Your complaint text is not stored. When you submit the form, your text is sent to an AI provider to generate your certificate. After that, it is discarded. No database. No record.
Your data is never used to train AI. The Bureau is a consumer of AI services, not an AI trainer. Your text is used to generate one certificate and nothing else.
Your text is screened for safety. Before generation, your complaint text is checked by an automated content moderation service to filter harmful content. This check is automated and the text is not stored by the moderation provider.
This is not a therapy or wellness tool. The Bureau is a parody of bureaucratic formality. It generates a comedic document. It is not therapy, emotional support, or a health service.
No tracking cookies. No ads. No account. No advertising cookies. No third-party ad trackers. No registration required. Paid access uses a license key stored only in your own browser.
Bureau Privacy Directive §1 — Data Intake Protocol
When a Claimant submits a grievance via the Bureau Intake Form, the following information is transmitted to Bureau processing infrastructure:
- The name entered for the certificate recipient (hereafter “the Respondent”)
- The complaint description provided by the Claimant
- Duration and filer name fields, if voluntarily disclosed
- The complaint classification selected from the Bureau’s seven active divisions
- Desired severity rating, if adjusted from the Bureau’s default assessment
This information is transmitted to the Bureau’s serverless processing infrastructure, which routes it to one of several AI service providers for certificate generation. The Bureau does not store this information in any database. It is used solely to produce a single certificate, after which it is discarded. The Bureau has no memory. The Bureau processes, issues, and forgets.
Prior to generation, the Claimant’s complaint text is also submitted to an automated content moderation service for safety screening. This check is performed in real-time and the text is not retained by the moderation provider.
Bureau Privacy Directive §2 — Data the Bureau Does Not Collect
The Bureau wishes to formally confirm that it does not engage in the following practices, regardless of how normal they have become elsewhere:
- We do not deploy tracking cookies or advertising networks
- We do not sell, share, or broker data to or with third parties
- We do not require account registration of any kind
- We do not fingerprint browsers
- We do not store IP addresses in our own systems beyond short-lived rate-limit entries (see Directive §7)
The Bureau acknowledges that this level of restraint is, in the current digital landscape, almost suspiciously responsible.
Bureau Privacy Directive §3 — Voluntary Email Disclosure
A Claimant may, at their sole discretion, choose to provide an email address (e.g., to receive Bureau correspondence). This email is transmitted to EmailOctopus, a third-party mailing list provider. The Bureau uses EmailOctopus solely to manage its correspondence registry.
- Email collection is entirely optional — the Bureau operates at full capacity without it
- Your email is stored by EmailOctopus on their servers, subject to their privacy policy
- Every Bureau communication includes an unsubscribe mechanism
- You may request deletion of your email at any time (see Directive §10)
- The Bureau does not link your email to your complaint text, certificate content, or filing history. The Bureau does not have a filing history. The Bureau has no memory
Bureau Privacy Directive §4 — Local Device Storage
The Bureau utilises the Claimant’s browser localStorage and sessionStorage to maintain certain data on the Claimant’s own device. This data is never transmitted to Bureau servers:
- License key — if the Claimant has secured an Official Filing, the license key is preserved in localStorage so that full certificate access persists across browser sessions
- Certificate data — the most recently generated certificate is held in sessionStorage to survive page refreshes during the active session
- Timer state — certificate countdown timer start time is stored in sessionStorage
The Claimant may purge all locally stored Bureau data at any time by clearing site data for this domain. The Bureau will not take this personally.
Bureau Privacy Directive §5 — Payment Processing
Claimants who elect to upgrade their filing are directed to a secure third-party payment processor. The Bureau does not receive, process, or store payment card information at any point. After purchase, the Claimant receives access to their certificate content. This key is stored exclusively in the Claimant’s browser localStorage as described in Directive §4.
Bureau Privacy Directive §6 — Operational Analytics
The Bureau collects anonymous, aggregate usage data to monitor operational efficiency. This data contains no personally identifiable information:
- Cloudflare Web Analytics — a privacy-first analytics beacon collects page views, referrer, country, and device type. No cookies. No personal data. See Cloudflare Web Analytics
- Bureau Funnel Metrics — the Bureau tracks anonymous event counts (e.g., “certificate generated,” “download initiated”) via its own Cloudflare-hosted endpoint. These are stored as daily aggregate counts in Cloudflare KV with a 90-day retention period (auto-deleted after expiry). Events include country code and device type (mobile/desktop). No IP addresses, claimant names, or complaint content is stored
- Satisfaction survey — if a Claimant submits a satisfaction rating (1–5 stars with optional text), this is logged to Cloudflare console logs for operational review. No personal identifiers are attached
Bureau Privacy Directive §7 — Data Retention Schedule
The Bureau maintains the following retention schedule, which it considers refreshingly brief by institutional standards:
- Complaint text: Not stored. Discarded immediately after certificate generation. Retention period: zero
- Rate-limit entries: IP-based counters stored in Cloudflare KV with a 10-minute TTL. Auto-expire. Purpose: preventing abuse
- Analytics aggregates: Anonymous event counts stored in Cloudflare KV with a 90-day TTL. Auto-expire. Purpose: operational metrics
- Email addresses: If voluntarily provided, stored by EmailOctopus until the Claimant unsubscribes or requests deletion
- License keys: Stored in the Claimant’s browser localStorage only — not on Bureau servers
- Cloudflare infrastructure logs: Standard server access logs are retained by Cloudflare per their data retention policies. The Bureau does not control this retention period, nor does it regularly access these logs
Bureau Privacy Directive §8 — Third-Party Service Registry
The Bureau maintains formal processing relationships with the following external services. Claimant data is shared with these services only as specifically described:
- AI generation providers — the Bureau routes complaint text to third-party AI language model providers for certificate generation. These providers process the text in real-time to produce a single certificate. Text is not stored or used for model training by these providers under their respective terms of service
- Content moderation service — complaint text is screened by an automated AI safety service before generation. Text is processed in real-time and is not retained or used for training
- Cloudflare (hosting and infrastructure) — serves the Bureau’s website, runs server functions, and provides bot protection via Turnstile. May collect standard server access logs. See cloudflare.com/privacy
- Cloudflare Web Analytics (privacy-first analytics) — collects anonymous page view data. No cookies, no personal data. See cloudflare.com/web-analytics
- Dodo Payments (payment processor) — processes payments for Official Filings. The Bureau does not receive card data. See dodopayments.com/privacy
- EmailOctopus (correspondence management) — stores email addresses if voluntarily provided. See emailoctopus.com/privacy
- Fonts — all typefaces are self-hosted on Bureau infrastructure. No external font requests are made. No IP logging from font loading. The Bureau controls its own typography
Bureau Privacy Directive §9 — Claimant Rights
Depending on the Claimant’s jurisdiction, the following rights may be exercised regarding personal data held by the Bureau:
- Right of access — the Claimant may request a copy of any personal data the Bureau holds
- Right of erasure — the Claimant may request deletion of any personal data held (primarily email address, if provided)
- Right to object — the Claimant may object to processing of data for marketing purposes (unsubscribe from Bureau correspondence)
- Right to data portability — the Claimant may request data in a machine-readable format
In practice, the Bureau stores remarkably little personal data server-side. If the Claimant has not provided an email address, the Bureau holds no personal data whatsoever. Complaint text is not stored. Certificates exist only in the Claimant’s browser. The Bureau’s memory is, by design, institutionally non-existent.
For EU/EEA residents: these rights are provided under the General Data Protection Regulation (GDPR). For residents of other jurisdictions with comparable data protection frameworks, the Bureau extends the same rights. The Bureau does not discriminate in its commitment to forgetting.
To exercise any of these rights, contact the Bureau at the address in Directive §12.
Bureau Privacy Directive §10 — Data Deletion Procedure
Claimants seeking deletion of their data may initiate the following procedures:
- Email address: Send correspondence to hello@bureauofminorsufferings.com with the subject line “Data Deletion Request.” The Bureau will remove the Claimant’s email from EmailOctopus within 7 business days
- Browser data: Clear site data for bureauofminorsufferings.com in the browser’s settings. This removes all locally stored license keys, certificate data, and timer state
- Rate-limit entries: These expire automatically within 10 minutes and cannot be manually retrieved or deleted. The system forgets faster than most people forgive
- Cloudflare infrastructure logs: Managed by Cloudflare and outside the Bureau’s direct administrative authority. See Cloudflare’s data retention policies
Bureau Privacy Directive §11 — Minors
The Bureau does not knowingly process filings from individuals under the age of 13. If the Bureau becomes aware that a minor has submitted personal data, it will initiate deletion procedures. Given that the Bureau does not store complaint text and does not require accounts, the practical risk is minimal — but the commitment is genuine.
Bureau Privacy Directive §12 — Policy Amendments
The Bureau reserves the right to amend this Privacy Directive as operational requirements evolve. The effective date at the top of this document reflects the most recent revision. Continued use of Bureau services constitutes acceptance of the amended Directive.
Bureau Privacy Directive §13 — Contact
Privacy inquiries, data deletion requests, and GDPR-related correspondence: hello@bureauofminorsufferings.com
The Bureau of Minor Sufferings is not a real government agency and maintains no government data-handling obligations. That said, the Bureau takes data privacy more seriously than it takes your complaint — which is to say, with complete institutional sincerity.