Privacy Policy

1. Who We Are

FatFire (“we,” “us,” or “our”) is a paid membership platform for high-net-worth individuals, accessible at fatfire.com. FATFIRE is a registered trademark in the United States (U.S. Reg. #7761462).

We use the word “union” to describe our mission of collective benefit for members. This is a description of our organizational philosophy. FatFire is not a trade union, labor organization, or fiduciary, and nothing in this policy or our services creates a fiduciary, advisory, or collective bargaining relationship between FatFire and its members.

FATFIRE is a registered trademark (U.S. Reg. #7761462, Serial #98663334).

2. What Personal Data We Collect

We collect only the data necessary to operate the platform and deliver our services. Below is a complete inventory of personal data categories, organized by function.

2.1 Account Data

• Full name
• Email address
• Password (stored only as a bcrypt hash — we never store or have access to your plaintext password)
• Profile image (URL or uploaded file)
• Email verification status and timestamp
• Account creation and last-updated timestamps

2.2 Profile Data

• Biography
• Location (city/region, self-reported)
• Profession
• Net worth range (selected from predefined ranges, not an exact figure)
• FIRE status (pre-FIRE, on path, achieved, post-FIRE)

2.3 Membership and Verification Data

• Membership tier (free, member, verified, founding)
• Verification status (unverified, pending, verified, rejected)
• Verification request details: verification type (net worth or income), net worth range, income range, document type indicator, applicant notes, reviewer notes, submission and review timestamps, and expiration date

Important:We do not store verification documents (bank statements, tax returns, brokerage statements, etc.) in our systems. Verification is conducted out-of-band through manual review or video call. The document type field in your verification request records only the category of document you referenced — not the document itself.

2.4 Payment and Subscription Data

• Stripe customer identifier
• Stripe subscription identifier and associated price identifier
• Subscription status (active, past due, canceled, trialing, incomplete)
• Current billing period end date

We do not store your credit card number, bank account number, or other payment instrument details. All payment processing is handled by Stripe, Inc., which is PCI DSS Level 1 certified. We receive only the identifiers listed above from Stripe.

2.5 Authentication and OAuth Data

• OAuth provider name and provider account identifier (for Google Sign-In)
• OAuth access tokens, refresh tokens, token expiry, token type, and scope
• Session tokens and session expiry timestamps

If you sign in with Google, we receive your name, email address, and profile image from Google. We do not request or receive access to your Google contacts, calendar, drive files, or any other Google service data.

2.6 Community Data

• Discussions: title, body content, category, status, pin/lock flags, verified-only flag, edit timestamps
• Replies: body content, parent reference for threading, edit timestamps
• Votes: upvote/downvote records on discussions and replies
• Spaces: membership records, roles within spaces
• Direct messages: message body content, read timestamps, thread metadata
• Notifications: type, title, body, read status, associated references

2.7 Provider Directory Data

• Reviews you write: engagement type, net worth range at the time of engagement, outcome description, cost paid, recommendation, rating, pros, and cons

2.8 Signal Peer Benchmarking Data

• Monthly spending breakdown: housing, travel, food, healthcare, childcare, transportation, entertainment, charitable giving, and other
• Asset allocation percentages: stocks, bonds, real estate, alternatives, cash, cryptocurrency, and business equity
• Financial metrics: withdrawal rate, advisory fee percentage, annual healthcare costs, effective tax rate, and one-year investment returns
• Demographic filters: net worth range, location type (HCOL/MCOL/LCOL/VLCOL), FIRE status, and age range

All Signal data is self-reported and voluntary. Benchmarking results are presented only in aggregate and only when a minimum cohort of five contributors exists for any given filter combination, to prevent individual identification.

2.9 Fortress Security Data

• Exposure assessment scores (overall and per-layer: data brokers, public records, open web, dark web, social/family)
• Exposure items: layer, title, description, severity, remediation steps, and resolution status
• Remediation checklist progress: category, item, completion status

2.10 Firesides Peer Connection Data

• Compass Call requests: selected topic, description, matching status, scheduling information, and peer ratings
• Fireside Group memberships: group assignment, role (member or facilitator), join date, and active status

2.11 Braintrust Expert Network Data

• Expertise profiles: headline, domains, credentials, advising topics, hourly rate, availability, bio
• Consultation requests: title, description, domain, compensation type, offered rate, scheduling, ratings, and reviews

2.12 Launchpad Life Design Data

• Life Compass entries: weekly scores across eight dimensions (purpose, relationships, health, growth, adventure, craft, generosity, freedom), reflections, and week identifier
• Life experiments: hypothesis, category, status, verdict, reflection
• Experiment check-ins: daily energy level, engagement score, continuation preference, and notes

2.13 Waitlist Data

• Email address
• IP address (collected at submission for fraud prevention)
• Referral source (if applicable)

2.14 Technical and Log Data

• Server access logs (IP address, user agent, request URL, timestamp) retained by our hosting provider
• Application error logs (which may include request context but are scrubbed of sensitive personal data)

3. How We Collect Your Data

3.1 Directly from You

The majority of personal data we hold is provided directly by you when you create an account, complete your profile, submit a verification request, contribute to Signal benchmarking, write community discussions or reviews, send direct messages, use our tools (Fortress, Launchpad, Firesides, Braintrust), or contact us.

3.2 From Third-Party Authentication Providers

If you choose to sign in with Google, we receive your name, email address, and profile image from Google's OAuth service. We do not receive data from any other third-party authentication providers at this time.

3.3 Automatically

When you visit fatfire.com, our servers automatically collect standard web server log data (IP address, browser type, pages visited, timestamps). If you join our waitlist, your IP address is recorded with your submission.

We use Plausible Analytics, a privacy-focused analytics service that does not use cookies, does not collect personal data, and does not track individuals across sites. Plausible data is aggregated and cannot be used to identify you. If we enable Google Analytics 4 in the future, we will update this policy and implement a cookie consent mechanism before activation.

3.4 From Payment Processors

Stripe provides us with your Stripe customer identifier, subscription identifier, subscription status, and billing period dates. Stripe processes your payment instrument data directly and does not share it with us.

4. How We Use Your Data

We use your personal data for the following purposes:

• Provide and operate our services: Create your account, authenticate you, manage your subscription, deliver platform features (community, tools, peer matching, benchmarking, provider directory), and display your profile to other members as appropriate to your membership tier.
• Process payments: Work with Stripe to process subscription charges, manage billing cycles, and handle subscription changes.
• Verify members: Process verification requests to validate membership eligibility and maintain community trust. Verification decisions may involve manual review by authorized administrators.
• Facilitate peer connections: Match you with peers for Compass Calls, assign you to Fireside Groups, and connect you with Braintrust experts based on shared interests and expertise domains.
• Generate aggregate benchmarks: Use your Signal contributions (if you opt in) to produce anonymized, aggregate statistics for peer comparison. Individual contributions are never displayed; only cohort-level aggregates are shown, subject to a minimum cohort size of five.
• Communicate with you: Send transactional emails related to your account (verification status, subscription changes, password resets), in-app notifications (replies, mentions, DMs, moderation actions), and service announcements.
• Maintain security: Detect and prevent fraud, abuse, and unauthorized access; enforce our Terms of Service and community guidelines.
• Improve our services: Analyze aggregate, anonymized usage patterns to improve platform features, fix bugs, and plan new functionality. We do not build individual behavioral profiles for advertising.
• Comply with legal obligations: Respond to lawful requests from regulatory authorities, courts, or law enforcement, and meet our obligations under applicable tax, accounting, and corporate law.

What we do not do: We do not sell your personal data. We do not rent, lease, or trade your data with third parties for their marketing purposes. We do not use your data to build advertising profiles. We do not provide personalized investment advice, financial planning, tax advice, or legal advice. Our tools and benchmarks are informational only.

5. Who We Share Your Data With

We share personal data only with the specific service providers and in the specific circumstances described below. We do not sell your data to any third party.

5.1 Service Providers

Each service provider processes data solely on our instructions and subject to contractual obligations that require them to protect your data.

5.2 Other Members

Certain data you provide is visible to other members as part of the platform's functionality: your name, profile image, bio, location, profession, net worth range (if you choose to display it), FIRE status, verification status, membership tier, discussions you post, replies you write, reviews you submit, your expertise profile (if you create one), and space memberships. Direct messages are visible only to the participants of the conversation.

5.3 Legal and Regulatory Disclosure

We may disclose your personal data if required to do so by law, in response to a valid legal process (court order, subpoena, regulatory investigation), to protect the rights, property, or safety of FatFire, our members, or the public, or to enforce our Terms of Service. We will make reasonable efforts to notify you of such disclosures unless prohibited by law or court order.

5.4 Business Transfers

If our operating entity is involved in a merger, acquisition, reorganization, or asset sale, your personal data may be transferred as part of that transaction. This includes the planned transition to a new entity. We will notify you via email or prominent notice on our platform before your data becomes subject to a materially different privacy policy.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law.

When data is deleted, we remove it from our active databases. Backup copies may persist for up to 30 additional days before being cycled out.

7. Your Choices and Rights

Regardless of where you are located, you have the following options with respect to your personal data:

• Access and update your data: You can view and edit most of your personal data directly in your account settings and profile page.
• Delete your account: You can request account deletion by contacting us at [email protected]. We will delete your data in accordance with the retention schedule in Section 6.
• Export your data: You can request a machine-readable export (JSON) of your personal data by contacting us at [email protected].
• Withdraw from Signal benchmarking: You can delete your Signal contribution at any time from within the Signal tool, which removes your individual data from future aggregate calculations.
• Opt out of non-essential communications: Transactional emails (password resets, subscription confirmations) are necessary for the service and cannot be opted out of. We will clearly distinguish any future marketing communications and provide an unsubscribe mechanism.

To exercise any of these rights, contact us at [email protected]. We will verify your identity before processing your request. For account holders, we verify identity through your authenticated session or by confirming information associated with your account. For non-account holders, we verify through email confirmation.

We will respond to verified requests within 30 days. If we need additional time, we will notify you of the extension and the reason within the initial response period.

8. Additional Rights for California Residents

If you are a California resident, the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA/CPRA”) provides you with specific rights regarding your personal information.

8.1 Your CCPA/CPRA Rights

• Right to know: You may request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources from which we collected it, our business or commercial purpose for collecting it, and the categories of third parties with whom we share it.
• Right to delete: You may request deletion of personal information we have collected from you, subject to certain exceptions (for example, data needed to complete a transaction, comply with legal obligations, or detect security incidents).
• Right to correct: You may request correction of inaccurate personal information we hold about you.
• Right to opt out of sale or sharing: We do not sell your personal information. We do not “share” your personal information for cross-context behavioral advertising, as those terms are defined under the CCPA/CPRA. Because we do not engage in these practices, there is no need to opt out — but we will honor any such request.
• Right to limit use of sensitive personal information: To the extent we process sensitive personal information (which may include financial information such as net worth range), you may request that we limit our use to what is necessary to provide the services you requested.
• Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you services, charge you different prices, or provide a different quality of service because you exercised a privacy right.

8.2 CCPA/CPRA Disclosures

In the preceding 12 months, we have collected the categories of personal information described in Section 2. We collected this information from the sources described in Section 3. We use this information for the business purposes described in Section 4.

We have disclosed personal information to the categories of service providers listed in Section 5 for the business purposes described in this policy. We have not sold personal information, and we have not shared personal information for cross-context behavioral advertising.

8.3 How to Submit a Request

California residents may submit requests by emailing [email protected] with the subject line “CCPA/CPRA Request.” You may also designate an authorized agent to make a request on your behalf; we may require signed written authorization from you and may verify your identity directly.

We will respond to verified requests within 45 days. If we need additional time (up to an additional 45 days), we will notify you of the extension and the reason within the initial 45-day period.

9. Additional Rights for EEA Residents

If you are located in the European Economic Area (EEA), the EU General Data Protection Regulation (“GDPR”) may apply to our processing of your personal data. In this context, FatFire acts as the data controller.

9.1 Legal Basis for Processing

Under the GDPR, we must have a lawful basis for each category of processing. The following legal bases apply:

• Performance of contract (Art. 6(1)(b)): Processing necessary to provide the services you signed up for, including account management, authentication, payment processing, community features, tools (Fortress, Launchpad, Firesides, Braintrust), and the provider directory.
• Consent (Art. 6(1)(a)): Signal peer benchmarking participation (voluntary, withdrawable at any time) and waitlist email collection.
• Legitimate interest (Art. 6(1)(f)): Server logs and technical data for platform security and reliability; waitlist IP addresses for fraud prevention. We have conducted balancing tests for each and determined our interests do not override your rights. You may request details of these assessments.
• Legal obligation (Art. 6(1)(c)): Retention of payment records to comply with Dutch and applicable EU tax and accounting laws.

9.2 Your GDPR Rights

In addition to the rights described in Section 7, EEA residents have the following rights under the GDPR:

• Right of access (Art. 15): Request a copy of all personal data we hold about you, along with information about how we process it.
• Right to rectification (Art. 16): Request correction of inaccurate or incomplete personal data.
• Right to erasure (Art. 17): Request deletion of your personal data, subject to exceptions for legal compliance, defense of legal claims, or overriding public interest.
• Right to restriction of processing (Art. 18): Request that we limit how we process your data while a dispute or request is being resolved.
• Right to data portability (Art. 20): Receive your personal data in a structured, commonly used, machine-readable format (JSON) and transmit it to another controller.
• Right to object (Art. 21): Object to processing based on legitimate interest. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.
• Right to withdraw consent (Art. 7(3)): Where processing is based on consent, withdraw that consent at any time without affecting the lawfulness of processing performed before withdrawal.

9.3 Right to Lodge a Complaint

EEA residents have the right to lodge a complaint with a supervisory authority. Our lead supervisory authority is the Dutch Data Protection Authority:

You may also file a complaint with the supervisory authority in the EEA member state where you reside or where the alleged infringement occurred.

9.4 How to Submit a GDPR Request

EEA residents may submit data subject requests by emailing [email protected] with the subject line “GDPR Data Subject Request.” We will respond within 30 days. If we need additional time (up to an additional 60 days for complex requests), we will notify you within the initial 30-day period.

10. International Data Transfers

FatFire's servers and primary data storage are located in the United States. If you are accessing our services from outside the United States, your personal data will be transferred to and processed in the United States.

Our service providers (Stripe, Resend, Google) are also located in the United States. Plausible Analytics operates within the EU.

10.1 For EEA Residents

Where we transfer personal data of EEA residents to the United States or other countries outside the EEA, we ensure that appropriate safeguards are in place:

• Stripe and Google: These providers are certified under the EU-U.S. Data Privacy Framework (DPF), supplemented by Standard Contractual Clauses (SCCs) as a fallback mechanism.
• Resend: Transfers are protected by Standard Contractual Clauses (SCCs) incorporated into our data processing agreement.
• Our infrastructure: The transfer of your data to our U.S.-based servers is necessary for the performance of our contract with you (GDPR Art. 49(1)(b)). We supplement this with appropriate technical and organizational security measures as described in Section 11.

We regularly review our transfer mechanisms to ensure they remain valid and adequate under current EU guidance, including the requirements established by the Court of Justice of the European Union in Schrems II (Case C-311/18).

11. Security Measures

We take the security of your personal data seriously. Given the nature of our membership and the sensitivity of the data we handle, we implement technical and organizational measures that reflect the risk profile of our platform:

• Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS (HTTPS). We enforce HTTPS on all connections.
• Encryption at rest: Our database is hosted on encrypted storage.
• Password security: Passwords are hashed using bcrypt with appropriate cost factors. We never store plaintext passwords.
• Access control: Administrative access to member data is restricted to authorized personnel, gated by role-based access controls, and logged.
• Infrastructure security: Our server runs on a dedicated instance (not shared hosting), behind a reverse proxy, with TLS certificates. The application runs as a non-root user.
• Session management: Sessions are managed through NextAuth v5 with secure, httpOnly session tokens.
• No document storage: We do not store sensitive verification documents (bank statements, tax returns, etc.) on our servers. Verification is handled out-of-band.
• Minimum cohort sizes: Signal benchmarking data is only displayed when a minimum of five contributors exist for a given filter combination, preventing individual identification from aggregate data.

No system is perfectly secure. Despite our measures, we cannot guarantee absolute security. If we become aware of a data breach that affects your personal data, we will notify affected individuals in accordance with applicable law. For EEA residents, this means notification without undue delay and within 72 hours of becoming aware of the breach where it poses a high risk to your rights and freedoms (GDPR Art. 33/34). For all users, we will comply with applicable U.S. state breach notification laws.

12. Cookies and Tracking Technologies

12.1 Essential Cookies

We use strictly necessary cookies to operate the platform:

• Session cookies: Used by NextAuth to maintain your authenticated session. These are httpOnly, secure cookies that cannot be read by client-side JavaScript.
• CSRF protection tokens: Used to prevent cross-site request forgery attacks during form submissions.

These cookies are essential for the platform to function. They do not track your activity across other websites and cannot be disabled without breaking core functionality.

12.2 Analytics

We use Plausible Analytics, a privacy-focused analytics service that does not use cookies, does not collect personal data, does not use fingerprinting, and does not track users across websites. Plausible data is aggregated and anonymous by design.

If we add Google Analytics 4 or any other analytics service that uses cookies or collects personal data in the future, we will implement a cookie consent mechanism and update this policy before activating it.

12.3 No Advertising or Third-Party Tracking

We do not use advertising cookies, retargeting pixels, social media tracking pixels, or any third-party tracking technologies for advertising purposes. We do not participate in any advertising networks. We do not engage in cross-context behavioral advertising.

13. Children's Privacy

FatFire is designed for adults who have achieved or are pursuing financial independence, with membership restricted to individuals 18 years of age or older. We do not knowingly collect personal data from anyone under the age of 18 (or the applicable age of majority in your jurisdiction, if higher).

If we learn that we have collected personal data from a child, we will take immediate steps to delete that data. If you believe a child has provided us with personal data, please contact us at [email protected].

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, applicable law, or operating entity. When we make changes:

• Material changes (changes to the categories of data collected, new third-party processors, changes to data retention periods, or changes to your rights) will be communicated to you via email and/or a prominent notice on the platform at least 30 days before taking effect.
• Non-material changes (typographical corrections, formatting updates, clarifications that do not change the substance of our practices) will be reflected in an updated version number and effective date at the top of this page.

We encourage you to review this policy periodically. Your continued use of the platform after the effective date of a revised policy constitutes your acknowledgment of the changes. For material changes that alter our processing of your data in ways not covered by our original basis, we will seek your affirmative consent where required by applicable law.

Previous versions of this policy will be archived and available upon request.

15. Contact Us

If you have questions about this Privacy Policy, want to exercise your data rights, or have concerns about how we handle your personal data, you can reach us at:

We aim to resolve all privacy concerns directly. If you are an EEA resident and are not satisfied with our response, you may lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or any other EEA supervisory authority, as described in Section 9.3.