Log in Register
DOS mirror

Legal

Privacy policy & GDPR

This notice explains how this website (“we”, “us”) processes personal data when you browse or use accounts on this instance. It is written for visitors in the European Economic Area (UK GDPR / EU GDPR) and similar regimes.

Last updated: 8 May 2026

Who is responsible?

The controller of personal data for this deployment is the person or organisation operating this copy of the site on their own server or hosting. If you are a visitor and do not know who that is, check the site’s imprint, hosting provider, or contact details published by the operator.

This document describes typical processing performed by the application’s design. Your operator may adjust contact emails, retention, or hosting details in the admin settings.

What data we process

Depending on how you use the site, we may process:

  • Technical & usage data: HTTP requests your browser sends (e.g. page URLs, user agent, timestamps). These may appear in server or access logs maintained by your hosting environment.
  • Session data: A session cookie (or equivalent) to keep you signed in, remember theme preference, and support security (CSRF for forms).
  • Approximate “online now” metric: A one-way hash of the PHP session identifier and a timestamp, stored in our database to show an approximate visitor count. We do not store the raw session id in that table.
  • Registered member accounts: If you create an account: email address, password (stored hashed), display name, optional marketing preference, and timestamps.
  • Administrator accounts: Separate admin credentials, roles, optional 2FA flags, security and audit settings as configured in the admin panel.
  • Audit log (admin): Records of administrative actions (who did what and when), IP address where available, for security and accountability.
  • Location for weather (optional): If you allow browser geolocation in the utility bar, coordinates are sent from your device to Open-Meteo from your browser; our server does not receive your precise location from that request.

Data retention

We keep personal data only as long as necessary for the purposes above. Indicative periods for this application (your operator may change them):

Data category Default retention Notes
Member account (registered_users)Until deletion / closureErasure on request where applicable; backups may persist for a limited time per hosting.
Session “online” aggregates (hashed)Rows older than ~45 minutes removed opportunisticallyCounter reflects activity in the last 5 minutes only.
Admin audit logConfigurable (e.g. 365 days per admin profile)Aligned with security needs; operators may export then delete earlier.
Server / access logsSet by hosting providerNot controlled by this PHP app; ask your operator.
BackupsPer backup policyMay contain copies of the above until rotation.

Cookies & storage

We use strictly necessary session cookies for authentication and form security where applicable. Theme preference may be stored in localStorage in your browser (not sent to our server on each page view). Third-party scripts loaded by this template may set additional storage (see below).

Third-party services

  • Google Fonts (font files and optional referrer) — see Google’s privacy terms.
  • Tailwind CDN (tjscdn) — may log delivery metadata per provider policy.
  • Open-Meteo — weather requests originate from your browser if you allow location.
  • GitHub — outbound links and, for some features, API calls to public repositories per site configuration.

Mirrored catalog content comes from public Git repositories; it is not personal data about you unless you contribute identifiable information upstream.

Your rights

Subject to applicable law, you may have the right to:

  • Access personal data we hold about you (Art. 15)
  • Rectification of inaccurate data (Art. 16)
  • Erasure (“right to be forgotten”) in defined cases (Art. 17)
  • Restriction of processing (Art. 18)
  • Data portability for data you provided, where processing is automated and based on contract or consent (Art. 20)
  • Object to processing based on legitimate interests (Art. 21)
  • Withdraw consent at any time for consent-based processing (Art. 7(3))
  • Lodge a complaint with your local supervisory authority

To exercise rights, contact the operator of this site using the address or email they publish (for example the address set in admin security settings for GDPR contact). We may need to verify your identity before responding.

If you have a member account, you can use the control center (while signed in) to request deletion of your account and associated personal data held in this application.

International transfers

If personal data is processed on servers or by subprocessors outside the UK/EEA, appropriate safeguards (e.g. Standard Contractual Clauses or adequacy decisions) should be applied by the operator. Third-party CDNs and APIs listed above may process data globally.

Children

This service is not directed at children under the age where parental consent is required for data processing in your jurisdiction. We do not knowingly collect children’s data for marketing.

Automated decision-making

We do not use your personal data for solely automated decisions with legal or similarly significant effects as described in GDPR Art. 22.

Changes

We may update this policy when features or legal requirements change. The “Last updated” date at the top will be revised; material changes may be highlighted by the operator.

Contact

Privacy-related requests: use the operator’s published contact or the GDPR contact configured in the site admin (security settings). For regulatory questions, contact your supervisory authority.

Terms of Service →