Privacy Policy

Thucde.dev is a publishing and community platform for posts, stories, code snippets, comments, profiles, media, feedback, search, feeds, and dashboard tools. This Privacy Policy explains what information we collect, how we use it, when we share it, and what choices you have when using Thucde.dev.

This page describes the product behavior of Thucde.dev. It is not a substitute for independent legal advice.

We collect information that you provide, information generated by your use of the service, and limited information from third-party services.

Account and profile information: When you use an account, we may store your name, username, email address, password authentication data, profile picture, cover photo, bio, occupation, public social links, profile settings, email settings, following/follower preferences, and account status. Existing users may also log in with Google; in that case we receive account information such as your email, name, and profile image from Google.
Authentication and security information: We use session cookies, CSRF token cookies, cookie consent records, login state, password reset codes, email verification codes, IP addresses, browser and device information, request metadata, and rate-limit signals to keep the service working and to protect against abuse.
User content and activity: We store the posts, drafts, snippets, stories, comments, replies, reactions, stars, flags, feedback, structured data, guest author details, categories, keywords, metadata, search/discovery settings, and other content or settings you submit.
Media and files: If you upload images, cover photos, story media, thumbnails, editor images, or other files, we store the file and related metadata such as file name, type, size, dimensions, upload context, owner, and usage references. Media may be processed and hosted through Cloudinary.
Third-party content and integrations: When you use Unsplash images, external URLs, embeds, or rich editor blocks, we may process URLs and metadata from services such as Unsplash, YouTube, X/Twitter, TikTok, and Spotify. Those services may also collect data when their content is loaded in your browser.
Analytics, search, and system information: We collect usage information such as page views, post views, search queries, feature interactions, errors, logs, and service health information. Some product analytics are provided through Google Analytics.

Google Analytics

This site uses Google Analytics, a web analytics service provided by Google. Google Analytics may use cookies and similar technologies to help us understand how visitors use the site. The information generated about your use of the website, including IP address information, may be transmitted to and processed by Google.

Google reCAPTCHA

This site uses Google reCAPTCHA to help protect forms, comments, stories, snippets, feedback, reactions, and other interactive features from spam and abuse. reCAPTCHA may analyze your IP address, browser user agent, cookies, and interaction signals to determine whether a request appears automated. For more information, see the Google Privacy Policy.

We use the information we collect for the following purposes:

To provide the service: We use your information to authenticate your account, keep sessions active, save drafts, publish and edit posts, manage snippets and stories, upload and display media, show profiles, power search and feeds, record reactions and stars, receive feedback, and provide dashboard features.
To support privacy and discovery controls: We use post and story visibility settings, shared users, searchable settings, robots metadata, and profile preferences to decide what content should be public, private, shared with specific users, included in search, or exposed in feeds, sitemaps, public profiles, and related reading surfaces.
To send service communications: We send email for account verification, password recovery, password changes, account deletion or restoration, welcome messages, comment and mention notifications, post newsletters, system failure notifications, and other service-related notices. You can adjust supported email preferences in your account settings.
To protect the platform: We use session checks, CSRF checks, reCAPTCHA, validation, rate limits, logs, flags, admin controls, and security review signals to prevent fraud, spam, scraping, abuse, unauthorized access, private-content leaks, and service disruption.
To improve and operate Thucde.dev: We use analytics, feedback, post statistics, logs, search data, performance information, and error reports to improve features, reliability, moderation, recommendations, and system health.
To provide AI-assisted features when used: Some helper features may use Google Gemini-powered services, such as greetings or generated advice. We use these only to provide the requested feature and operate related cache or abuse-prevention controls.
To comply with law and enforce terms: We may use information to respond to legal requests, resolve disputes, investigate violations, enforce our Terms of Service, and protect users or the public.

We do not sell your personal information. We share information only as needed to run, protect, and improve the service.

Public content: Public posts, snippets, stories, comments, profiles, metadata, images, public social links, reactions, stars, feeds, and sitemap entries may be visible to anyone and may be indexed by search engines or cached by third parties.
Shared or private content: Private posts and stories are intended to be limited to authorized users, owners, or selected shared users. Private and searchable settings control access and discovery inside Thucde.dev, but they are not encryption and cannot prevent all copying, screenshots, browser caching, or external sharing by someone with access.
Service providers: We share information with providers that help operate Thucde.dev, including hosting, database, cache, email delivery, media hosting and processing, analytics, anti-abuse services, and infrastructure providers. These include services such as Cloudinary, Google, and email providers used by the app.
Third-party embeds and links: If a page loads content from Unsplash, YouTube, X/Twitter, TikTok, Spotify, or another third-party site, that third party may receive information from your browser under its own policies.
Legal, safety, and enforcement: We may disclose information if required by law or if we believe disclosure is necessary to comply with a legal obligation, protect rights or property, prevent abuse, investigate wrongdoing, protect user safety, or enforce our Terms of Service.

You can control some information and settings through your browser, your Google account, and your Thucde.dev account settings.

Cookies: Some cookies are necessary for authentication, CSRF protection, cookie consent, and normal site operation. You can block cookies in your browser, but account features and other parts of the site may not work correctly.
Email preferences: You can adjust supported post, comment, reaction, and notification settings from account email settings. Some security and account emails, such as password recovery or account deletion notices, may still be sent when needed.
Profile and content controls: You can edit your profile, hide supported profile fields, change post defaults, set posts or stories to private where supported, choose shared users for private posts, disable search/discovery metadata where supported, and delete or edit your own content where the app allows it.
Google account controls: If you log in with Google, you can manage what Google shares through your Google account privacy settings.
Account deletion and restoration: When you request account deletion, the app temporarily disables the account and soft-deletes related drafts, assets, and posts. The account can be restored within the implemented 14-day restoration window. After that window, the account may be permanently deleted, and some content, logs, backups, public references, or moderation records may remain where needed for safety, legal, integrity, or operational reasons.

We use measures such as secure session cookies, CSRF tokens, validation, rate limits, access checks, admin controls, private-content authorization checks, sanitization, and service-provider security controls to help protect your information. No internet service is perfectly secure, and we cannot guarantee that unauthorized access, disclosure, alteration, or loss will never occur.

We may update this Privacy Policy from time to time. The updated policy will be effective when it is posted on this page. If we make material changes, we may notify you by email or through a notice on the website.

If you have any questions about this Privacy Policy, please contact us at: support@thucde.dev.