Privacy Policy
Last updated: 2026-06-17
1. Who we are
Kindling (“we”, “us”) operates Kindling (the “Service”), available at https://kindling.writingdeveloper.blog. This policy explains what personal data we process, why, and the choices and rights you have. We act as the controller of personal data processed through the Service.
2. Data we process
We process only what the Service needs to function:
- Account data — your name, email address, and a securely hashed password, used to create and secure your account.
- Authentication & session data — session identifiers and strictly necessary cookies used to keep you signed in and protect against cross-site request forgery.
- Content — the data you create in the Service (for example, your tasks), processed to provide the product to you.
- Technical data — limited server logs (such as IP address and request metadata) needed for security and reliability.
3. Why we process it (purpose & basis)
We process personal data to provide and secure the Service, to authenticate you, to operate and improve core functionality, and to comply with legal obligations. Depending on your location, our lawful basis is the performance of our contract with you, your consent (for any optional cookies), and our legitimate interest in keeping the Service secure and reliable. We do not sell your personal data, and we do not “share” it for cross-context behavioural advertising.
4. Cookies & consent
We use strictly necessary cookies to operate the Service (authentication and security); these do not require consent. Any non-essential cookies (for example, analytics) are loaded only after you opt in through our cookie banner, and you can change or withdraw your choice at any time. Until you opt in, non-essential cookies are not set.
5. Sub-processors
We use the following third parties to process personal data on our behalf, under appropriate data-processing terms. Others are added to this list as additional integrations are enabled.
- Turso (United States) — Managed database hosting (libSQL) for account, session, and user content data. Privacy details
6. International transfers
Some sub-processors are located outside your country, including in the United States. Where personal data is transferred internationally, we rely on appropriate safeguards (such as standard contractual clauses or an equivalent recognised transfer mechanism) as required by applicable law.
7. Retention
We keep personal data only as long as needed to provide the Service and for legitimate legal, security, or accounting purposes. When you delete your account, we delete or anonymise the associated personal data within a reasonable period, except where retention is legally required.
8. Your rights
Subject to your jurisdiction, you may have the right to access, correct, delete, restrict, or port your personal data, to object to certain processing, to withdraw consent, and to opt out of any “sale” or “sharing” of personal data. You may also have the right to lodge a complaint with your local data-protection authority. We do not discriminate against you for exercising these rights.
9. Contact
To exercise any right or ask a question about this policy, contact us at privacy@example.com.