terp+trust v0 · oregon
subscribe
the record

privacy.

terp+trust is a public record. The interpreter directory, the credential references, the access-experience reviews — those are what we hold openly, by design. This page is about the small set of things we hold privately, what we do with them, and how you can ask for them back.

what we collect

Email address. If you subscribe to our dispatch, we ask for your email. That's the only personal data terp v0 stores.

Country code. We use Cloudflare's Analytics Engine to record one event per page view: which page, which country (derived from your IP by Cloudflare before our code sees the request), and a counter. On terp+trust itself: no IP address stored, no browser fingerprint, no cookies, no client-side tracking script.

Operational logs. When your browser blocks something on our page because of our security policy, it may send a small report to a /csp-report endpoint we run. The report describes what was blocked (which directive, which resource URL, which source file and line), not who you are. We use these to fix bugs; they're retained in Cloudflare's Workers Logs and rotate out automatically.

That's it. No accounts. No profile pages. No watch-this-interpreter wishlist — that comes with v1.

how we use it

Email. We use it to send you the terp+trust dispatch when there's something to share — directory milestones, new counties covered, access-experience reports worth reading. Not a daily newsletter. Not a marketing funnel.

Country code. We use it to know roughly where our visitors come from, so we can plan coverage and prioritize counties. Aggregated by country; individual visits aren't tracked back to a person.

third parties

Two services see your data, both with their own privacy policies:

  • Buttondown hosts the email subscription list. When you submit the subscribe form, Buttondown receives your email and stores it on their servers. At submit time, Buttondown also sees your IP address and User-Agent string, and may set first-party cookies on buttondown.com during the confirmation flow. Their privacy policy: buttondown.com/privacy (opens in a new tab).
  • Cloudflare hosts this site and runs the analytics engine. They terminate the HTTPS connection, derive your country code, and serve the static files. Their privacy policy: cloudflare.com/privacypolicy (opens in a new tab).

We don't sell, share, or hand your email to any third party beyond Buttondown's role as the dispatch host.

your rights

  • Unsubscribe — every dispatch email has an unsubscribe link in its footer. One click removes you from the list.
  • Delete your data — write to hello@terptrust.net. We'll remove your email from Buttondown and confirm.
  • Know what we hold — same address. We'll send back what we have on file (an email address and subscription metadata; no profile).
  • Correct an error — if your email is misspelled or you want to switch addresses, write us.

You don't need to provide an account, password, or government ID. The single proof we need is access to the email address itself.

what's not in this policy yet

terp v0 is the manifesto-tier landing page. The v1 product surface — per-interpreter records, credential verification, access-experience reviews — will introduce new categories of data (your reviews, your preference lists, possibly access-request notes for clinics or agencies). That'll need its own policy section, including PHI handling for review content tied to medical settings.

We'll update this page when those surfaces ship. Until then, this policy covers what you can actually do on the site today.

updates

When this policy changes, the new version replaces this page. We don't keep version history publicly yet — if you want to confirm the policy as of a specific date, write us and we'll send a copy of what was in force.

contact

hello@terptrust.net.

Same address for privacy questions, data requests, and everything else. We read it.

edition 2026.05.17

back to terp+trust →