Privacy Policy

Effective date: May 17, 2026  ·  Service: access-point.info

1. What this policy covers

Access Point is a web platform focused on accessibility resources and community. We collect information needed to provide and operate the Service. We do not sell your data, run advertising, or share your information with data brokers or marketing companies.

This policy explains what we collect, why we collect it, and your options around it.

2. What we collect

When you create an account

We store your username, email address, and a hashed representation of your password. Passwords are stored only as a one-way hash and cannot be recovered in their original form.

We send a one-time verification link to your email address when you register. Once verified, that token is removed from active records. Your email is used to provide access to your account and to send you transactional notifications described in this policy.

If you request a password reset, we temporarily store a secure single-use token linked to your account. That token expires after one hour and is cleared as soon as it is used or expires.

Profile information you add voluntarily

Display name, bio, skills, portfolio links, and accessibility specialties are all optional. You control what you share, and you may leave any field blank.

Activity on the platform

We record when you joined, when you were last active, and your current online status. We also track counts of completed jobs and transactions, and your average response time, in order to calculate your trust score — a visible indicator that helps other members make informed decisions.

Listings, bids, and reviews

When you create a listing, post a bid, or leave a review, that content is stored and associated with your account. Publicly published listings are visible to all visitors. Listings set to private are visible only to you and parties involved in a related request.

3. Your messages

Messaging on Access Point is limited to threads tied to specific requests — there is no open inbox. Messages are encrypted before being stored. This is encryption at rest, not end-to-end encryption. The platform can decrypt messages to display them to you and, where necessary, to address abuse reports, safety concerns, or legal obligations.

We do not read messages as a matter of routine. If you need truly private communication, use an end-to-end encrypted messaging service outside of Access Point.

4. Cookies

We use a small number of functional cookies to operate the site. We do not use advertising cookies or third-party analytics trackers.

Purpose What it does How long it lasts
Session Keeps you logged in between visits 14 days
Security Protects your account against common web attacks Per session
Alerts Displays a one-time confirmation or error message after an action A few minutes

We do not use browser storage for personal data beyond these cookies. No third-party cookies are set by Access Point.

5. Email

We use a third-party email delivery service to send messages on our behalf. When we send you an email, your address is passed to that provider for delivery. Their privacy practices apply to how they process that information.

We send only transactional emails: account verification, password reset links, notifications when someone messages you while you are offline, moderation notices, account deletion confirmations, and invitations you have initiated. We do not send marketing email.

We honor unsubscribe requests and email delivery failures by stopping future sends to affected addresses.

6. What we don't collect

  • Payment information — all transactions happen off-platform between users. We do not process or store payment details of any kind.
  • Government identification — we do not request or store identity documents.
  • Cross-site tracking data — we do not use tracking pixels, analytics platforms, or advertising networks.
  • IP addresses as account data — we do not store IP addresses as part of your account record.

Like most web services, our servers generate access logs that may include connection metadata such as IP addresses. These logs are used for security and operational purposes and are not used to build user profiles.

7. How we use your information

  • To create and maintain your account and provide the Service.
  • To calculate and display your trust score.
  • To send transactional emails described in this policy.
  • To investigate abuse reports and maintain the safety and integrity of the platform.
  • To maintain internal records of administrative actions.

8. Who we share it with

We do not sell or rent your data. Information may be shared in the following limited circumstances:

  • Email delivery — your email address is shared with our email delivery provider when we send you a message.
  • Hosting infrastructure — our hosting provider operates the servers on which the Service runs. They have access to the infrastructure but are not authorized to use application data for their own purposes.
  • Legal compliance — we may disclose data when required to do so by law, court order, subpoena, or other lawful government request.

Our team may access account data, messages, and records when investigating a reported safety issue or policy violation. This access is not routine and is limited to situations where there is a specific operational or legal reason.

9. What others can see

Logged-in users can view your public profile, which includes your username and any optional fields you have chosen to fill in: display name, bio, skills, portfolio links, accessibility specialties, trust score, and activity statistics.

Listings you publish as "public" are visible to all visitors, including those who are not logged in.

10. Keeping and deleting your data

We retain account data for as long as your account is active. Moderation and audit records are retained for administrative accountability and may be kept after an account is closed.

Self-service account deletion. You may permanently delete your account at any time from Profile Settings → Delete account. Deleting your account immediately:

  • Erases all your listings and their metadata.
  • Deletes your notifications.
  • Clears all personal profile fields (display name, bio, email address, skills, portfolio links, accessibility specialties).
  • Invalidates your login session.

To preserve the other party's records, messages and requests you participated in are retained but your identifying information is removed from them — they will no longer display your name or link to your profile. A minimal internal record (your numeric account ID and a deletion timestamp) is kept for audit purposes only and contains no personal data.

This process satisfies your right to erasure under Article 17 of the UK/EU General Data Protection Regulation (GDPR). Account deletion cannot be undone. We will send a confirmation email to your address immediately before your data is erased.

If you have difficulty using the self-service tool, you may also request deletion by contacting us at the details in Section 14.

11. How we protect your data

We apply reasonable technical and organizational measures to protect information against unauthorized access, loss, or misuse. These include:

  • Passwords stored using a one-way cryptographic hash.
  • Messages encrypted at rest.
  • Connections served over HTTPS.
  • Authentication cookies protected against tampering.
  • Standard technical measures to protect form submissions and limit automated abuse.

Despite these precautions, no system can guarantee complete security. If you discover a potential security issue, please report it to us through the contact details below.

12. Under 18

Access Point is for adults only. If we become aware that a user is under 18, we will close their account and remove their data to the extent practicable. If you believe a minor has registered, please contact us.

13. Changes to this policy

We may update this policy from time to time. When we make material changes, we will note the revised effective date at the top of this page and, where appropriate, notify users through the platform. Continued use of the Service after a change constitutes acceptance of the updated policy.

14. Questions

If you have questions about this policy, need help with account deletion, or want to report a security concern, contact us through the platform or at the email address provided on the site.