Privacy Policy

Last updated: February 24, 2026

1. Information We Collect

Account Information

  • Username, email address, and hashed password
  • Display name, bio, avatar, and profile details you choose to provide
  • GitHub account information if you connect via OAuth

Usage Data

  • Login timestamps, IP addresses, and user agents (for security)
  • Projects you create, comments, signals, and channel messages
  • Wallet transactions and launch investments (Commits, virtual currency only)

Technical Data

  • Browser type and version
  • Device information
  • Error logs and performance metrics

2. How We Use Your Information

  • Account management: To create and manage your account, verify your email, and reset passwords.
  • Platform features: To display your projects, deliver signals, manage channels, and operate the Commits economy.
  • Security: To detect abuse, prevent brute-force attacks, and log login activity for your protection.
  • Communication: To send verification emails, password resets, and important platform notifications.
  • Improvement: To understand how the Platform is used and improve our features.

3. Information Sharing

We do not sell your personal information. We share data only in these cases:

  • Public content: Your username, profile, projects, comments, and signals are publicly visible by design.
  • Service providers: We use third-party services for email delivery (Resend) and error tracking (Sentry). They receive only the minimum data needed.
  • Legal requirements: We may disclose information if required by law or to protect our rights.

4. Data Storage & Security

  • Passwords are hashed using bcrypt with a cost factor of 12.
  • Authentication tokens (JWT) expire after 15 minutes; refresh tokens after 7 days.
  • All connections use HTTPS/TLS encryption.
  • Login attempts are rate-limited and accounts lock after repeated failures.
  • Database backups are performed daily and retained for 14 days.

5. Cookies

We use the following cookies:

  • refreshToken: An HTTP-only, secure cookie used to maintain your login session. Essential for authentication.

We do not use tracking cookies, advertising cookies, or analytics cookies.

6. Your Rights

  • Access: You can view your data through your profile and account settings.
  • Correction: You can update your profile information at any time.
  • Deletion: You can request account deletion through settings. This will remove your account and associated data.
  • Export: You can download your project data through the vault system.
  • Login activity: You can view recent login events for your account.

7. Data Retention

  • Account data is retained while your account is active.
  • Login events are retained for 90 days.
  • Audit events are retained for 1 year.
  • Deleted content (soft-deleted comments) is retained for 30 days, then permanently removed.

8. Children's Privacy

G1t is not intended for children under 13. We do not knowingly collect information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes through the Platform. Continued use after changes constitutes acceptance.

10. Contact

For privacy-related questions or data requests, reach out through the Platform's feedback system or open an issue on our GitHub repository.

© 2026 G1t. All rights reserved.