-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathprivacy.html
More file actions
221 lines (210 loc) · 9.07 KB
/
privacy.html
File metadata and controls
221 lines (210 loc) · 9.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Privacy Policy - KitePad</title>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100..900;1,100..900&display=swap" rel="stylesheet">
<link rel="stylesheet" href="/style.css">
<style>
.policy-container {
max-width: 800px;
margin: 0 auto;
padding: 40px 20px;
color: #e0e0e0;
line-height: 1.8;
}
.policy-header {
border-bottom: 2px solid var(--accent-color);
padding-bottom: 20px;
margin-bottom: 30px;
display: flex;
justify-content: space-between;
align-items: flex-end;
}
.labeling-section {
display: flex;
flex-wrap: wrap;
gap: 20px;
background: #1e1e1e;
padding: 20px;
border-radius: 12px;
margin-bottom: 40px;
border: 1px solid #333;
}
.label-item {
display: flex;
flex-direction: column;
align-items: center;
text-align: center;
width: 130px;
}
.label-icon {
font-size: 24px;
margin-bottom: 8px;
background: var(--accent-color);
width: 50px;
height: 50px;
display: flex;
align-items: center;
justify-content: center;
border-radius: 50%;
color: white;
}
.label-text {
font-size: 12px;
font-weight: bold;
}
.policy-section {
margin-bottom: 40px;
}
.policy-section h2 {
font-size: 20px;
color: var(--accent-color);
margin-bottom: 15px;
border-left: 4px solid var(--accent-color);
padding-left: 15px;
}
.policy-table {
width: 100%;
border-collapse: collapse;
margin: 15px 0;
}
.policy-table th, .policy-table td {
border: 1px solid #333;
padding: 12px;
text-align: left;
}
.policy-table th {
background: #252525;
}
</style>
</head>
<body>
<div class="policy-container">
<div class="nav-links">
<a href="/" class="nav-link">← Back</a>
</div>
<div class="policy-header">
<div>
<h1>Privacy Policy</h1>
<p>Version: 1.1 (GDPR Compliant)<br>Effective Date: February 25, 2026</p>
</div>
</div>
<div class="labeling-section" style="justify-content: center;">
<div class="label-item">
<div class="label-icon">⚖️</div>
<div class="label-text">Lawfulness &<br>Transparency</div>
</div>
<div class="label-item">
<div class="label-icon">🎯</div>
<div class="label-text">Purpose<br>Limitation</div>
</div>
<div class="label-item">
<div class="label-icon">🧼</div>
<div class="label-text">Data<br>Minimization</div>
</div>
<div class="label-item">
<div class="label-icon">🔒</div>
<div class="label-text">Integrity &<br>Confidentiality</div>
</div>
<div class="label-item">
<div class="label-icon">👤</div>
<div class="label-text">Rights of<br>Data Subjects</div>
</div>
</div>
<div class="policy-section">
<h2>1. Core Principles (GDPR Art. 5)</h2>
<p>We process your data according to the following 7 key principles:</p>
<ul>
<li><strong>Lawfulness, Fairness, and Transparency</strong>: Data is processed legally and transparently.</li>
<li><strong>Purpose Limitation</strong>: Data is collected for specified, explicit, and legitimate purposes.</li>
<li><strong>Data Minimization</strong>: We only collect what is strictly necessary.</li>
<li><strong>Accuracy</strong>: We keep data accurate and up to date.</li>
<li><strong>Storage Limitation</strong>: Data is deleted once the purpose is fulfilled.</li>
<li><strong>Integrity and Confidentiality</strong>: We use robust security measures to protect your data.</li>
<li><strong>Accountability</strong>: We are responsible for and can demonstrate compliance with these principles.</li>
</ul>
</div>
<div class="policy-section">
<h2>2. Data Controller & DPO</h2>
<p>The Data Controller for this service is <strong>hanjinkim</strong>.</p>
<p><strong>Data Protection Officer (DPO):</strong></p>
<p id="privacy-email-placeholder">Email: </p>
</div>
<div class="policy-section">
<h2>3. Information We Collect</h2>
<table class="policy-table">
<thead>
<tr>
<th>Category</th>
<th>Items</th>
<th>Legal Basis (GDPR Art. 6)</th>
</tr>
</thead>
<tbody>
<tr>
<td>User Content</td>
<td>Paste content body</td>
<td>Performance of a contract</td>
</tr>
<tr>
<td>Security</td>
<td>Hashed passwords (BCRYPT)</td>
<td>Legitimate interests (Security)</td>
</tr>
<tr>
<td>Technical</td>
<td>IP addresses, Access logs</td>
<td>Legitimate interests (Security)</td>
</tr>
</tbody>
</table>
</div>
<div class="policy-section">
<h2>4. Your Rights (GDPR)</h2>
<p>Under the GDPR, you have the following rights regarding your personal data:</p>
<ul>
<li><strong>Right of Access</strong>: You can request a copy of your data.</li>
<li><strong>Right to Rectification</strong>: You can request correction of inaccurate data.</li>
<li><strong>Right to Erasure ('Right to be Forgotten')</strong>: You can request deletion of your data.</li>
<li><strong>Right to Restrict Processing</strong>: You can request a limit on how we use your data.</li>
<li><strong>Right to Data Portability</strong>: You can request your data in a structured, machine-readable format.</li>
<li><strong>Right to Object</strong>: You can object to data processing based on legitimate interests.</li>
</ul>
<p>To exercise these rights, please contact our DPO via email. Note: For anonymous pastes, we may require the content's password to verify ownership.</p>
</div>
<div class="policy-section">
<h2>5. International Data Transfers</h2>
<p>Your data is stored and processed in <strong>South Korea</strong> (the location of our servers via Vercel/PostgreSQL). South Korea has an Adequacy Decision from the European Commission, ensuring an equivalent level of data protection to that of the EU (GDPR Art. 45).</p>
</div>
<div class="policy-section">
<h2>6. Data Breach Notification</h2>
<p>In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify the competent supervisory authority and the affected data subjects within <strong>72 hours</strong> of becoming aware of the breach, where feasible.</p>
</div>
<script>
(function() {
const user = "hanjinkim";
const domain = "protonmail.com";
const email = user + '@' + domain;
const placeholder = document.getElementById('privacy-email-placeholder');
if (placeholder) {
const link = document.createElement('a');
link.href = 'mailto:' + email;
link.style.color = 'var(--accent-color)';
link.textContent = email;
placeholder.appendChild(link);
}
})();
</script>
</div>
<footer class="site-footer">
<div class="container">
<hr>
<p>© 2026 KitePad. All rights reserved. <a href="https://github.com/irhdab/kitepad/tree/main" class="nav-link" target="_blank">GitHub</a> | <a href="/contact.html" class="nav-link">Contact</a> | <a href="/privacy.html" class="nav-link">Privacy Policy</a></p>
</div>
</footer>
</body>
</html>