Privacy Policy

:site is the data controller responsible for processing your personal data under this policy.

For privacy-related requests, contact us through the platform’s contact channels or the email address associated with your account.

We may process the following categories of data to provide the service:

• Account data: username, email address, password hash, registration date
• Profile data: display name, bio, avatar, background, theme preferences, social and custom links
• Discord sign-in: Discord user ID and basic profile information shared during OAuth
• Technical data: IP address, browser type, session identifiers, security and error logs
• Usage data: profile views, click statistics, and in-platform interactions
• Report data: username and reason text submitted when reporting a profile

Your personal data is processed for the following purposes:

• Account creation, authentication, and session management
• Publishing and customizing your bio-link profile
• Security, fraud prevention, abuse detection, and rate limiting
• Improving service quality and technical support
• Compliance with legal obligations
• Marketing or informational communications where you have given explicit consent (if applicable)

Depending on your jurisdiction, we process data based on contract performance, legal obligation, legitimate interests (such as security and service integrity), and where required, your consent.

When relying on legitimate interests, we balance our needs against your rights and freedoms.

If you sign in with Discord OAuth, Discord’s privacy policy applies to data handled on their side; we only process data necessary for authentication.

Infrastructure partners (hosting, CDN, fonts, or analytics) may access data only as needed to operate the service. Where required, we use agreements that impose privacy and security obligations.

The platform uses essential cookies and server-side session data to keep you signed in, remember language preferences, and protect security (including CSRF protection).

You may limit cookies in your browser settings; some features may not work correctly if you do.

We retain your data while your account is active and as long as needed to provide the service.

Upon account deletion or when legal grounds expire, we delete or anonymize data within a reasonable period; backup copies may be kept for a limited time for security purposes.

Passwords are stored using one-way hashing. We apply measures such as HTTPS, CSRF protection, rate limiting, secure session cookies, and upload validation.

No system is 100% secure; in the event of a breach, we aim to notify affected users within applicable legal timeframes.

Depending on applicable law, you may have the right to access, rectify, erase, restrict, or object to processing, and to data portability or complaint to a supervisory authority.

We verify identity before fulfilling requests and respond within timeframes required by law.

We may update this policy. Material changes will be announced on the platform or through appropriate channels.

Continued use after the update date constitutes acceptance of the revised policy.

For privacy questions or data requests, use the contact link on the platform.

Including your account username and request type helps us respond faster.