Privacy

Last updated: June 2025

Summary

Cineboxd is a personal, non-commercial project. It serves no advertising, builds no behavioural profiles, and sells no data. The sections below describe the limited data processing that does occur in order for the service to function.

Data we process

Letterboxd usernames: When you enter a Letterboxd username (or several, in Watch Together mode), Cineboxd uses it to fetch your public watchlist from Letterboxd and compute matches against current screenings. Usernames are not stored beyond the duration of a single request; the resulting match data is held in your browser session only.
UK postcode: If you use the “near me” feature, your postcode is stored in your browser's localStorage and is sent to postcodes.io (a free, open-source UK geocoding API) to obtain a latitude and longitude for distance sorting. The postcode is not sent to Cineboxd's servers; it remains on your device until you clear it or your browser storage is cleared.
Email address and username(s) — weekly alert subscribers only: If you opt in to weekly screening alerts, your email address and associated Letterboxd username(s) are stored so that alerts can be sent to you. Emails are delivered via Resend. Subscription data is held in a JSON file on the server (/tmp/subscriptions.json on Vercel, which is ephemeral and may be cleared between deploys or cold starts; data/subscriptions.json in local development). You can unsubscribe at any time using the link included in every alert email.
Technical and security data: IP addresses and user-agent strings are used by an in-memory rate limiter (to prevent abuse) and may appear in server logs generated by the hosting platform (Vercel). This data is not deliberately retained by Cineboxd beyond what the hosting provider logs automatically.
Screening cache (Upstash Redis): When configured, scraped cinema screening data is cached in an Upstash Redis database. This cache is intended to contain only publicly available screening information and is not designed to hold personal data.

Purposes and lawful bases

Performance of a service you requested — processing your Letterboxd username to fetch your watchlist and produce match results is necessary to provide the feature you asked for.

Consent — collection of your email address for weekly alerts is based on your explicit opt-in. You may withdraw consent at any time by unsubscribing.

Legitimate interests — rate limiting by IP address and hosting-platform logging are carried out to maintain security, prevent abuse, and keep the service available.

Retention

Username lookups are not stored beyond producing your results.

Postcodes remain in your own browser's localStorage until you clear them or clear your browser data.

Subscription data (email + username) is retained until you unsubscribe. Note that the Vercel deployment stores subscriptions in /tmp, which is ephemeral, so in practice records may not persist across cold starts or redeployments.

Rate-limiter state is held in memory only and is discarded when the server process restarts.

Third-party processors

Vercel — hosting and serverless functions; processes request logs including IP addresses.
Upstash — Redis-compatible cache for screening data (no personal data intended).
Resend — transactional email delivery for alert subscribers.
TMDB — film metadata (posters, ratings, directors); no personal data is sent.
Letterboxd — public watchlists are fetched directly from Letterboxd using the username you provide.
postcodes.io — geocodes the postcode you enter for distance sorting; no personal identifiers are attached to the request.

Cookies and device storage

Cineboxd does not use advertising cookies or tracking cookies.

One item of localStorage is written if you use the postcode feature (cineboxd_postcode). This is purely functional — it persists your postcode preference across visits so you do not have to re-enter it — and is never sent to our servers.

Because no analytics or advertising cookies are used, no cookie consent banner is shown.

Your rights and contact

Under UK GDPR you have rights including access to, rectification of, and erasure of personal data held about you. Given the minimal data processing described above, the most straightforward exercising of these rights is:

Alert subscribers: unsubscribe via the link in any alert email to remove your subscription record.
Postcode: clear it using the ✕ button on the site, or clear your browser's localStorage for this domain.
Any other request: use the contact form linked from the About page.

If you are unsatisfied with how your data is handled you have the right to lodge a complaint with the ICO (UK Information Commissioner's Office).

← Back to home