Privacy Policy

Effective date: April 20, 2026

This Privacy Policy explains how bdmendes.online collects, uses, and protects personal information. It also describes how information is processed when you sign in with third-party OAuth providers.

Who we are

bdmendes.online is a personal website used for interactive features such as guestbook posting and moderation.

Information we collect

Depending on your actions, we may collect:

  • Basic profile information returned by OAuth providers.
  • Your email address when available from the provider.
  • Your display name, username, or profile metadata.
  • Guestbook content and moderation status.
  • Technical logs required for security and service operation.

OAuth provider data

When you authenticate with an OAuth provider (for example, Google, GitHub, or Discord), we may receive and store:

  • Account identifier from the OAuth response.
  • Profile name or username provided by the selected provider.
  • Email address, if provided by the selected provider.
  • Profile picture URL, if provided by the selected provider.

We use this information only to authenticate your account, personalize your identity display on the website, and apply authorization rules.

How we use information

  • Account authentication and session management.
  • Access control for moderation/admin functionality.
  • Displaying your chosen identity in interactive features.
  • Abuse prevention, fraud detection, and security monitoring.

Cookies and similar storage

We use only essential cookies and similar browser storage technologies needed to operate the site securely.

  • Authentication and security storage used for login/session behavior, including OAuth sign-in flows.
  • A localStorage preference that records whether the cookie notice has been dismissed.

We do not use advertising cookies, tracking cookies, or analytics cookies.

You can clear cookies/localStorage in your browser settings at any time, but authentication and other core features may stop working until you sign in again.

Data sharing

We do not sell personal information. We only share data with service providers that are required to operate the website (for example, infrastructure and authentication tooling).

Data retention

Account and content data are retained only as long as needed to operate the service, meet security requirements, and support moderation.

Your rights and choices

You may request to:

  • Access the personal data associated with your account.
  • Correct inaccurate account data.
  • Delete your account-related data.
  • Revoke OAuth access from your provider settings.

Data deletion requests

To request deletion of account data obtained through OAuth, contact: [email protected]

Include the provider used and enough information for us to identify your account safely.

Security

We use reasonable technical and organizational measures to protect personal information against unauthorized access, loss, or misuse.

Policy updates

This policy may be updated over time. Material changes will be reflected by updating the effective date above.

Contact

Privacy questions can be sent to [email protected].