Privacy Policy

The short version

We collect as little data as possible. We don't track you, we don't sell your data, and we don't use third-party analytics. Your content is yours.

What we collect

• Passphrase hash: We store a cryptographic hash of your passphrase to identify your blog. We never store your passphrase in plain text.
• Blog content: The posts you write, your blog title, description, and subdomain.
• IP addresses: We log IP addresses temporarily for spam prevention and abuse detection.

Cookies

• Session cookie: We use a cookie called jwt to maintain your session after you enter your passphrase. This cookie is essential for the site to function and expires after 30 days.
• Cloudflare cookies: Cloudflare may set cookies to prevent spam, bot traffic, and DDoS attacks. These are security cookies, not tracking cookies.

What we don't do

• We don't use analytics tools (no Google Analytics, no tracking pixels)
• We don't sell or share your data with third parties
• We don't serve advertisements
• We don't collect email addresses
• We don't track your behavior across the site

Third-party services

• Cloudflare: We use Cloudflare to protect the site from spam, bot traffic, and DDoS attacks. Cloudflare may process your IP address and set security cookies. We do not use Cloudflare Analytics or any tracking features.
• Hosting: We use third-party vendors for hosting and data storage. Your data may be stored on servers operated by these providers.

Your rights

You retain all rights to the content you create. Your blog content belongs to you. You can delete your content at any time by removing posts from your dashboard. If you stop posting, your blog will be automatically deleted after 30 days of inactivity.

Data deletion

Blogs are automatically and permanently deleted after 30 days of inactivity. There is no recovery. This is by design.

Contact

If you have questions about this policy, you can reach us through the platform.