Privacy Policy

Effective: May 16, 2026

DailyFunHub ("we", "us", or "the service") respects your privacy. This page explains what information we collect, how we use it, and the choices you have. By using the service you agree to this policy. If you do not agree, please do not use the service.

1. Information we collect

When you create an account or use DailyFunHub we collect only the minimum information needed to provide the service:

• Account information: your email address, an optional display name, and (if you sign up with email/password) a bcrypt hash of your password — never the raw password.
• Authentication identifiers: if you sign in with Google, we store the email and unique Google account ID Google returns to us, plus a profile name if Google provides one. We do not request, store, or have access to your Google password.
• Activity on the service: the links you favorite, rate, propose, or that you publish if you are a curator or admin. We keep timestamps for these actions.
• Verification and reset codes: short-lived numeric codes we email to you when you sign up or request a password reset. These expire automatically.
• Operational logs: our server keeps standard web-server logs (IP address, request URL, response code, timestamp) for security, debugging, and abuse prevention. We rotate these out within a reasonable time and do not associate them with marketing or sell them.

We do not collect financial information, browsing history outside the service, contacts, photos, location, or other categories of data that DailyFunHub does not need.

2. How we use your information

• To authenticate you and keep you signed in (via a signed JSON Web Token stored in your browser).
• To send you account-related emails: signup verification codes, password reset codes, and (in the future, with your consent) optional digests or notifications.
• To provide the curated link feed, rating, favoriting, and proposal features.
• To detect and prevent abuse: spam proposals, brute-force login attempts, duplicate or inappropriate submissions.
• To improve the service: aggregated, non-identifying analysis of which links are popular or how features are used.

3. Cookies and local storage

DailyFunHub does not use tracking or advertising cookies. We use two kinds of local browser storage:

• localStorage: to keep your JWT (login token) so you stay signed in between visits. Clearing your browser data signs you out.
• Short-lived HTTP cookies: only during the Google sign-in handshake, to prevent CSRF attacks. The cookie is deleted as soon as sign-in completes.

4. Sharing

We do not sell your data and we do not share it with advertisers. We share information only in these narrow cases:

• Service providers we rely on: Amazon Web Services hosts our servers and database; Google's SMTP service delivers our transactional email; Google identity services authenticate users who choose "Sign in with Google". These providers receive only what they need to perform their function.
• Legal compliance: if we receive a valid legal request (subpoena, court order, or similar) we may disclose the limited information required to comply with the law.
• Protecting the service and users: to investigate fraud, abuse, or security incidents, including with law enforcement when appropriate.

Other users of the service can see your display name and the proposals or links you publish. They cannot see your email address.

5. How long we keep your data

We keep your account information for as long as your account is active. If you delete your account (see Section 7), we deactivate your login and remove the email and password from active use, but we may retain a limited record of your past contributions (proposals, ratings) for moderation and audit purposes. Operational server logs are kept for a short retention window.

6. Security

We protect your data with bcrypt-hashed passwords, HTTPS encryption in transit, secure JWT signing, OAuth state cookies, rate limits on sensitive endpoints, and content filtering on user-submitted content. No system is perfectly secure; if you suspect your account has been compromised, please contact us immediately.

7. Your rights and choices

• Access and correction: you can view and edit your display name and password at any time from your profile page.
• Deletion: contact us at the address below and we will deactivate your account. Privileged users and admins can disable accounts on request.
• Opt out of optional emails: we don't currently send marketing emails; only transactional ones tied to actions you take.
• EU / UK / California residents: you may have additional rights under GDPR, UK GDPR, or CCPA, including the right to request a copy of your data, to object to processing, or to lodge a complaint with a supervisory authority. Reach out and we will honor these rights.

8. Children

DailyFunHub is not directed to children under 13 and we do not knowingly collect personal information from them. If you believe a child under 13 has created an account, please contact us and we will remove the account promptly.

9. International users

Our servers and storage are located in the United States. By using the service from outside the United States you consent to the transfer of your data to the United States for processing.

10. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be reflected in an updated "Effective" date at the top of this page and, where appropriate, by a notice in-product. Continued use of the service after a change means you accept the updated policy.

11. Contact

Questions, requests, or complaints can be sent through our contact form. We aim to respond to legitimate requests within a reasonable time.