This Data Use Policy explains, at a glance, how we use the data that moves through ClaudeFolio. For the legal details, see our Privacy Policy and Terms of Service.
1. Purpose of data use
ClaudeFolio collects and processes data for legitimate business purposes including:
- Operating the directory and the community discussion features.
- Operating and securing user accounts and the sign-in flow.
- Improving data accuracy, platform performance, and discovery (trending, search).
- Detecting and preventing fraud, spam, and abuse.
- Complying with legal obligations.
We do not sell personal data to third parties.
2. Categories of data we process
- Account information: email address and session tokens tied to your account.
- Submissions: project titles, taglines, descriptions, live URLs, repository URLs, screenshots, stack tags, categories, build metrics, and proof links.
- Community activity: votes and comments you post on other people's projects.
- Usage and technical data: IP address, user-agent string, device type, interaction logs, and rate-limit counters.
- Third-party authentication data: when social sign-in is used, limited profile data (name, email, profile picture URL) from Google, Facebook, or Apple.
3. Legal basis for processing (GDPR / UK GDPR)
For European Economic Area and United Kingdom users, we process data based on contract performance, legitimate interests in security and analytics, legal compliance, and consent where required.
4. California privacy rights (CCPA / CPRA)
California residents have the right to know, access, delete, correct, opt out of sale (not applicable), and exercise these rights without discrimination. Requests go to [email protected] or through our Data Deletion page. Responses occur within 45 days.
5. Use of aggregated and anonymized data
We may use anonymized and aggregated data to publish trends (popular stacks, common categories, how long builds take), improve the directory, conduct research, and develop new features.
6. Third-party service providers
- Hosting and infrastructure: Hetzner (hosting) and Cloudflare (CDN, DNS, DDoS protection).
- Email delivery: Resend (transactional and digest emails).
- Object storage: Cloudflare R2 (thumbnails, screenshots, avatars).
- Anti-abuse: Cloudflare Turnstile (bot challenge on sign-in and submit).
- Authentication providers: Google, Facebook, Apple when social sign-in is used.
- Analytics: aggregate traffic measurement where enabled.
Each processor handles data under its own published policy.
7. Data retention
Personal data is retained only as long as necessary for service provision, security, and legal compliance. You may request account and data deletion through our Data Deletion page or by emailing [email protected]. Deletion typically processes within 45 days, subject to legal retention requirements.
8. Data security
We use reasonable administrative, technical, and organizational safeguards including encrypted data transmission (HTTPS), HttpOnly/Secure session cookies, private-network-only database connectivity, access controls, and ongoing monitoring. No system is perfectly secure; see the Security section of our Privacy Policy for the full scope.
9. International transfers
Data may be processed in the United States or other jurisdictions where our providers operate. Where required, we implement appropriate safeguards for cross-border transfers, including Standard Contractual Clauses.
10. User control and transparency
You can update your profile from your dashboard, edit any project you submitted, unsubscribe from the newsletter, delete your account via the Data Deletion page, or request a copy of your data by emailing [email protected].
Users are automatically enrolled in our product newsletter at signup and may unsubscribe at any time via the one-click link in any newsletter email or from their account settings. Unsubscribing does not affect transactional emails (account verification, password resets, replies, and moderation notices), which are required for the service to function.
11. Policy updates
We may update this policy for operational, legal, or regulatory reasons. Material changes trigger email notification to registered users before taking effect. Updates appear on this page with a revised effective date.
12. Contact
Questions or requests: [email protected]. Legal: [email protected].
See also: Privacy Policy, Data Deletion, Terms.