Privacy Policy

Privacy Policy

Last Updated: March 30, 2025

1. Introduction

This Privacy Policy describes how [Your Name] ("we," "us," or "our") collects, uses, and shares information in connection with your use of our portfolio and blog website (the "Service").

We respect your privacy and are committed to protecting your personal data. This Privacy Policy aims to give you information on how we collect and process your personal data through your use of the Service, including any data you may provide when you register for an account, subscribe to content, or interact with the Service.

2. Information We Collect

2.1 Information You Provide

We may collect the following types of information that you voluntarily provide to us:

  • Account Information: When you register for an account, we collect your email address for authentication purposes.
  • Communication Information: If you contact us, we may collect information such as your name, email address, and any other information you choose to provide.
  • Comments and Feedback: If you post comments or provide feedback on writings or projects, we collect the content of those communications.

2.2 Information Collected Automatically

When you access or use the Service, we may automatically collect certain information about your device and usage, including:

  • Device Information: Information about the device you use to access the Service, including hardware model, operating system, IP address, browser type and version, and other device identifiers.
  • Usage Information: Information about how you use the Service, including the pages you visit, the time and duration of your visits, and other browsing activity.
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to track activity on our Service and hold certain information. See Section 6 for more details.

2.3 Anonymous Authentication

When you browse the Service without explicitly signing in, we may automatically create an anonymous user session to provide basic functionality. This anonymous authentication:

  • Does not require personal information
  • Creates a temporary identifier stored in your browser
  • Is used to provide a consistent browsing experience
  • Does not personally identify you
  • Ends when you close your browser or after a period of inactivity

Even with anonymous authentication, the Service may still collect certain non-identifying information such as:

  • Browser type and version
  • Device type and operating system
  • Referring website
  • Pages viewed and time spent on pages
  • IP address (which may be truncated or anonymized)
  • Approximate location data (derived from IP address, not precise GPS)

This information helps us improve the Service, troubleshoot issues, and understand usage patterns. This data is stored separately from any personally identifying information you may later provide if you create an account.

3. How We Use Your Information

We use the information we collect for various purposes, including:

  • Providing the Service: To operate, maintain, and improve the Service.
  • Authentication: To verify your identity and manage your account.
  • Access Control: To determine eligibility for accessing private content.
  • Communication: To respond to your inquiries and provide support.
  • Service Improvement: To understand how users interact with the Service and improve its functionality.
  • Security: To detect, prevent, and address technical issues and security threats.
  • Legal Compliance: To comply with legal obligations.

4. Legal Basis for Processing (EU/EEA Users)

If you are located in the European Union or European Economic Area, we collect and process your personal data based on the following legal grounds:

  • Contractual Necessity: To perform our obligations under the Terms of Service or other contracts we have with you.
  • Legitimate Interests: To pursue our legitimate interests, such as improving our Service and providing a secure environment for users.
  • Consent: For certain types of processing, we rely on your explicit consent, which you can withdraw at any time.
  • Legal Obligation: To comply with legal requirements to which we are subject.

5. How We Share Your Information

We may share your personal information in the following situations:

5.1 Service Providers

We share information with third-party vendors, consultants, and other service providers who perform services on our behalf, including:

  • Supabase: For database management and authentication services
  • Vercel: For hosting and deployment services
  • UploadThing: For media file storage and delivery
  • Analytics providers: To help us understand Service usage

PLEASE NOTE THAT THESE THIRD-PARTY SERVICES HAVE THEIR OWN PRIVACY POLICIES AND TERMS OF SERVICE. WE DO NOT CONTROL AND ARE NOT RESPONSIBLE FOR THE PRIVACY PRACTICES OF THESE THIRD PARTIES. THESE THIRD PARTIES MAY USE YOUR INFORMATION FOR THEIR OWN PURPOSES, INCLUDING ANALYTICS, OPERATION OF THEIR SERVICES, AND TARGETED ADVERTISING. WE ENCOURAGE YOU TO REVIEW THE PRIVACY PRACTICES OF THESE THIRD PARTIES DIRECTLY.

The information we share with these third parties is limited to what is necessary for them to perform their services. We have agreements with our service providers that they may only process your information for the purpose of providing services to us and in accordance with our instructions.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

5.3 Business Transfers

If we are involved in a merger, acquisition, or asset sale, your personal information may be transferred as part of that transaction.

5.4 With Your Consent

We may share your information for any other purpose with your consent.

6. Cookies and Tracking Technologies

6.1 Cookies

We use cookies and similar tracking technologies to track activity on our Service and store certain information. Cookies are files with a small amount of data that may include an anonymous unique identifier.

The cookies we use include:

  • Essential Cookies: Necessary for the Service to function properly, such as authentication cookies.

6.2 Your Choices Regarding Cookies

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

7. Data Security

We implement reasonable technical and organizational security measures designed to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These measures may include, but are not necessarily limited to:

  • Using industry-standard encryption for data in transit and at rest where appropriate
  • Limiting access to personal information to authorized personnel
  • Implementing authentication controls
  • Regularly reviewing our information collection, storage, and processing practices

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security. We therefore cannot ensure or warrant the security of any information you transmit to us. Any information you transmit to us is done at your own risk. We are not responsible for the circumvention of any privacy settings or security measures contained in the Service.

IF YOU BELIEVE YOUR ACCOUNT HAS BEEN COMPROMISED, PLEASE CONTACT US IMMEDIATELY AT THE EMAIL ADDRESS PROVIDED IN SECTION 20.

8. Data Retention

We generally retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. Typical retention periods include:

  • Account Information: We typically retain your email address and account details for as long as your account is active. If you request account deletion, we generally delete this information within 30 days of your request, subject to the exceptions noted below.
  • Authentication Data: For security purposes, we typically retain login activity logs for all users.
  • Analytical Data: Aggregated and anonymized usage data may be retained for analytical purposes.

We may retain certain information for longer periods if:

  • Required to comply with legal obligations
  • Necessary to resolve disputes
  • Required to enforce our policies
  • Needed to prevent fraud or abuse
  • Required for legitimate business purposes

When the retention of personal information is no longer necessary for the purposes for which it was collected, we will take reasonable steps to securely delete or anonymize it, unless retention is required by law.

12. CALIFORNIA RESIDENTS' RIGHTS

If you are a California resident, you may have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), to the extent these laws apply to our operations. These rights may include:

  1. Right to Know: You can request information about the personal information we collect, use, disclose, and sell.
  2. Right to Delete: You can request deletion of personal information we have collected from you, subject to certain exceptions.
  3. Right to Opt-Out: You can opt-out of the sale of your personal information, if applicable.
  4. Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
  5. Right to Correct: You can request correction of inaccurate personal information.
  6. Right to Limit Use of Sensitive Personal Information: You can limit the use of sensitive personal information where applicable.

To exercise these rights, please contact us using the information in Section 20.

California residents may also request a list of the third parties to whom we have disclosed certain personal information during the preceding year for the third parties' direct marketing purposes, if applicable.

Our Service does not respond to Do Not Track (DNT) signals at this time.

California residents should note that this Section 12 applies only to the extent required by applicable law, and our processing of your information may be governed by other applicable state and federal laws.

13. VIRGINIA, COLORADO, CONNECTICUT, AND UTAH RESIDENTS' RIGHTS

Depending on your location, you may have certain rights regarding your personal information, including:

13. VIRGINIA, COLORADO, CONNECTICUT, AND UTAH RESIDENTS' RIGHTS

If you are a resident of Virginia, Colorado, Connecticut, or Utah, you may have additional privacy rights under your state's respective comprehensive privacy law, to the extent these laws apply to our operations. These rights may include:

  1. Right to Confirm Processing: You can confirm whether we are processing your personal data.
  2. Right to Access: You can access your personal data.
  3. Right to Correction: You can correct inaccuracies in your personal data.
  4. Right to Delete: You can request deletion of personal data we have collected from you.
  5. Right to Data Portability: You can obtain a copy of your personal data in a portable and usable format.
  6. Right to Opt Out: You can opt out of the processing of personal data for purposes of targeted advertising, the sale of personal data, or profiling.

To exercise these rights, please contact us using the information in Section 20.

Please note that this Section 13 applies only to the extent required by applicable law, and our processing of your information may be governed by other applicable state and federal laws.

14. FOR EU/EEA RESIDENTS (GDPR)

  • Right to Access: You can request a copy of the personal information we hold about you.
  • Right to Rectification: You can request correction of inaccurate or incomplete information.
  • Right to Erasure: You can request deletion of your personal information under certain circumstances.
  • Right to Restrict Processing: You can request restriction of processing of your personal information.
  • Right to Data Portability: You can request the transfer of your personal information to you or a third party.
  • Right to Object: You can object to processing of your personal information.
  • Right to Withdraw Consent: You can withdraw consent where we rely on consent to process your personal information.

9.2 For California Residents (CCPA)

  • Right to Know: You can request information about the personal information we collect, use, disclose, and sell.
  • Right to Delete: You can request deletion of personal information we have collected from you.
  • Right to Opt-Out: You can opt-out of the sale of your personal information, if applicable.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

15. How to Exercise Your Rights

To exercise your privacy rights, please contact us using the contact information provided in Section 20. We may need to verify your identity before responding to your request.

When submitting a request, please:

  • Clearly state which right(s) you wish to exercise
  • Provide sufficient information to identify yourself
  • Specify the personal information related to your request
  • Include any additional information that might help us respond appropriately

We will respond to your request within the timeframe required by applicable law (generally within 30-60 days). If we require more time, we will inform you of the reason and extension period.

There is generally no fee for exercising your privacy rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

16. Children's Privacy

Our Service does not address anyone under the age of 13 ("Children"). We do not knowingly collect personally identifiable information from Children. If you are a parent or guardian and you are aware that your Child has provided us with personal information, please contact us immediately using the contact information provided in Section 13.

If we become aware that we have collected personal information from Children without verification of parental consent, we will take steps to remove that information from our servers. In the event we discover that a Child under 13 has provided us with personal information, we will delete such information from our servers immediately.

If you are located in the European Union, references to Children refer to anyone under the age of 16 or such higher age as provided under your applicable law providing for parental consent for the processing of personal data.

Parents interested in learning more about the Children's Online Privacy Protection Act (COPPA) may consult the following resources:

17. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data to the United States and process it there. Your submission of such information represents your agreement to this transfer.

18. No Liability for Privacy Practices of Third Parties

This Privacy Policy addresses only our collection, use, and disclosure of information we collect from you through our Service. The Service may contain links to or integrations with other websites, services, or applications that are not owned or controlled by us. We are not responsible for the privacy policies, practices, or content of any third parties, including any third-party service providers mentioned in Section 14 or any other websites, services, or applications that may link to or from our Service.

Your browsing and interaction on any third-party website, service, or application, including those that have a link on our Service, are subject to that third party's own rules and policies. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

19. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

20. Contact Us

If you have any questions about this Privacy Policy, please contact us:

When contacting us, please include enough information for us to identify your account, including your name and email address used with our Service.

14. Specific Service Providers

14.1 Supabase

We use Supabase for database management, authentication, and storage. Supabase's privacy policy can be found at: https://supabase.com/privacy

14.2 Vercel

We use Vercel for hosting and deployment services. Vercel's privacy policy can be found at: https://vercel.com/legal/privacy-policy

14.3 UploadThing

We use UploadThing for media file storage and delivery. UploadThing's privacy policy should be consulted on their official website.

15. Email Authentication

Our Service uses a "magic link" email authentication system. This means:

  • We store your email address for account identification and authentication
  • We send one-time authentication links to your email
  • We do not store traditional passwords
  • Email links expire after a short period for security
  • Authentication sessions may persist in your browser until you sign out

16. Local Storage and Cookies

We use local storage and cookies to:

  • Remember your authentication state
  • Store your site preferences (such as theme selection)
  • Maintain anonymous authentication sessions
  • Track site analytics

17. Access Control System

Our Service includes an access control system that may:

  • Check your email domain to determine content access eligibility
  • Store information about which users can access private content
  • Record basic access logs for security purposes