Last updated: May 5, 2026
Cipher77, LLC ("cipherφ7", "we", "us", "our") operates cipher7.io (the "Site"). This Privacy Policy describes how we collect, use, and protect information processed through the Site.
cipher7.io is the entity site for cipherφ7 — the operating-platform vendor behind individual Cipher venue installs. Per-venue sites (e.g. cipheratl.com) operate under separate privacy policies maintained by their respective venue operators. This policy covers cipher7.io only.
The Site collects information through a public install-interest form (on our home page), open to any prospective operator. Submitted fields include your name, venue name, city, email, phone number, number of bars and stations, whether you have existing network cabling, and your current point-of-sale system. We use these details to evaluate and respond to founding-cohort applications.
The Site also collects information through the operator onboarding intake form, which is accessible only via single-use invite token (not publicly linked). Submitted fields include:
The Site additionally captures server-side request metadata for rate-limiting and bot detection: IP address, user-agent string, the form-open timestamp (used for a dwell-time heuristic), and any value submitted via the hidden honeypot field. This metadata is ephemeral, retained only as long as required to operate the rate-limit window (typically minutes to hours), and is not joined to identity records.
The Site uses browser sessionStorage to maintain session-only authentication for invited operators (cipher7_auth_v1) — the entry exists for the duration of your browser session and is cleared automatically when you close the tab or window. No third-party tracking cookies, advertising tags, analytics SDKs, or fingerprinting techniques are employed. The sessionStorage entry can be cleared at any time via your browser's site-data settings; doing so logs you out of the gated portion of the Site.
The Site uses no analytics SDKs, no advertising trackers, no third-party tracking cookies, and no fingerprinting techniques. The single sessionStorage entry described above is the Site's only client-side state.
We do not sell, share, or rent submitted information to third parties for any purpose.
Onboard submissions are stored in a Supabase-hosted PostgreSQL database within an isolated ops schema, encrypted in transit (TLS) and at rest. Row-level security restricts read access to cipherφ7 owners. cipherφ7 architecturally separates platform operations data from venue HR/employee data and consumer records. No employee or consumer PII is processed on this Site.
Approved intakes are retained for the life of the operator relationship. Rejected or abandoned intakes are purged within 90 days. Operators may request deletion of their submission at any time prior to provisioning by contacting us.
Operators residing in the European Economic Area or California may have additional rights under GDPR or the CCPA, including the right to lodge a complaint with a supervisory authority. Contact us using the details below to exercise any of these rights.
The Site is directed at business operators aged 18 or older and is not intended for use by children. We do not knowingly collect personal information from children under 13.
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date.
Questions about this policy or your submitted data:
cipherφ7
Atlanta, GA
[email protected]
© 2026 Cipher77 LLC · All rights reserved