Privacy Policy

Last Updated: December 9, 2025

1. Information We Collect

1.1 Information You Provide

When you create an account using OAuth authentication (Google, Discord, or Microsoft), we collect:

  • Email Address - Required for account identification and communication
  • Display Name - Your preferred public username
  • Real Name - Captured from your OAuth provider (visible only to administrators)
  • Profile Picture - If provided by your OAuth provider
  • Pronouns - Optional, if you choose to provide them
  • Language Preference - For localizing your experience

1.2 Automatically Collected Information

  • IP Address - For security and session management
  • Browser Information - User agent and device type
  • Reading History - Pages you've viewed (for logged-in users)
  • Interaction Data - Clicks, page views, and engagement metrics

2. How We Use Your Information

We use your information to:

  • Create and manage your user account
  • Provide personalized content recommendations
  • Track your reading progress and history
  • Communicate important updates about the service
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations
  • Improve our services through analytics

3. OAuth Authentication

When you sign in using a third-party OAuth provider (Google, Discord, Microsoft), we request the following permissions:

  • Email Address - To create and identify your account
  • Basic Profile Information - Name and profile picture

We do not store your OAuth provider's password. Your authentication is managed securely through the provider's systems.

4. Data Sharing and Disclosure

We do not sell your personal information. We may share information:

  • With Your Consent - When you explicitly authorize sharing
  • For Legal Reasons - To comply with laws, court orders, or legal processes
  • To Protect Rights - To protect our rights, property, or safety, or that of others
  • Business Transfers - In connection with a merger, acquisition, or sale of assets

5. Data Retention

We retain your information for as long as your account is active or as needed to provide services. You may request deletion of your account at any time.

6. Your Rights

Depending on your location, you may have the following rights:

  • Access - Request a copy of your personal data
  • Correction - Update or correct inaccurate information
  • Deletion - Request deletion of your account and data
  • Portability - Receive your data in a machine-readable format
  • Opt-Out - Decline certain data processing activities
  • Withdraw Consent - Revoke previously given consent

To exercise these rights, contact us at the address below.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with applicable data protection laws, including GDPR (European Union), CCPA (California), PIPEDA (Canada), and other regional regulations.

8. Security

We implement industry-standard security measures to protect your information, including:

  • HTTPS encryption for all data transmission
  • Secure session management with HTTP-only cookies
  • IP-based security for session validation
  • Regular security audits and monitoring

However, no method of transmission over the Internet is 100% secure.

9. Cookies and Tracking

We use cookies and similar technologies for:

  • Session management and authentication
  • Remembering your preferences and settings
  • Analytics and performance monitoring

You can control cookies through your browser settings, but disabling cookies may limit functionality.

10. Children's Privacy

Our service is not directed to individuals under the age of 13 (or 16 in the European Union). We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

11. Region-Specific Rights

European Union (GDPR)

EU residents have additional rights under the General Data Protection Regulation, including the right to lodge a complaint with a supervisory authority.

California (CCPA/CPRA)

California residents have the right to know what personal information is collected, opt-out of the sale of personal information (we do not sell data), and request deletion without discrimination.

Canada (PIPEDA)

Canadian residents have the right to access their personal information and challenge its accuracy.

United Kingdom

UK residents have rights under UK GDPR similar to those in the European Union.

12. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by posting a notice on our website or sending you an email. Continued use of the service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this privacy policy or wish to exercise your rights, contact us at:

Email: privacy@example.com
Address: [Your Business Address]