Privacy Policy

We collect only what we need to operate SiteHub: • Email address — when you create an account • Authentication tokens — managed securely by Supabase Auth • IP address — used for rate limiting and abuse prevention only • Usage data — which sites you view, search queries, favorites, and comments • Device & browser info — for debugging and improving performance We do not collect payment information. We do not sell your data. Ever.

Your data is used exclusively to: • Provide and maintain the SiteHub service • Authenticate your account and maintain sessions • Prevent abuse, spam, and security threats • Improve search relevance and site recommendations • Send transactional emails (e.g., email verification)

SiteHub uses cookies for: • Authentication sessions — required for login to work • Preferences — remembering your mode (Pro/Community) and category We do not use third-party advertising cookies. You can clear cookies at any time via your browser settings, though this will log you out.

We use trusted services to operate the platform: • Supabase — database, authentication, and file storage • Upstash Redis — rate limiting (no personal data stored) • Vercel — hosting and analytics (anonymous usage statistics only) Each of these services has their own privacy policy. We do not share your personal data with advertisers or data brokers.

We process personal data based on: • Consent — when you create an account you agree to these terms • Legitimate interest — security monitoring, spam prevention, and service improvement • Contractual necessity — to provide the account-based features you signed up for

We retain your account data for as long as your account is active. If you delete your account, your personal data (email, profile) is removed within 30 days. Anonymous usage data (visit counts, search patterns) may be retained in aggregate form.

Depending on your location, you may have the right to: • Access a copy of the data we hold about you • Correct inaccurate information • Request deletion of your account and personal data • Object to or restrict certain types of processing To exercise any of these rights, contact us at the email below.

SiteHub is a directory of external websites. When you click through to an external site, that site's own privacy policy applies. We are not responsible for how third-party sites handle your data.

SiteHub is not intended for users under the age of 13. We do not knowingly collect personal data from children. If we become aware that a child under 13 has created an account, we will delete it promptly.

We implement industry-standard security practices including: • Supabase Row Level Security (RLS) on all database tables • Rate limiting on all API endpoints via Upstash Redis • HTTPS enforced across all routes • Input sanitisation and validation on all user-submitted content • Security headers (CSP, HSTS, X-Frame-Options) on every response No system is completely secure, but we take this seriously.

We may update this Privacy Policy from time to time. The effective date at the top of this page reflects when it was last updated. Continued use of SiteHub after changes constitutes acceptance of the updated policy.