Skip to main content
nodestrand.beta
privacy

Privacy

Last updated 1 June 2026

Nodestrand is a two-person side project. We try to keep the data we collect to what's actually needed to run the site. This page is what we collect, why, where it lives, and how to ask us to delete it.

What we collect

When you sign in, your OAuth provider (Google, GitHub, or Discord) shares:

  • your email address
  • your display name
  • your profile picture URL

That becomes your Nodestrand account. We store it in our database.

When you publish a material, we store:

  • the material's T3D text and metadata (title, tags, description, licence)
  • any images or videos you upload
  • when you published it

While you use the site, we also collect:

  • a hashed version of your IP address (we never store the raw IP), used for rate-limiting and abuse detection
  • a session cookie so you stay signed in
  • your browser's user-agent string when you copy or download a material (paired with the IP hash for abuse detection)

Performance analytics

We use PostHog (US region) to monitor performance, not to profile you. Specifically:

  • We capture Core Web Vitals (LCP, CLS, INP, TTFB, FCP) and basic browser/device shape so we can spot when a release makes the editor slower
  • No analytics cookies. PostHog runs in memory-only mode, so closing the tab discards the anonymous identifier
  • No session replay, no autocapture, no pageview tracking
  • A linked person profile is only created when you sign in. Signed-out visitors stay anonymous to PostHog

Where it lives

  • Our database (Neon, EU Frankfurt) for accounts, profiles, materials, comments, and rate-limit counters
  • Our object storage (Cloudflare R2, EU East) for uploaded images and videos
  • Our hosting provider (Vercel, EU regions) for the app itself

Who else processes it

These third parties handle your data on our behalf:

  • Google, GitHub, Discord for OAuth sign-in
  • Vercel for hosting
  • Cloudflare for DNS, CDN, R2 storage, and bot protection
  • Neon for database hosting
  • Upstash for rate-limit counters (Redis, EU)
  • PostHog for performance analytics (US, see "Performance analytics" above)

We don't sell data to advertisers. We don't share it with anyone not listed above.

Why we're allowed to process it (lawful basis)

Under UK / EU GDPR Article 6, our lawful bases are:

  • Contract: running your account, storing the materials you publish, and serving the pages they sit on. Without this data the site can't function.
  • Legitimate interest: abuse prevention, rate-limiting, moderation, and audit logs. We use the minimum needed (hashed IPs, not raw) and weighed it against the impact on you.
  • Consent: the newsletter signup. You can opt out any time by emailing us.

Your rights

Under GDPR you can:

  • ask for a copy of the data we hold about you (access / portability)
  • correct something that's wrong (rectification)
  • delete your account and the data tied to it (erasure)
  • export your published materials
  • object to processing based on legitimate interest
  • lodge a complaint with your supervisory authority (UK ICO, or your country's data protection authority) if you think we've handled your data wrongly

To exercise any of these, email [email protected] from the address tied to your account. We respond within 30 days (the GDPR statutory limit), usually within a week. You can also delete your account yourself at any time from your settings page: this immediately removes your account, sessions, profile, folders, and likes. Materials you published stay online but are no longer linked to you.

How long we keep things

  • Your account and profile: until you delete it (from your settings, or by emailing us). Deleting your account also removes your sessions, folders, and likes
  • Published materials: they stay online until you remove them or we take them down. Deleting your account does not delete the materials you published, they remain but are no longer linked to you. Delete them first if you want them gone
  • Server request logs (Vercel / Cloudflare): rolling 30 days, then discarded automatically by our hosting and CDN
  • IP hashes on copy / download / report events: kept indefinitely for abuse-trend detection, but the hash is salted with a secret only we hold, so the value is not reversible back to an IP without that secret
  • Audit log (moderator actions: bans, approvals, removals, restores): up to 24 months, then purged unless tied to an open dispute or appeal
  • Ban records (the reason, duration, and timestamp on a banned account): kept until 12 months after the ban ends, then expunged on the next cleanup pass. Permanent bans are reviewed on appeal
  • Session rows: deleted when the session expires (default rolling window) or when you sign out. No IP address or user-agent is stored on these rows

Children

The minimum age is 16. We don't knowingly collect data from anyone younger. If you think we have, email us and we'll delete the account.

International transfers

Most of our infrastructure is in the EU. Some sub-processors (Vercel, Cloudflare, Discord, and PostHog) may transfer data to the US under Standard Contractual Clauses. PostHog runs in the US; see "Performance analytics" above for what it does and doesn't collect.

Changes

If we change anything material we'll update this page and surface a notice in the app.

Contact

[email protected]