kunalverma2512 · ArshiBansal · Jun 8, 2026 · coderabbitai · Jun 8, 2026
diff --git a/frontend/src/components/privacy/PrivacyChanges.jsx b/frontend/src/components/privacy/PrivacyChanges.jsx
@@ -0,0 +1,24 @@
+import PrivacySection from "./PrivacySection";
+
+export default function PrivacyChanges() {
+  return (
+    <PrivacySection
+      number="10"
+      title="Changes to This Privacy Policy"
+      bg="bg-[#eeeeee]"
+      reverse
+    >
+      <p>We may update our Privacy Policy from time to time.</p>
+
+      <p>
+        We will notify you of any changes by posting the new Privacy Policy on
+        this page and updating the "Effective Date" at the top.
+      </p>
+
+      <p>
+        You are advised to review this Privacy Policy periodically for any
+        changes.
+      </p>
+    </PrivacySection>
+  );
+}
diff --git a/frontend/src/components/privacy/PrivacyChildren.jsx b/frontend/src/components/privacy/PrivacyChildren.jsx
@@ -0,0 +1,20 @@
+import PrivacySection from "./PrivacySection";
+
+export default function PrivacyChildren() {
+  return (
+    <PrivacySection number="09" title="Children's Privacy" bg="bg-[#efefef]">
+      <p>Our Service does not address anyone under the age of 13.</p>
+
+      <p>
+        We do not knowingly collect personally identifiable information from
+        anyone under the age of 13.
+      </p>
+
+      <p>
+        If you are a parent or guardian and you are aware that your child has
+        provided us with Personal Data, please contact us so we can take steps
+        to remove that information from our servers.
+      </p>
+    </PrivacySection>
+  );
+}
diff --git a/frontend/src/components/privacy/PrivacyContact.jsx b/frontend/src/components/privacy/PrivacyContact.jsx
@@ -0,0 +1,17 @@
+import PrivacySection from "./PrivacySection";
+
+export default function PrivacyContact() {
+  return (
+    <PrivacySection number="11" title="Contact Us" bg="bg-[#ededed]">
+      <p>
+        If you have any questions, concerns, or requests regarding this Privacy
+        Policy, please contact the repository maintainer via GitHub issues or
+        email:
+      </p>
+
+      <div className="inline-block border-[3px] border-black px-5 py-3 font-black">
+        [Insert Your Email Address Here]
+      </div>
-      <div className="inline-block border-[3px] border-black px-5 py-3 font-black">
-        [Insert Your Email Address Here]
-      </div>
+      <a
+        href="mailto:privacy@yourdomain.com"
+        className="inline-block border-[3px] border-black px-5 py-3 font-black underline"
+      >
+        privacy@yourdomain.com
+      </a>
-      <div className="inline-block border-[3px] border-black px-5 py-3 font-black">
-        [Insert Your Email Address Here]
-      </div>
+      <a
+        href="mailto:privacy@yourdomain.com"
+        className="inline-block border-[3px] border-black px-5 py-3 font-black underline"
+      >
+        privacy@yourdomain.com
+      </a>
+    </PrivacySection>
+  );
+}
diff --git a/frontend/src/components/privacy/PrivacyCookies.jsx b/frontend/src/components/privacy/PrivacyCookies.jsx
@@ -0,0 +1,33 @@
+import PrivacySection from "./PrivacySection";
+
+export default function PrivacyCookies() {
+  return (
+    <PrivacySection
+      number="04"
+      title="Cookies and Session Management"
+      bg="bg-[#f5f5f5]"
+      reverse
+    >
+      <ul className="list-disc ml-6 space-y-4">
+        <li>
+          We use strict, privacy-first cookie practices. We do not use tracking,
+          advertising, or third-party marketing cookies.
+        </li>
+
+        <li>
+          Authentication Cookies: We use HttpOnly, Secure, and SameSite
+          configured cookies exclusively for maintaining your login session.
+          Because these are HttpOnly, they cannot be accessed by malicious
+          client-side scripts, protecting you from Cross-Site Scripting (XSS)
+          attacks.
+        </li>
+
+        <li>
+          Necessity: Because these cookies are strictly necessary for the
+          authentication and security of the Service, they cannot be declined if
+          you wish to use a registered account.
+        </li>
+      </ul>
+    </PrivacySection>
+  );
+}
diff --git a/frontend/src/components/privacy/PrivacyInfoCollect.jsx b/frontend/src/components/privacy/PrivacyInfoCollect.jsx
@@ -0,0 +1,81 @@
+import PrivacySection from "./PrivacySection";
+
+export default function PrivacyInfoCollect() {
+  return (
+    <PrivacySection
+      number="02"
+      title="Information We Collect"
+      bg="bg-[#fafafa]"
+      reverse
+    >
+      <p>
+        We collect several different types of information for various purposes
+        to provide and improve our Service to you.
+      </p>
+
+      <div>
+        <h3 className="font-black uppercase mb-3">2.1 Personal Data</h3>
+
+        <ul className="list-disc ml-6 space-y-2">
+          <li>Account Credentials: Email address and encrypted passwords.</li>
+
+          <li>
+            Profile Information: Your chosen display name, avatar, and optional
+            biographical information.
+          </li>
+        </ul>
+      </div>
+
+      <div>
+        <h3 className="font-black uppercase mb-3">
+          2.2 Third-Party Integrations Data
+        </h3>
+
+        <ul className="list-disc ml-6 space-y-2">
+          <li>
+            Codeforces Data: Your public competitive programming history,
+            including submission verdicts, algorithmic tags, contest history,
+            and rating changes.
+          </li>
+
+          <li>
+            GitHub Data: When you authenticate via GitHub OAuth, we receive your
+            GitHub User ID, public profile information, and a read-only token.
+            We use this to fetch your public repositories, commit history,
+            contribution graph, and language usage. We do not request, access,
+            or store data from your private repositories.
+          </li>
+        </ul>
+      </div>
+
+      <div>
+        <h3 className="font-black uppercase mb-3">
+          2.3 User-Generated Content
+        </h3>
+
+        <ul className="list-disc ml-6 space-y-2">
+          <li>
+            APEX AI Interactions: We collect and store the chat messages,
+            prompts, and context data you send to our APEX AI coach, as well as
+            the AI-generated responses, to maintain your conversation history.
+          </li>
+        </ul>
+      </div>
+
+      <div>
+        <h3 className="font-black uppercase mb-3">2.4 Usage and Log Data</h3>
+
+        <ul className="list-disc ml-6 space-y-2">
+          <li>
+            When you access the Service, our hosting providers (Vercel and
+            Render) may automatically collect standard log data. This Usage Data
+            may include information such as your device's Internet Protocol (IP)
+            address, browser type, browser version, the pages of our Service
+            that you visit, the time and date of your visit, and other
+            diagnostic data.
+          </li>
+        </ul>
+      </div>
+    </PrivacySection>
+  );
+}
diff --git a/frontend/src/components/privacy/PrivacyInfoUse.jsx b/frontend/src/components/privacy/PrivacyInfoUse.jsx
@@ -0,0 +1,41 @@
+import PrivacySection from "./PrivacySection";
+
+export default function PrivacyInfoUse() {
+  return (
+    <PrivacySection
+      number="03"
+      title="How We Use Your Information"
+      bg="bg-[#f7f7f7]"
+    >
+      <ul className="list-disc ml-6 space-y-4">
+        <li>
+          To Provide and Maintain the Service: Ensuring your dashboard loads
+          correctly with your latest statistics.
+        </li>
+
+        <li>
+          To Manage Your Account: Verifying your identity and securing your
+          login session.
+        </li>
+
+        <li>
+          To Personalize the Experience: Compiling your Codeforces and GitHub
+          data to calculate proprietary metrics like Skill Decay and Consistency
+          Scores.
+        </li>
+
+        <li>
+          To Power APEX AI: Supplying your real-time performance metrics to the
+          Google Gemini AI model so it can act as a highly contextualized coding
+          coach.
+        </li>
+
+        <li>
+          To Communicate With You: Sending transactional emails, such as
+          One-Time Passwords (OTPs) for registration and password resets. We do
+          not use your email for marketing spam.
+        </li>
+      </ul>
+    </PrivacySection>
+  );
+}
diff --git a/frontend/src/components/privacy/PrivacyIntro.jsx b/frontend/src/components/privacy/PrivacyIntro.jsx
@@ -0,0 +1,32 @@
+import PrivacySection from "./PrivacySection";
+
+export default function PrivacyIntro() {
+  return (
+    <PrivacySection number="01" title="Introduction" bg="bg-white">
+      <p>
+        Welcome to CodeLens ("we", "our", or "us"). CodeLens is an independent,
+        open-source project maintained by an individual developer. We are
+        committed to protecting your personal information and your right to
+        privacy. This Privacy Policy governs the privacy policies and practices
+        of our official website, application, and all associated services
+        (collectively, the "Service").
+      </p>
+
+      <p>
+        By accessing or using CodeLens, you agree to the collection and use of
+        information in accordance with this Privacy Policy. If you do not agree
+        with the terms of this Privacy Policy, please do not access the Service.
+      </p>
+
+      <p>
+        Self-Hosting Disclaimer: Please note that this Privacy Policy applies
+        exclusively to the official, primary hosted instance of CodeLens (e.g.,
+        codelensx.vercel.app). If you choose to fork, deploy, or self-host your
+        own instance of the CodeLens open-source repository, you act as the data
+        controller for your instance and are solely responsible for managing
+        user data, maintaining your own privacy policy, and ensuring legal
+        compliance.
+      </p>
+    </PrivacySection>
+  );
+}
diff --git a/frontend/src/components/privacy/PrivacyRetention.jsx b/frontend/src/components/privacy/PrivacyRetention.jsx
@@ -0,0 +1,31 @@
+import PrivacySection from "./PrivacySection";
+
+export default function PrivacyRetention() {
+  return (
+    <PrivacySection number="07" title="Data Retention" bg="bg-[#f1f1f1]">
+      <p>
+        We will retain your Personal Data only for as long as is necessary for
+        the purposes set out in this Privacy Policy.
+      </p>
+
+      <ul className="list-disc ml-6 space-y-4">
+        <li>
+          Active Accounts: Your profile data, synced statistics, and chat logs
+          are retained as long as your account remains active.
+        </li>
+
+        <li>
+          OTPs: Security codes are automatically purged from our database after
+          10 minutes.
+        </li>
+
+        <li>
+          Server Logs: Standard access and error logs collected by our hosting
+          infrastructure (Vercel/Render) are strictly retained for a short
+          period (typically 30 days) solely for debugging, monitoring, and
+          security purposes before being automatically deleted.
+        </li>
+      </ul>
+    </PrivacySection>
+  );
+}
diff --git a/frontend/src/components/privacy/PrivacyRights.jsx b/frontend/src/components/privacy/PrivacyRights.jsx
@@ -0,0 +1,39 @@
+import PrivacySection from "./PrivacySection";
+
+export default function PrivacyRights() {
+  return (
+    <PrivacySection
+      number="08"
+      title="Your Data Protection Rights"
+      bg="bg-[#f0f0f0]"
+      reverse
+    >
+      <p>
+        Depending on your region, you may have certain data protection rights.
+        We aim to take reasonable steps to allow you to correct, amend, delete,
+        or limit the use of your Personal Data.
+      </p>
+
+      <ul className="list-disc ml-6 space-y-4">
+        <li>
+          Access and Update: You can review and update your profile information
+          directly within the Account Center.
+        </li>
+
+        <li>
+          Revoke Access: You can disconnect your GitHub or Codeforces
+          integrations at any time from your dashboard, which will stop future
+          data syncing.
+        </li>
+
+        <li>
+          Account Deletion: If you wish to be completely removed from our
+          systems, please contact us. Upon request, we will permanently delete
+          your account, including all synced metrics and chat history. All
+          requested account and data deletions will be completed within 30 days
+          of the request.
+        </li>
+      </ul>
+    </PrivacySection>
+  );
+}
diff --git a/frontend/src/components/privacy/PrivacySection.jsx b/frontend/src/components/privacy/PrivacySection.jsx
@@ -0,0 +1,42 @@
+export default function PrivacySection({
+  number,
+  title,
+  children,
+  bg = "bg-white",
+  reverse = false,
+}) {
+  return (
+    <section
+      id={`section-${number}`}
+      className={`${bg} border-y-[2px] border-black`}
+    >
+      <div className="max-w-7xl mx-auto px-6 py-20">
+        <div
+          className={`grid lg:grid-cols-12 gap-10 ${
+            reverse ? "lg:[&>*:first-child]:order-2" : ""
+          }`}
+        >
+          {/* Left Heading Column */}
+          <div className="lg:col-span-3">
+            <div className="sticky top-24">
+              <p className="text-sm font-black tracking-[0.25em] uppercase mb-3">
+                Section {number}
+              </p>
+
+              <h2 className="text-3xl lg:text-4xl font-black uppercase leading-tight">
+                {title}
+              </h2>
+            </div>
+          </div>
+
+          {/* Right Content Column */}
+          <div className="lg:col-span-9">
+            <div className="text-base leading-8 text-gray-700 space-y-5">
+              {children}
+            </div>
+          </div>
+        </div>
+      </div>
+    </section>
+  );
+}
diff --git a/frontend/src/components/privacy/PrivacySecurity.jsx b/frontend/src/components/privacy/PrivacySecurity.jsx
@@ -0,0 +1,20 @@
+import PrivacySection from "./PrivacySection";
+
+export default function PrivacySecurity() {
+  return (
+    <PrivacySection number="06" title="Data Security" bg="bg-[#f2f2f2]" reverse>
+      <p>
+        The security of your data is important to us, but remember that no
+        method of transmission over the Internet or method of electronic storage
+        is 100% secure.
+      </p>
+
+      <p>
+        While we strive to use commercially acceptable means to protect your
+        Personal Data (including bcrypt password hashing, hashed OTPs, and HTTPS
+        encryption in transit), we cannot guarantee its absolute security. You
+        use the Service at your own risk.
+      </p>
+    </PrivacySection>
+  );
+}