logoOnlycode

Privacy Policy

Introduction

We are pleased about your interest in our platform OnlyCode.pro. Protecting your personal data is important to us. In this privacy policy, we explain how we process your data, your rights, and the measures we take to protect your information.

Controller

OnlyCode.pro
Email: dev@onlycode.pro

Data Protection Officer

You can contact our Data Protection Officer via email at dev@onlycode.pro.

What Data We Process

Data from Unregistered Users

  • User-Agent: Used for the technical operation of the platform.
  • These data are not stored but only processed in the request.

Data from Registered Users

When signing in through GitHub OAuth, we store the following personal data:

  • Email address
  • Username and full name (if provided by GitHub)
  • Profile picture URL
  • Provider ID (GitHub user ID)
  • Last login timestamp

Additionally, we store:

  • Session IDs and tokens for authentication
  • Cookie data (see below)

Cookies

We use cookies to ensure the functionality of the platform.

Types of Cookies:

  1. Essential Cookies:

    • Store session IDs and login tokens.
    • Expiration: 1 month (refreshed upon new login).

  2. Optional Cookies:

    • No marketing cookies are currently in use.

Cookie Consent

When visiting the platform for the first time, we ask for your consent to use cookies via a cookie banner.

Purposes of Data Processing

  • Operating and maintaining the functionality of the platform.
  • Authenticating and managing user accounts.
  • Facilitating payments and transactions via Stripe.
  • Ensuring security and protection against abuse (SSL encryption and server-side data processing).

Third-Party Services

We use the following third-party providers that process personal data. All providers are GDPR-compliant:

  1. GitHub OAuth: For user authentication.
  2. Stripe: For payment processing.
  3. Supabase: For app logic and PostgreSQL database storage (located in the USA, data transfer under Standard Contractual Clauses (SCCs)).
  4. Vercel: For hosting and platform operations.

Data Transfer to Third Countries

Data transfer to the USA occurs via:

  • Supabase (cloud storage).
  • Stripe (payment processing).

Both providers are certified under the EU's Standard Contractual Clauses (SCCs) and comply with GDPR requirements.

User Rights

You have the following rights regarding your personal data:

  1. Right to Access (Art. 15 GDPR): Request information about your stored data at any time.
  2. Right to Rectification (Art. 16 GDPR): Correct inaccurate data.
  3. Right to Deletion (Art. 17 GDPR): Delete your account, and all your data will be completely erased within 30 days.
  4. Right to Restrict Processing (Art. 18 GDPR): Object to data processing, and we will no longer process your data.
  5. Right to File a Complaint: If you have data protection concerns, contact your local data protection authority.

Data Retention and Deletion

  • Unregistered Users: No data is stored.
  • Registered Users: Data will be fully deleted 30 days after account termination.

Security

  • SSL encryption for all data transmissions.
  • Server-side processing of all requests.
  • Data stored securely in a PostgreSQL database.

Contact

For questions or data protection inquiries, contact us at:
Email: dev@onlycode.pro