Privacy Policy
Privacy Policy
This Privacy Policy explains how this authentication service collects, uses, stores, and protects personal information when you create an account, sign in, manage your profile, or use single sign-on features.
Information We Collect
We may collect:
- account details such as your email address, username, password hash, and profile information you choose to provide
- authentication and security data such as sign-in attempts, password reset requests, verification events, two-factor authentication status, and active sessions
- device and connection information such as browser family, operating system family, IP address, approximate location derived from IP, and security signals used to detect abuse
- client authorization data when you approve access for connected applications through single sign-on
- support or administrative changes made to your account when needed to operate the service
How We Use Information
We use personal information to:
- create and manage user accounts
- authenticate sign-in requests and maintain secure sessions
- send account-related emails such as verification, password reset, suspicious login, and security alerts
- protect the service against fraud, abuse, unauthorized access, and automated attacks
- operate connected sign-on features for approved applications
- investigate incidents, debug failures, and improve reliability and security
- meet legal, compliance, or enforcement obligations
How We Share Information
We do not sell personal information. We may share limited data only:
- with service providers that help deliver core functions such as email delivery, hosting, or infrastructure operations
- with applications you explicitly authorize through the single sign-on consent flow
- when required to comply with law, regulation, legal process, or to protect the safety, rights, and security of users or the service
Data Retention
We keep account and security records for as long as needed to provide the service, maintain account integrity, resolve disputes, enforce policies, and comply with legal obligations. Retention periods may vary depending on the type of record and the security or operational purpose involved.
Security Measures
We use administrative, technical, and organizational safeguards designed to protect account data. These measures include password hashing, session controls, CSRF protections, security logging, and optional multi-factor authentication. No system can guarantee absolute security, but we work to reduce risk and respond quickly to issues.
Your Choices
Depending on how this service is deployed, you may be able to:
- review or update profile information in your account settings
- change your password
- manage active sessions or authorized applications
- request account-related help from the service operator
International Transfers
If the service or its providers operate in multiple regions, information may be processed in jurisdictions other than your own. In those cases, reasonable steps should be taken to protect the information in line with applicable law.
Children's Privacy
This service is not intended for children unless it is specifically deployed for that purpose by the operator with appropriate authorization and notice.
Changes to This Policy
This Privacy Policy may be updated from time to time to reflect operational, legal, or security changes. The latest published version on this page applies from the listed update date.
Contact
If you have questions about this Privacy Policy or how account data is handled, contact the operator of the service through the support channel made available to you.