Privacy policy

First draft — align with your jurisdiction (GDPR, CCPA, etc.) before launch.

Data we collect

Account data you provide (such as email, username, display name), session identifiers, IP address and user agent for security and audit logs, content you upload, and usage metadata needed to run the site (e.g. rate limiting keys in Redis).

How we use data

To authenticate you, send transactional messages when email is enabled, operate moderation and anti-abuse systems, improve reliability, and meet legal obligations.

Cookies

We use cookies for signed-in sessions. There is no third-party advertising cookie in this scaffold.

Retention

Logs and backups follow your deployment retention policy. You can request account deletion where applicable; some records may be kept where required for security or legal reasons.

Contact

For privacy requests, use the contact method configured for your deployment (not wired in this scaffold).