| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228 |
- import type { Metadata } from "next";
- export const metadata: Metadata = {
- title: "Privacy Policy - MovieDice",
- description: "MovieDice privacy policy and data handling practices.",
- };
- export default function PrivacyPage() {
- return (
- <main className="mx-auto max-w-3xl px-4 py-12">
- <h1 className="text-3xl font-bold">Privacy Policy</h1>
- <p className="mt-2 text-sm text-foreground/50">Last updated: April 6, 2026</p>
- <div className="mt-8 space-y-8 text-foreground/80 leading-relaxed [&_h2]:text-xl [&_h2]:font-semibold [&_h2]:text-foreground [&_h3]:text-base [&_h3]:font-medium [&_h3]:text-foreground [&_ul]:list-disc [&_ul]:pl-5 [&_ul]:space-y-1">
- <section>
- <h2>1. Controller Identity</h2>
- <p className="mt-2">
- MovieDice is operated as a self-hosted application by its administrator (the
- "Controller"). The Controller is responsible for determining the purposes and
- means of processing personal data collected through this application. For data-related
- inquiries, contact the site administrator through the channels provided on this site.
- </p>
- </section>
- <section>
- <h2>2. Lawful Basis for Processing</h2>
- <p className="mt-2">We process personal data under the following lawful bases:</p>
- <ul className="mt-2">
- <li>
- <strong>Legitimate interest:</strong> Processing anonymous identifiers and group
- membership data to provide the core movie list and randomizer functionality.
- </li>
- <li>
- <strong>Consent:</strong> Where required by applicable law, your continued use of the
- service constitutes consent to the processing described in this policy.
- </li>
- <li>
- <strong>Legal obligation:</strong> We may process data to comply with applicable legal
- requirements.
- </li>
- </ul>
- </section>
- <section>
- <h2>3. Data Inventory and Retention</h2>
- <p className="mt-2">We collect and store the following data:</p>
- <h3 className="mt-4">Anonymous User Identifier (UUID)</h3>
- <p className="mt-1">
- A randomly generated unique identifier created via Supabase Anonymous Sign-In. This is
- not linked to any email, phone number, or real-world identity. Retained until 12 months
- of inactivity, after which the account and all associated data are automatically
- deleted.
- </p>
- <h3 className="mt-4">Display Name</h3>
- <p className="mt-1">
- A user-chosen name (up to 30 characters) used to identify contributions within a group.
- This is not verified and does not need to be a real name. Retained for the lifetime of
- the account.
- </p>
- <h3 className="mt-4">Group Membership</h3>
- <p className="mt-1">
- Records of which groups a user belongs to and their role (admin or member). Deleted when
- a user leaves a group or when the account is deleted.
- </p>
- <h3 className="mt-4">Movie Preferences</h3>
- <p className="mt-1">
- Movies added to group lists, including which user added them and watched status. The
- association with a specific user is set to null if the user's account is deleted
- (the movie remains on the list). Retained for the lifetime of the group.
- </p>
- <h3 className="mt-4">Recovery Code</h3>
- <p className="mt-1">
- A one-time-use 24-character code hashed with Argon2id before storage. The plaintext is
- shown once and never stored. The hash is deleted after successful use or account
- deletion.
- </p>
- <h3 className="mt-4">Server Logs</h3>
- <p className="mt-1">
- Standard HTTP server logs including IP addresses, user agent strings, request paths, and
- timestamps. These are used for security monitoring and debugging. Log rotation is
- configured with a maximum size of 10MB per file and a maximum of 5 files, resulting in
- automatic deletion as logs rotate.
- </p>
- </section>
- <section>
- <h2>4. Third-Party Recipients</h2>
- <ul className="mt-2">
- <li>
- <strong>TMDB (The Movie Database):</strong> We send API requests to TMDB to search for
- movies and retrieve movie metadata (posters, titles, genres). These requests are made
- server-side and do not include your user identifier. TMDB's privacy policy is
- available at{" "}
- <a
- href="https://www.themoviedb.org/privacy-policy"
- target="_blank"
- rel="noopener noreferrer"
- className="underline hover:text-foreground"
- >
- themoviedb.org/privacy-policy
- </a>
- .
- </li>
- <li>
- <strong>Sentry:</strong> We use Sentry for error monitoring. Error reports may include
- request metadata but never include user identifiers. UUID path segments are stripped
- before transmission. Sentry's privacy policy is available at{" "}
- <a
- href="https://sentry.io/privacy/"
- target="_blank"
- rel="noopener noreferrer"
- className="underline hover:text-foreground"
- >
- sentry.io/privacy
- </a>
- .
- </li>
- </ul>
- </section>
- <section>
- <h2>5. International Transfers</h2>
- <p className="mt-2">
- Error monitoring data sent to Sentry may be processed on servers located in the United
- States. Sentry participates in the EU-US Data Privacy Framework. All other data (user
- accounts, group data, movie lists) is stored on the self-hosted server and does not
- leave the hosting jurisdiction unless explicitly configured otherwise by the
- administrator.
- </p>
- </section>
- <section id="gdpr">
- <span id="ccpa" className="block -translate-y-4" aria-hidden="true" />
- <h2>6. Your Rights</h2>
- <p className="mt-2">
- Depending on your jurisdiction (including CCPA rights for US/California residents and
- GDPR rights for EU/EEA residents), you may have the following rights regarding your
- personal data:
- </p>
- <ul className="mt-2">
- <li>
- <strong>Right of access:</strong> Request a copy of the data we hold about you.
- </li>
- <li>
- <strong>Right to rectification:</strong> Update your display name at any time within
- the app.
- </li>
- <li>
- <strong>Right to erasure:</strong> Delete your account, which removes your user
- record, group memberships, and nullifies movie attribution.
- </li>
- <li>
- <strong>Right to restrict processing:</strong> Contact the administrator to request
- processing restrictions.
- </li>
- <li>
- <strong>Right to data portability:</strong> Contact the administrator to request your
- data in a machine-readable format.
- </li>
- <li>
- <strong>Right to object:</strong> Contact the administrator to object to processing
- based on legitimate interest.
- </li>
- </ul>
- <p className="mt-2">
- To exercise these rights, contact the site administrator. You may also have the right to
- lodge a complaint with your local data protection authority.
- </p>
- </section>
- <section>
- <h2>7. Children's Privacy</h2>
- <p className="mt-2">
- MovieDice is not intended for use by children under the age of 13. We do not knowingly
- collect personal data from children under 13. In the European Economic Area, the service
- is not intended for users under the age of 16 without parental consent, in accordance
- with the GDPR. If you believe a child has provided data through this service, please
- contact the administrator to request its deletion.
- </p>
- </section>
- <section>
- <h2>8. Cookies and Local Storage</h2>
- <p className="mt-2">MovieDice uses the following browser storage mechanisms:</p>
- <ul className="mt-2">
- <li>
- <strong>Authentication cookies:</strong> HttpOnly, Secure, SameSite=Strict cookies
- managed by Supabase for session authentication. These are essential for the service to
- function and cannot be disabled.
- </li>
- <li>
- <strong>Admin session cookies:</strong> Encrypted iron-session cookies for admin panel
- authentication (8-hour expiry).
- </li>
- <li>
- <strong>IndexedDB:</strong> Used for offline caching of movie list data via TanStack
- Query persistence. This data stays on your device and is not transmitted to any
- server.
- </li>
- <li>
- <strong>localStorage:</strong> May be used by Supabase client libraries for token
- management.
- </li>
- </ul>
- <p className="mt-2">
- We do not use any third-party tracking cookies or analytics cookies.
- </p>
- </section>
- <section>
- <h2>9. Changes to This Policy</h2>
- <p className="mt-2">
- We may update this privacy policy from time to time. Changes will be indicated by
- updating the "Last updated" date at the top of this page. For significant
- changes, we will display a notice within the application. Continued use of the service
- after changes constitutes acceptance of the updated policy.
- </p>
- </section>
- </div>
- </main>
- );
- }
|