Privacy Policy
Viewer 001 (viewer001.app)
Effective date: July 9, 2026
Last updated: July 9, 2026
Viewer 001 is a remote viewing training platform operated by Guillaume Levesque, based in Quebec, Canada ("we", "us"). This policy explains what personal information we collect, why, who processes it, and what your rights are. It is written to comply with Quebec's Act respecting the protection of personal information in the private sector (as amended by Law 25) and Canada's PIPEDA.
Person in charge of the protection of personal information (Privacy Officer):
Guillaume Levesque, Founder
guibere@icloud.com
1800 avenue Auguste, Greenfield Park QC J4V 3R4, Canada
1. What we collect
Account information. When you sign up through Apple, Google, or Discord, our authentication provider (Clerk) gives us your email address, display name, and an identifier from the OAuth provider. We never see your passwords.
Profile information. You may optionally provide an approximate location or longitude. We use it for one purpose: computing Local Sidereal Time (LST) for your sessions. Precise location is never requested or stored.
Session content. Everything you produce in a session: canvas strokes and their timestamps, written descriptors and their timestamps, and any photos or PDFs of paper session sheets you upload.
Judging activity. Your rankings of other viewers' sessions, the time you spend judging, and derived reliability metrics.
Token ledger. An append-only record of tokens earned and spent.
Payment information. If you leave a tip, payment is processed entirely by Stripe. We never receive or store your card number. We receive a confirmation of the payment amount and the associated email.
Technical information. Standard server logs: IP address, browser and device type, timestamps of requests. Used for security, debugging, and abuse prevention.
Geophysical data. We record the planetary Kp index and LST at the time of your sessions. Kp is public scientific data from GFZ Potsdam and contains nothing about you. LST is derived from your session timestamp and the longitude you provided.
2. How we use your information
- Operating the platform: accounts, sessions, target assignment, judging queues, feedback release.
- Enforcing the remote viewing protocol: blinding, session immutability, and record integrity depend on server-side data handling.
- Computing your personal statistics, including performance in relation to LST and Kp conditions.
- Moderating uploads. Images you upload are screened by an automated moderation service before entering the judging queue. PDFs are held for manual review by an administrator.
- Sending transactional email (account and session notifications) through Resend. We do not send marketing email.
- Security, abuse prevention, and legal compliance.
We do not sell personal information. We do not use advertising or third-party tracking. We do not use your personal information for automated decisions producing legal or similarly significant effects.
3. What other users see
Peer judging is core to the platform. When your session enters the judging queue, its content (sketches, descriptors, uploaded sheets) is shown to other users for blind evaluation. Your identity is never shown to judges, and judges' identities are never shown to you. Do not include your name, face, or other identifying information in uploaded session sheets; anything visible in an upload will be visible to judges.
4. Research use of session data
Viewer 001 maintains a longitudinal dataset of remote viewing sessions recorded under controlled protocol conditions. We may analyze and publish findings from this dataset in aggregated or de-identified form (for example, hit rates in relation to LST windows). De-identified means stripped of your name, email, account identifiers, and any content that identifies you. We will never publish identifiable session data without your explicit consent.
5. Service providers
We use the following processors to operate the platform. Each receives only what is necessary for its function:
| Provider | Function | Data involved | Location |
|---|---|---|---|
| Clerk | Authentication | Email, name, OAuth identifiers | United States |
| Supabase | Database and file storage | All platform data | United States |
| Vercel | Application hosting | Technical/request data | United States |
| Trigger.dev | Background jobs (reveals, moderation queue, timeouts) | Session and job metadata | United States |
| Resend | Transactional email | Email address, notification content | United States |
| Stripe | Tip payments | Payment details (held by Stripe) | United States |
| OpenAI | Automated moderation of uploaded images | Uploaded image content | United States |
We have contracts with these providers restricting their use of your information to providing their services to us.
6. Transfers outside Quebec
The providers above store data in the United States. Before transferring personal information outside Quebec, we assess whether it will receive adequate protection, as required by Law 25. By using the platform, you are informed that your personal information is hosted outside Quebec and outside Canada.
7. Retention, deletion, and the protocol record
The scientific integrity of the platform depends on complete, unaltered records: sealed sessions, judgments, and the token ledger are append-only and are never edited after the fact.
When you delete your account:
- Your account, email, name, OAuth identifiers, and profile information are deleted.
- Your sealed session records, judgments, and ledger entries are anonymized: all links to your identity are permanently removed, and the records are retained solely as part of the de-identified research dataset described in section 4.
- Uploaded files containing identifiable content are deleted.
Anonymized records cannot be re-linked to you and are no longer personal information. If you object to your anonymized session data remaining in the research dataset, contact the Privacy Officer before deleting your account.
Technical logs are retained for [90] days. Payment records are retained as required by tax law.
8. Your rights
Under Quebec law you may:
- Request access to the personal information we hold about you.
- Request rectification of inaccurate information.
- Request deletion of your personal information (see section 7 for how this interacts with protocol records).
- Request your personal information in a structured, commonly used technological format (portability).
- Withdraw consent to optional processing (for example, remove your longitude from your profile at any time).
Send requests to the Privacy Officer at guibere@icloud.com. We respond within 30 days. If you are unsatisfied with our response, you may file a complaint with the Commission d'accès à l'information du Québec (CAI) or the Office of the Privacy Commissioner of Canada.
9. Cookies
We use only cookies strictly necessary for authentication and security (session cookies set by Clerk). We do not use advertising or analytics cookies. No consent banner is displayed because no non-essential cookies are set.
10. Security
Personal information is protected by industry-standard measures: encryption in transit, database row-level security, private file storage accessible only through short-lived signed URLs, and access restricted to the operator. No system is perfectly secure; we cannot guarantee absolute security.
11. Confidentiality incidents
If a confidentiality incident presents a risk of serious injury, we will notify the CAI and affected individuals as required by law, and we maintain a register of incidents.
12. Age requirement
The platform is intended for users 18 and older. We do not knowingly collect personal information from anyone under 14. If you believe a minor has provided us personal information, contact the Privacy Officer.
13. Changes to this policy
We will post any changes on this page and update the date above. Material changes will be announced in the application before they take effect.
14. Contact
Guillaume Levesque, Privacy Officer
guibere@icloud.com
1800 avenue Auguste, Greenfield Park QC J4V 3R4, Canada