Privacy Policy

1. Information We Collect

We collect information you provide directly when using All Things Graph:

• Account Information: Name, email address, username, and password (stored securely using industry-standard hashing)
• Profile Information: Bio, avatar, website URL, and location (optional)
• Content: Posts, comments, and other content you create on the Platform
• Engagement Data: Likes, bookmarks, follows, and reading history

We also collect analytics data (such as scroll depth and time spent reading) with your consent via our cookie preferences.

2. How We Use Your Information

We use your information to:

• Provide and maintain the Platform
• Process account registration and authentication
• Send transactional emails (verification, password reset)
• Display your content and profile to other users
• Generate personalized content recommendations
• Compute engagement metrics and rankings
• Improve the Platform based on usage patterns
• Enforce our Terms of Service

3. Data Sharing

We do not sell your personal data. We may share your information only in the following circumstances:

• Public Content: Posts and comments you publish are visible to other users and may be indexed by search engines
• Service Providers: We use third-party services for email delivery, hosting, and analytics that process data on our behalf
• Legal Requirements: We may disclose information if required by law or to protect our rights and safety

4. Data Retention

We retain your data according to the following schedule:

• User Accounts: 6 months after deletion request (soft-delete period), then permanently deleted
• Posts: 30 days after deletion (soft-delete period), then permanently deleted
• Notifications: Automatically cleaned up after 90 days
• Verification Tokens: Expire after 24 hours
• Password Reset Tokens: Expire after 1 hour

5. Cookies & Tracking

We use cookies for:

• Essential Cookies: Authentication and session management (always active)
• Visitor Tracking: An anonymous visitor ID cookie (atkg_visitor) to track engagement before registration, which is merged with your account upon signup
• Analytics Cookies: Usage analytics (requires consent)

You can manage your cookie preferences at any time through our cookie settings.

6. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Update inaccurate or incomplete data through your profile settings
• Deletion: Delete your account through your account settings (requires password confirmation)
• Data Portability: Request your data in a portable format
• Objection: Object to certain processing of your data

If your account was deleted within the past 6 months, you may contact an administrator to request restoration.

7. Security Measures

We implement appropriate security measures to protect your data:

• Passwords are hashed using bcrypt with appropriate salt rounds
• All data transmission is encrypted using HTTPS
• Email verification is required for protected features
• Rate limiting protects against brute-force attacks
• Regular security audits and updates

8. Children's Privacy

The Platform is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will take steps to delete such information.

9. International Data Transfers

Your information may be processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws, including GDPR and similar regulations.