Privacy Policy

Last updated: 2026-06-18 · version v2.0

1. Introduction

This website values openness and transparency. We want you to know what kind of information we collect, how we handle it, and the choices you have. The system behind this website is deliberately simple and uses plain text storage for most of its data. While this makes development easy and lightweight, it also means data protection is limited. Please read this document carefully before using the website.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use this website and its services. It applies to all pages, features, and functionality offered through the site. By accessing or using the website, you agree to the terms described in this policy. If you do not agree, please do not use the site.

We reserve the right to update or modify this policy at any time. When we do, we will update the date at the top of this page. We encourage you to review this policy periodically.

2. What Information We Collect

The website only gathers the minimum information necessary for its basic features to work. We do not attempt to build user profiles, perform analytics, or track visitors across other websites.

2.1 Information You Provide Directly

Account credentials: Username, password (hashed), and email address when you register.

Inventory data: Items you add to your personal inventory, including serial numbers, product details, and uploaded images.

Store interactions: Products you add to your cart, purchase history, and any support requests.

Contact form submissions: Name, email, and message content when you reach out via the contact page.

Key management: Product keys you upload, activate, or inspect through the key system.

2.2 Information Collected Automatically

Server logs: IP address, browser type, operating system, referring URLs, and access timestamps.

Login activity: Successful and failed login attempts with timestamps and IP addresses.

Usage patterns: Basic page visit data for internal debugging and feature improvement.

Error diagnostics: Stack traces and error messages generated when something goes wrong.

2.3 Information from Third Parties

Cloudflare: As our CDN and DNS provider, Cloudflare may collect and process IP addresses, geographic data, and traffic patterns.

Embedded services: Content embedded from other services (e.g., Spotify) may collect data according to their own privacy policies.

2.4 Data We Do Not Collect

We do not collect sensitive personal data such as social security numbers, financial information, or health records.

We do not use cookies for advertising, retargeting, or cross-site tracking.

We do not sell or rent your personal information to any third party.

3. How and Where We Store Data

All collected information is stored on private servers under the control of our site administrators.

3.1 Storage Methods

Plain text files: Many data types (registration times, login times, serials, inventory) are stored as text files on the server. This approach is simple but offers limited encryption.

Hashed passwords: User passwords are stored using hashing algorithms. We do not store passwords in plain text.

Uploaded files: Product images and other user-uploaded content are securely stored on the server filesystem.

Backup files: Periodic backups of inventory and user data are maintained in separate backup directories.

3.2 Data Security Measures

Server access is restricted to authorized administrators only.

HTTPS is enforced to encrypt data in transit between your browser and our servers.

Cloudflare provides protection and additional security.

Regular backups are maintained to prevent data loss.

Important: Because much of our data is stored in plain text files, we cannot guarantee the same level of data protection as larger companies with encrypted databases. We are working on improving this and implementing databases and encryption.

3.3 Data Location

Our servers are located in the EU. By using this website, you consent to the storage and processing of your data on our servers. We do not currently use distributed or multi-region storage.

4. Why We Keep Data

The purpose of data collection is limited to keeping the website functional and secure. We use the data for:

Authentication: Verifying simple logins and registrations to protect your account.

Feature functionality: Reviewing errors or testing new features to improve the user experience.

Usage monitoring: Checking usage activity in a basic, local way to understand how the site is used.

Inventory management: Maintaining your personal inventory, serial number lookup tools, and product key systems.

Store operations: Processing cart items, managing product listings, and handling store requests.

Communication: Responding to your contact form submissions and support inquiries.

Security: Detecting and preventing unauthorized access, brute-force attacks, and other security threats.

Legal compliance: Meeting any applicable legal obligations or responding to lawful requests.

The data is never sold to any third parties. There are no advertising networks, no tracking pixels, and no hidden analytics running in the background.

5. Cookies and Browser Storage

The site uses minimal browser storage to function properly.

Session cookies: Used to keep you logged in while you navigate the site. These expire when you close your browser.

CSRF tokens: Generated for form submissions to prevent cross-site request forgery attacks.

No tracking cookies: We do not use cookies for analytics, advertising, or cross-site tracking.

No third-party cookies: We do not set cookies from external domains.

You can disable cookies in your browser, but this may prevent certain features (like login) from working correctly.

6. How Long We Keep It

We do not have fixed retention periods. Data can remain on the server indefinitely. If you would like your entries or account information removed, you can request this via email.

6.1 Data Retention by Type

Account data: Retained until you request deletion or we remove it for inactivity.

Inventory data: Retained as long as your account is active or until you request deletion.

Contact messages: Retained for reference and support purposes indefinitely.

Server logs: May be retained for an extended period for debugging and security analysis.

Backup data: Backups are maintained on a rolling basis and may contain older copies of your data.

7. Who Has Access

Access to stored data such as user accounts and submissions is restricted to the site owner and any system administrators who maintain the server. Personal inventory data is only accessible to the user who created it. There is no third-party access.

7.1 Access Controls

Only authorized administrators have server access.

User data is separated by user account where technically feasible.

Public data (e.g., product listings) is accessible to all visitors.

8. Third-Party Services

This website uses the following third-party services. Their privacy policies apply to any data they collect:

Cloudflare: Provides CDN, DNS, DDoS protection, and security services. See Cloudflare Privacy Policy.

We do not control these third-party services and are not responsible for their privacy practices. We encourage you to review their policies.

9. Data Sharing

We do not share or sell user information. Data may only be disclosed if required by law or to investigate technical problems that threaten the operation of the website.

9.1 Exceptions

If required by law, court order, or governmental request.

To protect the rights, property, or safety of the site, its users, or the public.

To detect, prevent, or address fraud, security, or technical issues.

In connection with a business transfer (e.g., sale of the website), where data would be transferred as an asset.

10. Your Rights

Access: You can request a copy of your stored data.

Correction: You can ask us to correct inaccurate or incomplete information.

Deletion: You can request the deletion of your stored data.

Objection: You can object to the processing of your personal data.

Portability: You can request your data in a machine-readable format.

Withdrawal of consent: Where processing is based on consent, you can withdraw it at any time.

Stop using the site: You can stop using the site at any time, which stops further data collection.

To exercise any of these rights, please contact us at [email protected].

Because the storage system is complex, finding and removing entries may take time, but we will respond to reasonable requests as soon as possible.

11. Children's Privacy

This website is not directed to children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

12. International Data Transfers

Your data may be transferred to and processed in countries other than the country where you reside. These countries may have data protection laws that differ from your local laws. By using this website, you consent to the transfer of your data to our servers and processing in those jurisdictions.

13. Data Breaches

In the event of a data breach that affects your personal information, we will notify affected users via email or a prominent notice on the website, where required by applicable law. We will also cooperate with relevant authorities to investigate and resolve any security issues.

14. Security

We take reasonable measures to protect your data, but no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

HTTPS encryption is used for data in transit.

Passwords are hashed before storage.

CSRF protection is implemented on all forms.

Server access is restricted and monitored.

Please report any security concerns to [email protected].

15. Changes to This Policy

This privacy policy may change from time to time. Updates will be reflected by a new date at the top of this page. The version posted here always represents the current policy.

We encourage you to review this policy periodically. Continued use of the website after changes constitutes your acceptance of the updated policy.

16. Contact

If you have any questions about this policy, please contact the site administrator at [email protected].

For data-related requests (access, correction, deletion), please include your full name and a clear description of the request in your email.