Privacy Policy

Last updated: February 14, 2026

1. What We Collect

When you sign in via Discord or Google, we receive and store:

• Your provider user ID (Discord ID or Google ID)
• Your username / display name
• Your avatar / profile picture URL
• Your email address (Google only - used solely to identify your account)

We do not request or receive your password from any provider.

2. How We Use It

• Authentication - to log you in and maintain your session
• Display - to show your name and avatar next to your comments
• Account linking - to let you connect multiple login methods to one account

We do not sell, share, or use your data for advertising or marketing purposes.

3. Cookies

We use a single HttpOnly session cookie (session) containing a signed JWT token. It expires after 30 days. No tracking cookies, analytics cookies, or third-party cookies are used.

4. Data Storage

Your account data, comments, likes, and favorites are stored in a Cloudflare D1 database. Data is transmitted over HTTPS and is not shared with third parties.

5. Third-Party Services

• Cloudflare - hosting, CDN, and database (D1)
• Discord OAuth2 - login provider
• Google OAuth2 - login provider
• Google Fonts - typeface loading
• Cloudflare Turnstile - bot protection on comment forms

Each service has its own privacy policy. We only receive the minimal profile data described above.

7. Your Rights

You can:

• View your data on the Account page
• Edit or delete your comments at any time
• Change your display nickname
• Unlink a connected login provider
• Request deletion of your account by contacting the site owner

8. Data Retention

Account data is retained as long as your account exists. Deleted comments are soft-deleted (marked as removed) for moderation purposes and may be permanently purged periodically.

9. Changes

This policy may be updated occasionally. The "last updated" date at the top will reflect any changes.

10. Contact

Questions? Reach out via the links on the About page.