We can't misuse
what we don't have.
Pickles is designed from the ground up so that personal information is never collected, never stored, and never shared — not because of a policy, but because of how the system works.
How data flows
What moves between you, Pickles, and the merchant — and what doesn't.
What Pickles collects — and what it doesn't
| Data type | Collected? | Why / Why not |
|---|---|---|
| Name | Never | Not part of the entry flow. Not required to win or claim. |
| Email address | Never at entry | Collected only if a winner voluntarily provides it for prize delivery — never stored afterward. |
| Phone number | Never | No SMS, no verification, no contact. |
| Physical address | Only if winner provides for delivery | Transmitted to merchant for prize delivery only. Not retained by Pickles. |
| Survey answers | Yes | The point of the platform. Stored anonymously — no name or identity attached. |
| IP address | Hashed, 7 days | Used only to prevent duplicate entries. Stored as a one-way hash — the original IP cannot be recovered. Deleted automatically after 7 days. |
| Device fingerprint | Hashed, 30 days | Screen size, timezone, browser language combined into a one-way hash. Used only to prevent VPN-based duplicate entries. Never linked to a person. |
| Location | Region only, winners only | Winners optionally provide a region (e.g. "Pacific Northwest") for the public audit log. City, address, or GPS location are never collected. |
| Cookies / tracking pixels | Never | No ad tracking. No retargeting. No third-party analytics scripts. |
| Social media identity | Never | No "login with Facebook/Google." No social graph. |
Better data. Less liability.
A traditional survey behind an email gate collects a database of personal information — one you're then legally responsible for securing, retaining, and complying with. That means GDPR exposure. CAN-SPAM obligations. Data breach liability. A growing list of state privacy laws.
Pickles gives you the honest opinions of real customers — not just your most engaged fans or loudest complainers — with none of that overhead. No mailing list to manage. No unsubscribe flow. No data to protect. The survey results belong to you. The identities don't, because we never had them.
Your opinion. Your privacy. Your entry.
When you enter a Pickles campaign, you answer survey questions and receive a Pickle ID — a cryptographic ticket that proves you entered. That ticket lives on your device. We don't know who you are. The merchant doesn't know who you are. Your answers go to the merchant anonymously, as part of a group, the same way a town hall response does.
If you win, you prove it by showing your ticket. What you choose to share with the merchant for prize delivery — a shipping address, an email, a Lightning address — is between you and them, and is never stored by Pickles. There is no account to delete, no data to request, no profile to worry about. There was never one to begin with.
Pickles runs entirely on Cloudflare's global edge network. No servers we manage means no servers that can be breached. Entry data is stored in Cloudflare KV — a distributed key-value store with no central database. The cryptographic keypair that creates your Pickle ID uses the same elliptic curve cryptography (secp256k1) that secures the Bitcoin network.
Winners are drawn using the hash of the most recent confirmed Bitcoin block — a public, tamper-proof random number that neither Pickles nor the merchant controls. Every draw is independently verifiable by anyone with the campaign's entry list.