← Back to Home

Privacy Policy

Last updated: February 2026

Dear Mr. (“we”, “us”, or “our”) operates the Dear Mr. fantasy setlist game at dearmr.com. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data. By using Dear Mr. you agree to the practices described here.

Information We Collect

We collect only the information necessary to operate the game:

  • Account information — your email address and display name / username, provided when you sign up.
  • Game data— song picks you submit, scores earned, and league (“Crew”) memberships.
  • Chat messages— messages you post in league chat (“The Lot”).

We do not collect payment information, precise location data, or any sensitive personal information.

How We Use Your Information

  • To create and manage your account.
  • To run the game — recording picks, calculating scores, and displaying standings.
  • To send transactional emails (e.g., email verification, password reset).
  • To enable league chat between members of the same Crew.

We do not use your information for advertising or sell it to third parties.

Third-Party Services

Dear Mr. relies on the following third-party services to operate. Each service has its own privacy policy governing how it handles data:

  • Supabase (supabase.com) — PostgreSQL database and authentication. Your account credentials and game data are stored here.
  • Resend (resend.com) — Transactional email delivery (e.g., verification emails).
  • Vercel (vercel.com) — Application hosting and infrastructure.
  • Phish.in API — Setlist data used to score picks after each show.
  • Phish.net API — Song metadata (e.g., debut dates, gap statistics).

Cookies

Dear Mr. uses cookies solely to maintain your authenticated session via Supabase. These are strictly functional cookies required for the app to work. We do not use analytics cookies, tracking pixels, or any third-party advertising cookies.

Data Retention

Your profile and associated data are retained for as long as your account is active. If you delete your account (see below), your profile and personal information are removed. Pick and score data may be retained in anonymized form to preserve historical league integrity and statistics.

Account Deletion

You can permanently delete your account at any time from the Account page. Doing so removes your profile and associated personal data from our systems. Anonymized historical game data (picks and scores without identifying information) may be retained.

Data Security

We use industry-standard security practices, including encrypted connections (HTTPS) and Supabase’s Row Level Security policies, to protect your data. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Children’s Privacy

Dear Mr. is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal information, please contact us so we can delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. We will post the revised policy on this page with an updated “Last updated” date. Continued use of Dear Mr. after changes constitutes acceptance of the updated policy.

Contact

If you have questions or concerns about this Privacy Policy, please contact us at privacy@dearmr.com.