Privacy Policy
Last updated: February 2025
1. Data Controller
The data controller for this service is Philip Allen Bennett, freelancer registered in Germany. Contact: punkleadership.com.
2. Data We Collect
When you sign in via GitHub OAuth, we receive and store:
- GitHub user ID
- GitHub username
- Avatar URL
- OAuth access token (encrypted at rest)
We also store any ideas, votes, and other content you submit through the platform.
3. Legal Basis
We process your data under Art. 6(1)(b) GDPR β processing is necessary for the performance of a contract (providing the Service to you upon your registration).
4. Cookies
We use a single essential cookie (session) containing a signed JWT for authentication. No tracking cookies, analytics cookies, or third-party cookies are used.
5. Data Retention & Deletion
Your data is retained for as long as your account exists. You may request deletion of your account and all associated data at any time by contacting us. Upon deletion, all personal data is permanently removed within 30 days.
6. Third Parties
- GitHub API β used for OAuth authentication.
- Hosting provider β infrastructure hosting with servers located in the EU/US.
We do not sell, rent, or share your data with any other third parties.
7. Your Rights Under GDPR
As a data subject in the EU, you have the right to:
- Access β request a copy of the personal data we hold about you.
- Rectification β correct any inaccurate personal data.
- Erasure β request deletion of your personal data.
- Portability β receive your data in a structured, machine-readable format.
- Complaint β lodge a complaint with a supervisory authority (e.g., the Berliner Beauftragte fΓΌr Datenschutz).
8. Contact
For privacy-related enquiries, please contact Philip Allen Bennett via punkleadership.com.