Legal
Privacy Policy
1. Summary
- No cookies. No first-party cookies, no
localStorage, nosessionStorage. - No analytics. No Google Analytics, no pixels, no fingerprinting, no tracking of any kind.
- No accounts. Nothing to log in to.
- One optional form. The "Share Feedback!" button opens a textbox; if you send it, we receive what you typed plus minimal technical context.
- Third-party fonts. The home page loads Roboto Condensed from Google Fonts. The other pages self-host their fonts.
2. Who we are
The operator of WC3 DataCraft is the data controller for the processing described in this policy. We are an independent, non-commercial fan project. For all privacy matters, contact us at datacraftwc3@gmail.com. This single address functions as the point of contact required by applicable data-protection law.
3. What we collect
If — and only if — you choose to open the "Share Feedback!" modal and press send, the following payload is submitted to our feedback endpoint:
| Field | Example |
|---|---|
| category | "Wrong Number", "Suggestion", "Other" |
| message | Free text you typed (max 4 000 characters) |
| page | The URL of the page you were on |
| userAgent | Your browser + operating system string |
| timestamp | ISO 8601 datetime |
Because the request reaches Google's servers, Google also observes your IP address at the moment of submission. Please do not include sensitive personal data or third parties' data in your feedback; if you do so accidentally, contact us and we will delete it.
For any other page visit, we collect nothing on our side. Your hosting provider may keep standard web access logs (IP, request, status, timestamp) for operational reasons.
4. Third-party services
The site loads resources from these third parties. Each can see your IP and the URL you requested:
- Render (USA) — hosts the site and keeps standard access logs.
- Cloudflare (USA) — handles DNS.
- Google (USA) — supplies Roboto Condensed (home page only) and runs the feedback endpoint when you press send.
Their privacy policies: render.com/privacy, cloudflare.com/privacypolicy, policies.google.com/privacy. All three are US-based; using the site involves a routine transfer of request metadata to the U.S.
5. Why we process it
- Consent — for the feedback form, processed only when you choose to send it. You may withdraw consent at any time by writing to the contact in §2.
- Legitimate interest — for the basic operation of the site (serving fonts, keeping access logs to identify abuse). Our legitimate interest is to operate a free, ad-free, education-oriented resource; we balance this against your rights by collecting nothing more than is necessary and by never combining data with identifying sources.
- Compliance — to respond to valid legal process where required by applicable law.
6. Retention
- Feedback submissions — kept while they remain useful, typically up to 24 months. Earlier deletion on request.
- Hosting access logs — kept by the hosting provider under that provider's default retention, generally 14 to 90 days.
- No long-term identifiers are kept by us.
7. Your rights
Wherever you are, you have the right to:
- Access the personal data we hold about you;
- Correct inaccurate or incomplete data;
- Delete data we hold about you (subject to limited exceptions);
- Object to or restrict processing;
- Port your data in a structured, common format;
- Withdraw consent at any time, with prospective effect;
- Complain to a competent supervisory authority in your country of residence.
To exercise any of these rights, write to datacraftwc3@gmail.com with "Privacy request" in the subject. We respond within 30 days (or sooner where applicable law requires it). We may ask for additional information to verify your identity before acting on the request.
The site is not directed at children under 13 (under 16 in the EEA). We do not knowingly collect personal data from children; if you believe a child has submitted feedback, contact us and we will delete it.
8. Region-specific notices
European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR). Our legal bases in §5 correspond to Articles 6(1)(a) (consent) and 6(1)(f) (legitimate interest) of the GDPR. You have the additional rights listed in Articles 15–22, plus the right to lodge a complaint with your national supervisory authority. Cross-border transfers to the United States rely on Article 49(1)(a) (explicit consent) for feedback and on the standard mechanisms described in §4 for incidental requests.
United States (California and other states). We do not "sell" or "share" personal information as those terms are defined under the California Consumer Privacy Act (Cal. Civ. Code §1798.100 et seq.) and have not done so in the past twelve months. We do not engage in cross-context behavioral advertising. California residents and residents of other states with comparable privacy laws (Colorado, Connecticut, Virginia, Utah, Texas, and others) may exercise the rights listed in §7 by writing to the address above. We honor verifiable opt-out preference signals where applicable.
Brazil (LGPD). The processing in this policy is compatible with the Lei Geral de Proteção de Dados (Lei 13.709/2018). Your rights under LGPD Article 18 are operationalised through §7; complaints may be filed with the Autoridade Nacional de Proteção de Dados (gov.br/anpd).
9. Security, changes, contact
Security. The site is served over HTTPS and the feedback endpoint runs on Google's infrastructure. No method of transmission or storage is perfectly secure; if a security incident affects your data, we will notify you and any competent authority in line with applicable law.
Changes. We may update this policy from time to time. The "Last updated" date above reflects the most recent revision. Material changes — such as introducing analytics, cookies, or new categories of data — will be announced on the homepage at least 30 days before they take effect.
Contact. For any privacy question or request, write to datacraftwc3@gmail.com.