Skip to content

Privacy Policy

Last updated: March 2026

This privacy policy explains how this portfolio website collects, uses, and protects your personal information.

Data I Collect

When you authenticate via Google or GitHub OAuth, i receive your public profile information: display name, email address, and profile avatar URL. This data is provided by the OAuth provider and stored securely in our database. When you post a comment, i store the comment text, your user ID, and a timestamp. I do not collect payment information, location data, or any sensitive personal data.

OAuth Authentication

I use Google and GitHub OAuth solely for authentication purposes — to verify your identity and allow you to post comments. I do not access your repositories, contacts, emails beyond what is shown in your public profile, or any other resources beyond basic profile information. You may revoke access at any time through your Google or GitHub account settings.

Database & Storage

User data and comments are stored in Supabase, a secure cloud database platform. Supabase is GDPR-compliant and stores data in secure data centers. Your data is never sold to third parties. For Supabase's own privacy practices, refer to supabase.com/privacy.

Email Address Usage

Your email address is collected as part of the OAuth authentication process. It is used solely to identify your account and is never used for marketing, newsletters, or shared with third parties.

Data Retention

Your account data and comments are retained for as long as you maintain an active account. You may request deletion of your data at any time by contacting us. Deleted comments are removed immediately. Account data is removed within 30 days of a deletion request.

Your Rights

You have the right to access the personal data i hold about you, request correction of inaccurate data, request deletion of your data, withdraw consent at any time, and lodge a complaint with a supervisory authority. To exercise any of these rights, contact us using the email address below.

Security

I take reasonable technical and organizational measures to protect your personal information. All data is transmitted over HTTPS. OAuth tokens are never stored — only the resulting user profile is persisted. I regularly review our security practices.

Contact

For any privacy-related questions or data requests, contact:

randyrafael112@gmail.com