Privacy Policy
This Privacy Policy explains what information Datacat collects, how we use it, and the choices available to you.
1. Introduction
This Privacy Policy (the "Policy") describes how Datacat ("Datacat", "we", "us", or "our") collects, uses, discloses, and retains information when you access or use the Site. By using the Site, you acknowledge that you have read this Policy.
If you do not agree with this Policy, you must not access or use the Site.
2. Our Privacy Approach
Datacat is generally privacy-focused. We aim to collect only the information we reasonably need to operate, secure, moderate, maintain, and improve the Site.
We are not an advertising business. We do not sell personal information to advertisers or data brokers, do not use behavioral advertising, and do not use analytics to build cross-site advertising profiles.
Privacy-focused does not mean zero data collection. We still process information needed for accounts, sessions, uploads, Private Vault features, moderation, security, abuse prevention, debugging, backups, legal compliance, and basic product analytics.
3. Information We Collect
3.1 Account Information
When you register or sign in, we may collect your username, email address, password hash, authentication provider, Google/Firebase user identifier if you use Google sign-in, optional profile fields, account preferences, permissions, account creation date, and last active time. Passwords are stored as one-way cryptographic hashes and are not stored in plaintext.
3.2 Anonymous and Session Information
The Site may create anonymous device tokens, session tokens, active-user records, and browser-session records so that browsing, uploads, vault entries, preferences, and account upgrades can work. Session records may include IP address, user agent, creation time, expiration time, and last active time.
3.3 Content You Submit
We collect content you submit or import, including character cards, JSON or PNG files, bot definitions, prompts, descriptions, scenarios, avatars, uploaded media, tags, creator notes, comments, Wall or Buzz posts, reports, moderation notes, and related metadata such as source URLs, origin sites, creator names, and timestamps.
3.4 Technical and Security Data
We and our service providers may process IP addresses, user agents, request paths, status codes, error traces, rate-limit events, anti-abuse signals, storage keys, CDN request data, and operational logs. We use this information for security, debugging, abuse prevention, reliability, and legal compliance.
3.5 Analytics
The Site may use limited, privacy-conscious analytics to understand basic product usage, page activity, feature health, reliability, performance, and abuse patterns.
Analytics may include events such as page views, feature interactions, browser or device class, rough traffic source, timestamps, performance signals, and error signals. We avoid sending private character text, prompts, uploaded files, raw search strings, private messages, payment information, or similar sensitive content to analytics where reasonably practicable.
We use analytics to improve reliability, understand which features are working, detect errors, and make product decisions. We do not use analytics to serve behavioral advertising, sell personal information, or build cross-site advertising profiles.
4. How We Use Information
We use information to operate the Site; authenticate users; maintain sessions; provide uploads, imports, downloads, search, display, private vault, and discussion features; moderate and enforce rules; investigate abuse; secure the Site; debug errors; maintain backups; improve features; communicate with users; comply with law; and protect users, the public, and the Site.
5. Public and Private Content
Some areas of the Site are public by design. Public uploads, character listings, tags, comments, Wall or Buzz posts, usernames, profile details, and visible metadata may be seen by other users and visitors.
Private Vault or restricted features are intended to limit visibility according to the applicable feature settings, but they may still be processed by the Site, stored by service providers, reviewed for moderation or security, included in backups, or disclosed where required by law or necessary to prevent harm.
6. Third-Party Service Providers
We use third-party service providers to operate the Site, including hosting and database providers, Cloudflare or compatible network and storage services, content delivery networks, Google/Firebase authentication, analytics services, AI or extraction-related providers, and security or moderation tools.
These providers may process information as necessary to provide their services to us. Their own privacy policies and retention practices may also apply.
7. Cookies and Local Storage
We use browser local storage, session storage, and first-party cookies or equivalent technologies to store session tokens, anonymous device tokens, selected account state, interface preferences, content-filter settings, analytics opt-out or toggle state, and similar Site functionality. We do not use this storage for third-party behavioral advertising.
8. Disclosure of Information
We do not sell personal information to advertisers or data brokers. We may disclose information to service providers, where you make it public, where needed to operate or secure the Site, where required by valid legal process, where reasonably necessary to enforce our Terms, or where we believe disclosure is necessary to prevent harm, report exploitation, investigate abuse, or protect rights and safety.
9. Data Retention
We retain account information for the life of the account unless deleted or otherwise required for security, legal, or operational reasons. Public or shared contributions may remain available after account deletion or username detachment where needed to preserve shared site state.
Operational logs, backups, CDN records, analytics data, moderation records, and third-party provider records may be retained for different periods depending on security needs, provider practices, legal obligations, and backup cycles.
10. Account Deletion and Content Removal
Where account deletion or content removal tools are available, you may use them from the Site interface. Some content may remain if it has been shared publicly, incorporated into shared site state, retained in backups, preserved for moderation or legal reasons, or required to protect the Site and users.
11. Minors
The Site is intended only for adults. We do not knowingly allow minors to register for or use the Site, and we do not knowingly collect personal information from minors. If you believe a minor has provided information to the Site, contact us so we can review and take appropriate action.
12. Security
We use reasonable technical and administrative safeguards such as hashed passwords, session controls, access controls, moderation tooling, and network or storage protections. No system is perfectly secure. You are responsible for maintaining the security of your account, browser session, and device.
13. International Processing
The Site and its service providers may process information in different countries from where you reside. By using the Site, you understand that information may be transferred, stored, or processed internationally.
14. Changes to This Policy
We may update this Policy from time to time. The "Last updated" date will be revised when changes are made. For material changes, we may provide additional notice through the Site.
15. Contact
Questions and privacy requests may be sent to contact@datacat.run. Legal notices and safety concerns may be sent to legal@datacat.run. Current contact details are also available on the Contact page.