Meet the Marshmallows

Live cat room, clips, and the bigger mission behind it.

Privacy and monitoring

Anonymous telemetry, abuse detection, and retention controls.

Meet the Marshmallows uses privacy-conscious operational telemetry to keep the site available, detect abuse, and understand whether the public pages and support flows are working.

The focus is operational safety, not advertising. We do not sell visitor data, and the daily analytics reports are used internally for rescue operations, security monitoring, and incident response.

NeoVim and Kali Linux stand side by side, both alert and looking toward the camera.

What is collected

Anonymous operational telemetry.

We record aggregated page activity, anonymous visitor keys, request timing, referrer/source summaries, contact and CTA outcomes, runtime health samples, coarse network-scope or configured GeoIP / ASN abuse enrichment, and abuse indicators such as honeypot triggers.

What is not active

No advanced fingerprint beacons by default.

The platform does not currently run invasive browser fingerprint beacons such as canvas, plugin, or screen collection on public visitors by default. Monitoring remains focused on server-side signals and form-abuse defenses.

How it is used

Security, reliability, and incident response.

These signals feed internal dashboards, daily summaries, abuse alerts, and incident-response workflows so the rescue team can spot suspicious traffic, protect support flows, and investigate failures quickly.

Retention policy

Data is retained for bounded operational windows.

Honeypot and abuse-event records are retained for 30 days. Aggregated daily analytics rollups are retained for 90 days. Dispatch audit records for daily summaries are retained for 180 days.

Automatic daily summaries dispatch after 00:05 local time, and they only summarize completed prior days. Retention pruning runs on an internal schedule so stale event data does not accumulate indefinitely.

Plain language

What this means in practice.

If you browse the public site, submit a contact form, apply to foster or adopt, or use support flows, the platform may log anonymous security and operational signals needed to keep those flows healthy. That can include coarse network classification and, when configured for abuse review, country or ASN enrichment tied to the request rather than advertising identifiers.

Those signals are reviewed internally for abuse prevention, trend analysis, and reliability. They are not used to build advertising profiles, and they are pruned on bounded schedules rather than retained forever.