Privacy Policy
Last Updated: March 2, 2026
StraightForks ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our authentication and account management services.
1. Information We Collect
1.1 Information You Provide
When you create an account, we collect:
- Account Information: Name, email address, and password (if using email authentication)
- Profile Information: Profile picture (optional)
1.2 Information from Third-Party Authentication
When you sign in using Google or Discord, we receive:
- Google: Name, email address, profile picture, and email verification status
- Discord: Username, email address, and avatar
We do not receive or store your passwords from third-party providers.
1.3 Information Collected Automatically
When you use our services, we automatically collect:
- Session Data: IP address, user agent (browser/device information)
- Authentication Events: Login timestamps, session tokens
- Cookies: Essential cookies for maintaining your session
2. How We Use Your Information
We use your information to:
- Provide Services: Create and manage your account, authenticate you across our applications
- Security: Detect and prevent fraud, unauthorized access, and abuse
- Communication: Send important account notifications (password resets, security alerts)
- Improvement: Analyze usage patterns to improve our services
We do not use your information for advertising or sell it to third parties.
3. Information Sharing
3.1 Connected Applications
When you use your StraightForks account with applications in our ecosystem (such as Comify), we share:
- Your name
- Your email address
- Your profile picture
Each application has its own privacy policy governing how they use this information.
3.2 Service Providers
We may share information with service providers who assist us in operating our services, subject to confidentiality obligations:
- Hosting providers
- Analytics services (self-hosted, privacy-focused)
3.3 Legal Requirements
We may disclose information if required by law or if we believe disclosure is necessary to:
- Comply with legal process
- Protect our rights or safety
- Prevent fraud or security issues
4. Data Retention
We retain your account information for as long as your account is active. When you delete your account:
- Account Data: Deleted within 30 days
- Session Data: Deleted immediately
- Backups: Purged within 90 days
Some data may be retained longer if required by law or for legitimate business purposes.
5. Data Security
We implement appropriate technical and organizational measures to protect your information:
- Encryption in transit (TLS/HTTPS)
- Secure password hashing
- Regular security assessments
- Access controls and audit logging
No system is 100% secure. If you believe your account has been compromised, contact us immediately.
6. Your Rights
Depending on your location, you may have the right to:
- Access: Request a copy of your personal data
- Correction: Update inaccurate information
- Deletion: Delete your account and associated data
- Portability: Receive your data in a portable format
- Objection: Object to certain processing activities
To exercise these rights, contact us at [email protected].
6.1 European Users (GDPR)
If you are in the European Economic Area, you have additional rights under GDPR. Our legal basis for processing is:
- Contract: To provide our services to you
- Legitimate Interest: For security and fraud prevention
- Consent: Where required by law
6.2 California Users (CCPA)
California residents have the right to know what personal information we collect and to request deletion. We do not sell personal information.
7. Cookies
We use essential cookies to:
- Maintain your authentication session
- Remember your preferences
- Ensure security
We do not use tracking cookies or third-party advertising cookies.
8. Children's Privacy
Our services are not directed to children under 13. We do not knowingly collect information from children under 13. If you believe we have collected such information, please contact us.
9. International Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or through our services. Your continued use constitutes acceptance.
11. Contact Us
For privacy-related questions or to exercise your rights:
Email: [email protected]
Data Protection Officer: [email protected]
This Privacy Policy is effective as of the date stated above.