Reputation Flair Privacy Policy
This is an official Metopedia application page for Reputation Flair.
Last updated: April 25, 2026
This Privacy Policy explains how Reputation Flair collects, uses, stores, shares, and deletes information when you use the Reputation Flair Devvit application (the “App” or “Service”).
This application may be referred to interchangeably as “Reputation Flair” (“RF”), “Reputation Flair System” (“RFS”), “reputation-flair,” “reputation_flair,” “Bot Shield,” “Human Verification Module,” “Subreddit Stats by Reputation Flair,” or the “Reputation Portal,” including any capitalization or formatting variations thereof, all of which refer to the same underlying system and service (collectively, “Reputation Flair,” “the App,” “the Service,” “we,” “us,” or “our”).
Reputation Flair operates on Reddit’s Devvit platform. Your use of Reddit and Devvit is also governed by Reddit’s applicable terms, rules, privacy policies, developer terms, and platform policies.
1. Overview
Reputation Flair is a subreddit moderation, reputation, flair, transparency, and optional human-verification application. It helps participating subreddits calculate subreddit-specific reputation statistics, update user flair, show subreddit transparency metrics, route content for moderator review or removal when configured, and operate optional human-verification features.
We aim to minimize data collection and retain only the data reasonably needed to provide the App, protect subreddit integrity, calculate reputation and flair, operate dashboards and leaderboards, support moderation workflows, rate-limit abuse, maintain app security, and comply with Reddit, Devvit, legal, and safety requirements.
2. Information We Collect or Process
Depending on how the App is configured and how you interact with it, the App may collect or process the following categories of information.
a. Reddit and Devvit identifiers
- - Reddit username
- - Reddit user ID, when provided by Reddit or Devvit
- - subreddit name
- - post ID
- - comment ID
- - custom post ID
- - portal post ID
- - Devvit/internal run, session, stage, or request identifiers
b. Public Reddit activity processed by the App
- - post or comment text, read transiently for scoring and moderation decisions
- - public post/comment metadata needed to identify the content being processed
- - whether an item was processed, reviewed, removed, approved, or restored
- - original poster / thread context where needed for OP-self-reply protections or command behavior
The App reads post and comment text to calculate scores and moderation outcomes. It does not normally store a full or partial private Redis copy of the post body or comment body.
c. Reputation, flair, and moderation data
- - per-user good reputation points
- - per-user bad reputation points
- - post and comment counts
- - streak values and last-activity timestamps
- - broad category counters
- - good/bad contribution counts
- - bot-trigger totals displayed as a rate
- - subreddit-wide totals
- - daily subreddit totals
- - leaderboard and ranking data
- - flair text generated by the App
- - cached user flair-head text when preserve-user-flair is enabled
- - RFstats mod-note summaries when that feature is enabled
- - review/removal markers and processed-item markers
d. Human verification and Bot Shield data, when enabled
- - verification state: not verified, verified, or expired
- - verification timestamps
- - verification expiry timestamp
- - failed-verification count
- - verification-only removal markers
- - restoration queue metadata for verification-only removals
- - challenge/session state needed to run the verification flow
- - challenge scoring summaries and trap/severity outcomes
- - telemetry needed to validate human-verification challenges
- - short-lived pending bot-pressure or abuse-prevention records
The App does not treat a normal failed challenge as proof that a user is a bot. Verification outcomes are used to support the configured verification and moderation workflow.
e. Portal, command, and dashboard data
- - portal post record
- - portal repair/reset history for known portal posts
- - dashboard lookup rate-limit records
- -
!rfcheckcommand cooldown records - - user/thread cooldown records
- - compact command reply state needed to avoid abuse
- - cached subreddit transparency snapshots and daily history
f. Moderator configuration data
- - subreddit-specific
rfConfigvalues - - review and removal thresholds
- - flair options
- - verification settings
- - restore limits
- - rate-limit or cache-related settings
- - other App configuration selected by moderators
g. Technical and operational data
- - limited cache records
- - Redis keys and runtime state required for app operation
- - anti-abuse and rate-limit records
- - short-lived diagnostic or audit records
- - scheduler or background-task control records
- - error or operational logs available through Reddit/Devvit developer tooling
3. Information We Do Not Intentionally Collect
The App does not ask for or intentionally collect:
- - Reddit passwords
- - direct messages
- - email addresses
- - phone numbers
- - legal names
- - home addresses
- - precise location data
- - payment data
- - demographic information
- - health information
- - political beliefs
- - religion
- - IP addresses, unless Reddit or Devvit platform tooling independently processes them outside the App’s direct control
- - browser history
- - Reddit browsing history
- - posts or comments a user has merely viewed
- - a private long-term copy of full post or comment bodies
- - a long-term raw log of matched trigger phrases
4. How We Use Information
We use information to:
- - calculate subreddit-specific reputation statistics
- - update user flair, when enabled
- - preserve user flair-head text, when enabled
- - display dashboard and portal statistics
- - build leaderboards and subreddit transparency views
- - calculate good/bad contribution counts and reputation scores
- - route content to moderator review, when enabled
- - remove content from public view, when enabled and configured
- - apply OP-self-reply protections, when enabled
- - maintain RFstats mod-note summaries, when enabled
- - operate human verification and verification badges, when enabled
- - enforce verification-only posting/commenting rules, when enabled
- - restore verification-only removals after verification, when enabled and within configured limits
- - rate-limit commands, lookups, dashboard requests, and other abuse-sensitive actions
- - protect against spam, automation, technical misuse, cheating, and abuse
- - diagnose bugs and maintain app integrity
- - comply with Reddit, Devvit, legal, and safety requirements
5. Legal and Platform Basis for Processing
We process data as needed to:
- - provide the Service in a subreddit where it is installed
- - operate moderator-configured reputation, flair, verification, review, and removal features
- - secure the App and prevent abuse
- - comply with Reddit and Devvit platform rules
- - comply with legal obligations
- - pursue legitimate interests in maintaining a functional, transparent, abuse-resistant subreddit tool
6. What We Store
The App may store data in Redis or related Devvit runtime storage, including:
- - per-user reputation records
- - per-user activity counts
- - per-user category counters
- - per-user verification state
- - verification metadata and expiry timestamps
- - verification-only removal markers
- - restore queue records
- - per-subreddit totals
- - per-day subreddit totals
- - leaderboards or recent-user indexes
- - dashboard/cache snapshots
- - portal post records
- - processed/reviewed/removed markers
- - command and lookup cooldown records
- - flair update timestamps
- - cached flair-head text when needed
- - subreddit configuration records
- - short-lived challenge/session/telemetry records
- - rate-limit, abuse-prevention, and lock records
Some records are temporary and expire automatically. Other records persist longer because they are needed for reputation history, flair consistency, moderation state, transparency, leaderboards, or operational continuity.
7. Post and Comment Text Handling
The App reads post and comment text to score discourse and decide whether configured review, removal, verification, or flair behavior applies.
In the current design:
- - text is processed for scoring
- - scores, counters, categories, and moderation outcomes may be stored
- - full post/comment bodies are not normally stored in the App’s Redis records
- - raw matched trigger phrases are not normally stored as a long-term phrase log
- - verification-only removal metadata may store item type, item ID, username, and timestamp so eligible items can be restored later
8. Human Verification Data
If human verification is enabled, the App may process challenge/session data needed to determine whether a verification attempt passes, fails, expires, or should be marked for review by the App’s own scoring logic.
Verification data may include:
- - session ID
- - challenge/stage ID
- - timestamps
- - validation state
- - scoring summaries
- - failed-verification count
- - verification state
- - expiry timestamp
- - challenge telemetry required to validate the verification flow
Verification data is used only for App functionality, moderation safety, abuse prevention, and related diagnostics.
9. Data Sharing
We do not sell or rent personal data.
We may share or expose limited data only:
- - with Reddit and Devvit platform services as necessary to operate the App
- - to subreddit moderators through Reddit-native surfaces such as flair, mod notes, review/removal state, dashboards, or portal views
- - with infrastructure or service providers that help us operate the App, if any
- - when required by law, legal process, or platform enforcement
- - to investigate abuse, security incidents, fraud, spam, cheating, or policy violations
- - in aggregated or de-identified form where reasonably appropriate
The App does not transmit scored post/comment text to an external analytics provider as part of its normal operation.
10. External Configuration Generator
The App may link moderators to an optional interactive configuration generator. The generator is intended to help moderators build an rfConfig value for the App.
Do not paste private, sensitive, or unrelated personal information into the configuration generator. The App’s runtime functionality is controlled by the configuration value moderators choose to paste into Reddit/Devvit settings.
11. No Sensitive-Trait Inference or Re-Identification
The App is not intended to infer sensitive personal traits, conduct background checks, identify users outside Reddit, re-identify users across unrelated datasets, de-anonymize users, or conduct surveillance-style monitoring.
The App is designed to operate within the subreddit context where it is installed and where Reddit/Devvit grants access.
12. Retention
We keep data only as long as reasonably needed for the purposes described in this Policy. Retention may vary by record type.
Examples:
- - challenge sessions and telemetry may be short-lived
- - command cooldowns and rate-limit records may expire automatically
- - portal records may persist while the App is installed
- - reputation totals, leaderboard state, and subreddit transparency data may persist longer
- - verification state may persist until expiration, reset, deletion, or configuration changes
- - processed/reviewed/removed markers may persist where needed to avoid duplicate actions
- - some data may be deleted, overwritten, or rebuilt after settings changes or app upgrades
We do not guarantee permanent retention of any score, flair, leaderboard position, dashboard history, portal post, verification state, or moderation marker.
13. Changes to Settings and Stored Data
If App settings, scoring rules, verification rules, flair rules, subreddit configuration, or major App versions change, the App may purge, rebuild, overwrite, or stop using stored records associated with the affected subreddit.
This may include reputation records, leaderboards, daily counters, cached snapshots, portal metadata, verification markers, moderation markers, rate-limit records, and user statistics.
Some temporary or separately scoped technical records may expire later rather than being removed immediately.
14. Deletion and Platform Events
Where Reddit or Devvit deletion events apply, we aim to remove or stop using related stored data when technically feasible and appropriate. Some minimal metadata may be retained where needed for system integrity, diagnostics, fraud prevention, moderation state, abuse prevention, or platform compliance.
If you contact us with a deletion or privacy request, we will review it in light of the data actually controlled by the App, Reddit platform constraints, and applicable law.
15. User and Moderator Visibility
Some App data is visible to users or moderators, and some remains internal to the App.
Moderator-visible examples may include:
- - user flair output
- - RFstats mod notes, when enabled
- - reviewed/removed content states
- - portal and dashboard statistics
- - subreddit transparency totals
- - verification state where enabled
Internal examples may include:
- - processed-item flags
- - review/removal markers
- - verification-restoration tracking
- - cache records
- - cooldown records
- - short-lived challenge state
- - daily snapshot records
16. Security
We take reasonable steps to protect App data, including limiting collection, using Reddit/Devvit runtime storage, avoiding unnecessary raw-text retention, limiting data to App purposes, and applying rate-limit and abuse-prevention safeguards.
No method of storage or transmission is perfectly secure, and we cannot guarantee absolute security.
17. Children’s Privacy
The App is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn that such information has been collected, we will take reasonable steps to delete it.
18. International Users
If you use the App from outside the United States, information may be processed in jurisdictions where data protection laws differ from those in your location.
19. Changes to This Policy
We may update this Privacy Policy from time to time. If we make changes, we will revise the “Last updated” date above and may provide notice where appropriate. Continued use of the App after changes take effect means you accept the revised Policy.
20. Contact
For privacy, support, or policy questions, contact the App operator.
Operator: Andrew Lehti and/or Metopedia, as applicable to the published App listing.
Email: [email protected]
21. Governing Law
This Privacy Policy is governed by the laws of the State of Minnesota, United States, except where applicable law requires otherwise.
| Reputation Flair | |
|---|---|
| Application | Overview · FAQ · Terms · Privacy Policy |
| Public article | Reputation Flair |
| External | Reddit Developers · GitHub repository · Configuration builder |