Privacy Policy.

Personal information — When you register, we collect:

• 01Email address
• 02Name
• 03Username
• 04Profile information (optional): job title, company, location, bio
• 05Social media profiles (optional): LinkedIn, GitHub, Twitter

Authentication data — For security, we store:

• 01WebAuthn / FIDO2 public keys (never private keys)
• 02TOTP secret keys (encrypted at rest)
• 03bcrypt-hashed backup codes
• 04Session tokens

Usage data — We automatically collect:

• 01IP addresses
• 02Browser type and version
• 03Device information
• 04Access times and dates
• 05Pages viewed

• 01Provide and maintain the Service
• 02Authenticate your identity securely
• 03Send important service notifications
• 04Respond to inquiries and support requests
• 05Detect and prevent fraud or unauthorized access
• 06Comply with legal obligations
• 07Improve the Service based on usage patterns

We do not sell, trade, or rent your personal information. We share information only in these circumstances:

With your consent

When you explicitly agree to sharing.

Service providers

Trusted third parties who assist in operating the Service.

Legal requirements

When required by law or to protect rights and safety.

Business transfers

In connection with merger, acquisition, or asset sale.

We implement the following measures:

• 01AES-256-GCM authenticated encryption for data at rest
• 02TLS 1.3 for data in transit
• 03bcrypt cost-12 hashing for sensitive data
• 04Centralized secret management with chmod 600 .env
• 05Continuous security audits and penetration testing
• 0624/7 health and security event monitoring

We retain your personal information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements.

When you delete your account, we remove your personal information within 30 days, except where retention is required by law.

Under GDPR, you have the right to:

Access

Request copies of your personal data.

Rectification

Request correction of inaccurate data.

Erasure

Request deletion of your data.

Restriction

Request restriction of processing.

Portability

Request transfer of your data.

Object

Object to processing of your data.

Withdraw consent

Where processing is based on consent.

California residents have additional rights:

• 01Right to know what personal information is collected
• 02Right to know if personal information is sold or disclosed
• 03Right to say no to the sale of personal information
• 04Right to equal service and price

We use essential cookies for:

• 01Authentication and session management
• 02Security features (CSRF tokens, MFA flow)
• 03User preferences

We do not use third-party tracking cookies or advertising cookies.

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided personal information, we delete it immediately.

Your information may be transferred to and maintained on servers located outside your country. We ensure appropriate safeguards are in place for international transfers in compliance with applicable laws.

We may update this Privacy Policy periodically. We will notify you of any changes by posting the new policy on this page and updating the “Last updated” date. Continued use of the Service after changes constitutes acceptance.

For privacy-related questions or to exercise your rights, contact us: