1. Information We Collect

When you sign in with GitHub OAuth, we receive basic profile information such as your username, display name, avatar, and email address (if provided by GitHub). We also collect the content you submit to the registry, including module metadata, reviews, ratings, and other community contributions.

We may collect limited technical data (such as IP address and user agent) for security, abuse prevention, and operational reliability.

2. How We Use Data

We use your data to authenticate your account, attribute modules and reviews, operate the Barforge registry API, and improve the quality of the service.

3. Public Information

Module listings, reviews, and ratings are public. Your GitHub username and avatar are displayed alongside public contributions so the community can attribute work.

4. Session Storage and Preferences

We use essential cookies for Auth.js session management. Barforge may also use local storage for preferences such as starred modules or UI settings.

5. Data Sharing

We do not sell personal data. Data is processed by infrastructure providers such as Cloudflare for hosting and delivery. GitHub provides authentication services.

6. Data Retention

We keep account data while your account is active. Public contributions may remain visible to preserve registry history. If you request account deletion, we will remove or anonymize personal data where feasible, but public contributions may remain available. You can request deletion of your account or content, and we will process reasonable requests subject to legal obligations.

7. Your Rights

You may request access, correction, or deletion of your data. To exercise your rights, email support@barforge.dev.

For general support, contact help@barforge.dev. Administrative requests can be sent to admin@barforge.dev.

8. Changes to This Policy

We may update this policy as the Barforge ecosystem evolves. The effective date will reflect the latest revision.