Privacy Policy
At Flapjack Running ("we," "our," or "us"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.
Information We Collect
Personal Information
We may collect the following personal information when you create an account or use our services:
- Email Address: Required for account creation and communication
- Password: Stored in encrypted format for account security
- Profile Information: When you sign in with Google OAuth, we collect your name, email, and profile picture
Usage Information
We automatically collect certain information about your use of our website:
- IP address and location data
- Browser type and version
- Pages visited and time spent on our site
- Search queries and preferences
- Device information (mobile, desktop, etc.)
How We Use Your Information
We use the collected information for the following purposes:
- Account Management: To create and maintain your user account
- Authentication: To verify your identity and provide secure access
- Service Improvement: To understand how users interact with our site and improve functionality
- Communication: To send important updates, security alerts, and service notifications
- Analytics: To analyze site performance and user behavior patterns
Cookies
Our website uses the following types of cookies:
Essential Cookies
- Session Cookies: Required for user authentication and site functionality
- CSRF Protection: Security cookies to prevent cross-site request forgery attacks
- Authentication Tokens: To maintain your logged-in status
Analytics Cookies (Future Implementation)
We plan to implement Google Analytics to better understand how users interact with our site. These cookies will:
- Track page views and user journeys
- Measure site performance and loading times
- Understand popular content and features
- Help us improve user experience
You will be able to opt out of analytics cookies when we implement this feature.
Third-Party Services
Google OAuth
When you choose to sign in with Google, we use Google's OAuth service which:
- Allows you to use your existing Google account
- Shares your basic profile information (name, email, profile picture)
- Is governed by Google's own privacy policy
- Can be revoked at any time through your Google account settings
Google Analytics
We plan to use Google Analytics to understand website usage patterns. Google Analytics:
- Collects anonymous usage data
- Helps us understand user behavior
- Is subject to Google's privacy policy
- Can be opted out of using browser settings or opt-out tools
Content Delivery Networks (CDNs)
We use third-party CDNs to deliver JavaScript libraries and CSS frameworks:
- unpkg.com for HTMX and Alpine.js
- jsdelivr.net for UI components
- These services may log basic request information
Data Storage and Security
We implement appropriate security measures to protect your personal information:
- Encryption: All passwords are hashed using industry-standard algorithms
- Secure Storage: Data is stored in secure PostgreSQL databases
- Access Controls: Limited access to personal data by authorized personnel only
- Regular Updates: We keep our security measures current with best practices
Data Retention
We retain your personal information for as long as necessary to provide our services:
- Account Data: Retained while your account is active
- Usage Data: Analytics data may be retained for up to 2 years
- Deleted Accounts: Personal data is deleted within 30 days of account deletion
Your Rights
You have the following rights regarding your personal information:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your personal data (account deletion)
- Portability: Request your data in a commonly used format
- Opt-out: Unsubscribe from marketing communications
International Users
If you are accessing our website from outside the United States:
- Your data may be transferred to and processed in the United States
- We comply with applicable international privacy laws
- EU users have additional rights under GDPR
- California residents have rights under CCPA
Children's Privacy
Our website is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete such information immediately.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do:
- We will post the updated policy on this page
- We will update the "Last Updated" date
- For significant changes, we may notify you via email
- Your continued use of our services constitutes acceptance of the updated policy
Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact us:
- Email: 1flapjackrunning@gmail.com
- Website: Through our contact form
We will respond to your inquiry within 30 days of receipt.