Privacy Policy

Last updated: 2025-08-23

This Privacy Policy explains how 纯糖工具站 collects, uses, stores, and protects your personal information. By using this personal site or its related page features, you acknowledge and agree to the terms of this policy.

1. Information We Collect

• Account info: username, email, avatar, etc.
• Auth info: access token and refresh token (kept in httpOnly cookie).
• Logs: request time, partially masked IP, user-agent, error logs.
• Optional info you actively submit (e.g., profile bio).

2. How We Use Information

• Provide and maintain accounts and sessions (including refresh token rotation).
• Password reset, email verification, and security auditing.
• Product improvement, troubleshooting, and service quality.

3. Cookies and Local Storage

• Refresh token is stored only in an httpOnly cookie; the frontend keeps a short-lived access token and preferences.
• You can clear cache and cookies in the browser to sign out or reset preferences.

4. Data Retention and Security

• Uploads are stored under a controlled persistent directory at /uploads/.
• In production we enforce HTTPS and strict security headers (CSP, CORP, SameSite cookies, etc.).
• We retain data for the minimum period necessary to fulfill the stated purposes.

5. Your Rights

• Access and rectification on the Profile page.
• Revoke sessions to invalidate historical refresh tokens.
• Deletion requests can be submitted via email (subject to applicable laws).

6. Third-party Services

When using third-party services (mail, object storage, logging/analytics), we assess compliance and minimize data sharing.

7. Contact Us

For any questions about this policy, email Y33877144@outlook.com.

Back to Home · Terms of Service