copies of its content within 48 hours is satisfied by construction: there is nothing to delete. when a redditor or Reddit deletes an item, our pointer to it returns only Reddit's deletion marker, never the original — and the pointers and read-state markers we keep (which contain no Reddit content) we delete on request and hold no longer than the tool needs them.
changes to this notice
if we change this notice, we'll update this page and the changelog below. the covenants in the articles of incorporation and bylaws can't be weakened through a notice update — see the amendment lock above.
changelog
| date | change |
|---|---|
| 2026-07-04 | initial publication. covers sol pbc's read-only consumption of third-party platform APIs by internal tooling; first platform section, Reddit. |
this notice reflects the binding covenants in sol pbc's articles of incorporation and bylaws. the covenants are the authority — this notice describes them in plain language. if there is ever a conflict between this notice and the articles or bylaws, the articles and bylaws govern.
questions? get in touch.