|
@@ -0,0 +1,226 @@
|
|
|
|
|
+import type { Metadata } from "next";
|
|
|
|
|
+
|
|
|
|
|
+export const metadata: Metadata = {
|
|
|
|
|
+ title: "Privacy Policy - MovieDice",
|
|
|
|
|
+ description: "MovieDice privacy policy and data handling practices.",
|
|
|
|
|
+};
|
|
|
|
|
+
|
|
|
|
|
+export default function PrivacyPage() {
|
|
|
|
|
+ return (
|
|
|
|
|
+ <main className="mx-auto max-w-3xl px-4 py-12">
|
|
|
|
|
+ <h1 className="text-3xl font-bold">Privacy Policy</h1>
|
|
|
|
|
+ <p className="mt-2 text-sm text-foreground/50">Last updated: April 6, 2026</p>
|
|
|
|
|
+
|
|
|
|
|
+ <div className="mt-8 space-y-8 text-foreground/80 leading-relaxed [&_h2]:text-xl [&_h2]:font-semibold [&_h2]:text-foreground [&_h3]:text-base [&_h3]:font-medium [&_h3]:text-foreground [&_ul]:list-disc [&_ul]:pl-5 [&_ul]:space-y-1">
|
|
|
|
|
+ <section>
|
|
|
|
|
+ <h2>1. Controller Identity</h2>
|
|
|
|
|
+ <p className="mt-2">
|
|
|
|
|
+ MovieDice is operated as a self-hosted application by its administrator (the
|
|
|
|
|
+ "Controller"). The Controller is responsible for determining the purposes and
|
|
|
|
|
+ means of processing personal data collected through this application. For data-related
|
|
|
|
|
+ inquiries, contact the site administrator through the channels provided on this site.
|
|
|
|
|
+ </p>
|
|
|
|
|
+ </section>
|
|
|
|
|
+
|
|
|
|
|
+ <section>
|
|
|
|
|
+ <h2>2. Lawful Basis for Processing</h2>
|
|
|
|
|
+ <p className="mt-2">We process personal data under the following lawful bases:</p>
|
|
|
|
|
+ <ul className="mt-2">
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Legitimate interest:</strong> Processing anonymous identifiers and group
|
|
|
|
|
+ membership data to provide the core movie list and randomizer functionality.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Consent:</strong> Where required by applicable law, your continued use of the
|
|
|
|
|
+ service constitutes consent to the processing described in this policy.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Legal obligation:</strong> We may process data to comply with applicable legal
|
|
|
|
|
+ requirements.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ </ul>
|
|
|
|
|
+ </section>
|
|
|
|
|
+
|
|
|
|
|
+ <section>
|
|
|
|
|
+ <h2>3. Data Inventory and Retention</h2>
|
|
|
|
|
+ <p className="mt-2">We collect and store the following data:</p>
|
|
|
|
|
+
|
|
|
|
|
+ <h3 className="mt-4">Anonymous User Identifier (UUID)</h3>
|
|
|
|
|
+ <p className="mt-1">
|
|
|
|
|
+ A randomly generated unique identifier created via Supabase Anonymous Sign-In. This is
|
|
|
|
|
+ not linked to any email, phone number, or real-world identity. Retained until 12 months
|
|
|
|
|
+ of inactivity, after which the account and all associated data are automatically
|
|
|
|
|
+ deleted.
|
|
|
|
|
+ </p>
|
|
|
|
|
+
|
|
|
|
|
+ <h3 className="mt-4">Display Name</h3>
|
|
|
|
|
+ <p className="mt-1">
|
|
|
|
|
+ A user-chosen name (up to 30 characters) used to identify contributions within a group.
|
|
|
|
|
+ This is not verified and does not need to be a real name. Retained for the lifetime of
|
|
|
|
|
+ the account.
|
|
|
|
|
+ </p>
|
|
|
|
|
+
|
|
|
|
|
+ <h3 className="mt-4">Group Membership</h3>
|
|
|
|
|
+ <p className="mt-1">
|
|
|
|
|
+ Records of which groups a user belongs to and their role (admin or member). Deleted when
|
|
|
|
|
+ a user leaves a group or when the account is deleted.
|
|
|
|
|
+ </p>
|
|
|
|
|
+
|
|
|
|
|
+ <h3 className="mt-4">Movie Preferences</h3>
|
|
|
|
|
+ <p className="mt-1">
|
|
|
|
|
+ Movies added to group lists, including which user added them and watched status. The
|
|
|
|
|
+ association with a specific user is set to null if the user's account is deleted
|
|
|
|
|
+ (the movie remains on the list). Retained for the lifetime of the group.
|
|
|
|
|
+ </p>
|
|
|
|
|
+
|
|
|
|
|
+ <h3 className="mt-4">Recovery Code</h3>
|
|
|
|
|
+ <p className="mt-1">
|
|
|
|
|
+ A one-time-use 24-character code hashed with Argon2id before storage. The plaintext is
|
|
|
|
|
+ shown once and never stored. The hash is deleted after successful use or account
|
|
|
|
|
+ deletion.
|
|
|
|
|
+ </p>
|
|
|
|
|
+
|
|
|
|
|
+ <h3 className="mt-4">Server Logs</h3>
|
|
|
|
|
+ <p className="mt-1">
|
|
|
|
|
+ Standard HTTP server logs including IP addresses, user agent strings, request paths, and
|
|
|
|
|
+ timestamps. These are used for security monitoring and debugging. Log rotation is
|
|
|
|
|
+ configured with a maximum size of 10MB per file and a maximum of 5 files, resulting in
|
|
|
|
|
+ automatic deletion as logs rotate.
|
|
|
|
|
+ </p>
|
|
|
|
|
+ </section>
|
|
|
|
|
+
|
|
|
|
|
+ <section>
|
|
|
|
|
+ <h2>4. Third-Party Recipients</h2>
|
|
|
|
|
+ <ul className="mt-2">
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>TMDB (The Movie Database):</strong> We send API requests to TMDB to search for
|
|
|
|
|
+ movies and retrieve movie metadata (posters, titles, genres). These requests are made
|
|
|
|
|
+ server-side and do not include your user identifier. TMDB's privacy policy is
|
|
|
|
|
+ available at{" "}
|
|
|
|
|
+ <a
|
|
|
|
|
+ href="https://www.themoviedb.org/privacy-policy"
|
|
|
|
|
+ target="_blank"
|
|
|
|
|
+ rel="noopener noreferrer"
|
|
|
|
|
+ className="underline hover:text-foreground"
|
|
|
|
|
+ >
|
|
|
|
|
+ themoviedb.org/privacy-policy
|
|
|
|
|
+ </a>
|
|
|
|
|
+ .
|
|
|
|
|
+ </li>
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Sentry:</strong> We use Sentry for error monitoring. Error reports may include
|
|
|
|
|
+ request metadata but never include user identifiers. UUID path segments are stripped
|
|
|
|
|
+ before transmission. Sentry's privacy policy is available at{" "}
|
|
|
|
|
+ <a
|
|
|
|
|
+ href="https://sentry.io/privacy/"
|
|
|
|
|
+ target="_blank"
|
|
|
|
|
+ rel="noopener noreferrer"
|
|
|
|
|
+ className="underline hover:text-foreground"
|
|
|
|
|
+ >
|
|
|
|
|
+ sentry.io/privacy
|
|
|
|
|
+ </a>
|
|
|
|
|
+ .
|
|
|
|
|
+ </li>
|
|
|
|
|
+ </ul>
|
|
|
|
|
+ </section>
|
|
|
|
|
+
|
|
|
|
|
+ <section>
|
|
|
|
|
+ <h2>5. International Transfers</h2>
|
|
|
|
|
+ <p className="mt-2">
|
|
|
|
|
+ Error monitoring data sent to Sentry may be processed on servers located in the United
|
|
|
|
|
+ States. Sentry participates in the EU-US Data Privacy Framework. All other data (user
|
|
|
|
|
+ accounts, group data, movie lists) is stored on the self-hosted server and does not
|
|
|
|
|
+ leave the hosting jurisdiction unless explicitly configured otherwise by the
|
|
|
|
|
+ administrator.
|
|
|
|
|
+ </p>
|
|
|
|
|
+ </section>
|
|
|
|
|
+
|
|
|
|
|
+ <section>
|
|
|
|
|
+ <h2>6. Your Rights</h2>
|
|
|
|
|
+ <p className="mt-2">
|
|
|
|
|
+ Depending on your jurisdiction, you may have the following rights regarding your
|
|
|
|
|
+ personal data:
|
|
|
|
|
+ </p>
|
|
|
|
|
+ <ul className="mt-2">
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Right of access:</strong> Request a copy of the data we hold about you.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Right to rectification:</strong> Update your display name at any time within
|
|
|
|
|
+ the app.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Right to erasure:</strong> Delete your account, which removes your user
|
|
|
|
|
+ record, group memberships, and nullifies movie attribution.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Right to restrict processing:</strong> Contact the administrator to request
|
|
|
|
|
+ processing restrictions.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Right to data portability:</strong> Contact the administrator to request your
|
|
|
|
|
+ data in a machine-readable format.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Right to object:</strong> Contact the administrator to object to processing
|
|
|
|
|
+ based on legitimate interest.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ </ul>
|
|
|
|
|
+ <p className="mt-2">
|
|
|
|
|
+ To exercise these rights, contact the site administrator. You may also have the right to
|
|
|
|
|
+ lodge a complaint with your local data protection authority.
|
|
|
|
|
+ </p>
|
|
|
|
|
+ </section>
|
|
|
|
|
+
|
|
|
|
|
+ <section>
|
|
|
|
|
+ <h2>7. Children's Privacy</h2>
|
|
|
|
|
+ <p className="mt-2">
|
|
|
|
|
+ MovieDice is not intended for use by children under the age of 13. We do not knowingly
|
|
|
|
|
+ collect personal data from children under 13. In the European Economic Area, the service
|
|
|
|
|
+ is not intended for users under the age of 16 without parental consent, in accordance
|
|
|
|
|
+ with the GDPR. If you believe a child has provided data through this service, please
|
|
|
|
|
+ contact the administrator to request its deletion.
|
|
|
|
|
+ </p>
|
|
|
|
|
+ </section>
|
|
|
|
|
+
|
|
|
|
|
+ <section>
|
|
|
|
|
+ <h2>8. Cookies and Local Storage</h2>
|
|
|
|
|
+ <p className="mt-2">MovieDice uses the following browser storage mechanisms:</p>
|
|
|
|
|
+ <ul className="mt-2">
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Authentication cookies:</strong> HttpOnly, Secure, SameSite=Strict cookies
|
|
|
|
|
+ managed by Supabase for session authentication. These are essential for the service to
|
|
|
|
|
+ function and cannot be disabled.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>Admin session cookies:</strong> Encrypted iron-session cookies for admin panel
|
|
|
|
|
+ authentication (8-hour expiry).
|
|
|
|
|
+ </li>
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>IndexedDB:</strong> Used for offline caching of movie list data via TanStack
|
|
|
|
|
+ Query persistence. This data stays on your device and is not transmitted to any
|
|
|
|
|
+ server.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ <li>
|
|
|
|
|
+ <strong>localStorage:</strong> May be used by Supabase client libraries for token
|
|
|
|
|
+ management.
|
|
|
|
|
+ </li>
|
|
|
|
|
+ </ul>
|
|
|
|
|
+ <p className="mt-2">
|
|
|
|
|
+ We do not use any third-party tracking cookies or analytics cookies.
|
|
|
|
|
+ </p>
|
|
|
|
|
+ </section>
|
|
|
|
|
+
|
|
|
|
|
+ <section>
|
|
|
|
|
+ <h2>9. Changes to This Policy</h2>
|
|
|
|
|
+ <p className="mt-2">
|
|
|
|
|
+ We may update this privacy policy from time to time. Changes will be indicated by
|
|
|
|
|
+ updating the "Last updated" date at the top of this page. For significant
|
|
|
|
|
+ changes, we will display a notice within the application. Continued use of the service
|
|
|
|
|
+ after changes constitutes acceptance of the updated policy.
|
|
|
|
|
+ </p>
|
|
|
|
|
+ </section>
|
|
|
|
|
+ </div>
|
|
|
|
|
+ </main>
|
|
|
|
|
+ );
|
|
|
|
|
+}
|