import type { Metadata } from "next"; export const metadata: Metadata = { title: "Privacy Policy - MovieDice", description: "MovieDice privacy policy and data handling practices.", }; export default function PrivacyPage() { return (

Privacy Policy

Last updated: April 6, 2026

1. Controller Identity

MovieDice is operated as a self-hosted application by its administrator (the "Controller"). The Controller is responsible for determining the purposes and means of processing personal data collected through this application. For data-related inquiries, contact the site administrator through the channels provided on this site.

2. Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Legitimate interest: Processing anonymous identifiers and group membership data to provide the core movie list and randomizer functionality.
  • Consent: Where required by applicable law, your continued use of the service constitutes consent to the processing described in this policy.
  • Legal obligation: We may process data to comply with applicable legal requirements.

3. Data Inventory and Retention

We collect and store the following data:

Anonymous User Identifier (UUID)

A randomly generated unique identifier created via Supabase Anonymous Sign-In. This is not linked to any email, phone number, or real-world identity. Retained until 12 months of inactivity, after which the account and all associated data are automatically deleted.

Display Name

A user-chosen name (up to 30 characters) used to identify contributions within a group. This is not verified and does not need to be a real name. Retained for the lifetime of the account.

Group Membership

Records of which groups a user belongs to and their role (admin or member). Deleted when a user leaves a group or when the account is deleted.

Movie Preferences

Movies added to group lists, including which user added them and watched status. The association with a specific user is set to null if the user's account is deleted (the movie remains on the list). Retained for the lifetime of the group.

Recovery Code

A one-time-use 24-character code hashed with Argon2id before storage. The plaintext is shown once and never stored. The hash is deleted after successful use or account deletion.

Server Logs

Standard HTTP server logs including IP addresses, user agent strings, request paths, and timestamps. These are used for security monitoring and debugging. Log rotation is configured with a maximum size of 10MB per file and a maximum of 5 files, resulting in automatic deletion as logs rotate.

4. Third-Party Recipients

  • TMDB (The Movie Database): We send API requests to TMDB to search for movies and retrieve movie metadata (posters, titles, genres). These requests are made server-side and do not include your user identifier. TMDB's privacy policy is available at{" "} themoviedb.org/privacy-policy .
  • Sentry: We use Sentry for error monitoring. Error reports may include request metadata but never include user identifiers. UUID path segments are stripped before transmission. Sentry's privacy policy is available at{" "} sentry.io/privacy .

5. International Transfers

Error monitoring data sent to Sentry may be processed on servers located in the United States. Sentry participates in the EU-US Data Privacy Framework. All other data (user accounts, group data, movie lists) is stored on the self-hosted server and does not leave the hosting jurisdiction unless explicitly configured otherwise by the administrator.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the data we hold about you.
  • Right to rectification: Update your display name at any time within the app.
  • Right to erasure: Delete your account, which removes your user record, group memberships, and nullifies movie attribution.
  • Right to restrict processing: Contact the administrator to request processing restrictions.
  • Right to data portability: Contact the administrator to request your data in a machine-readable format.
  • Right to object: Contact the administrator to object to processing based on legitimate interest.

To exercise these rights, contact the site administrator. You may also have the right to lodge a complaint with your local data protection authority.

7. Children's Privacy

MovieDice is not intended for use by children under the age of 13. We do not knowingly collect personal data from children under 13. In the European Economic Area, the service is not intended for users under the age of 16 without parental consent, in accordance with the GDPR. If you believe a child has provided data through this service, please contact the administrator to request its deletion.

8. Cookies and Local Storage

MovieDice uses the following browser storage mechanisms:

  • Authentication cookies: HttpOnly, Secure, SameSite=Strict cookies managed by Supabase for session authentication. These are essential for the service to function and cannot be disabled.
  • Admin session cookies: Encrypted iron-session cookies for admin panel authentication (8-hour expiry).
  • IndexedDB: Used for offline caching of movie list data via TanStack Query persistence. This data stays on your device and is not transmitted to any server.
  • localStorage: May be used by Supabase client libraries for token management.

We do not use any third-party tracking cookies or analytics cookies.

9. Changes to This Policy

We may update this privacy policy from time to time. Changes will be indicated by updating the "Last updated" date at the top of this page. For significant changes, we will display a notice within the application. Continued use of the service after changes constitutes acceptance of the updated policy.

); }