Privacy Policy
Introduction
AnieLab ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at anielab.app (the "Platform").
By using the Platform, you consent to the data practices described in this policy. If you do not agree with any part of this policy, please do not use our services.
Information We Collect
Account Information
When you create an account, we collect: - Email address - Display name (optional) - Password (hashed using argon2id — we never store plain-text passwords) - Passkey credentials (public key only) if you choose to use passkey authentication
Profile Information
You may optionally provide: - Avatar image - Biography - Social media links - Portfolio or project samples
Project & Content Data
We store the content you create, upload, or collaborate on, including: - Project files, assets, and descriptions - Comments and communications - Task assignments and team memberships
Authentication Data
When you use authentication features, we collect: - Two-factor authentication (2FA) configuration - Recovery codes (stored as hashes) - Login attempt records (for security monitoring) - Session activity logs - OAuth provider information (if you sign in with Google)
Technical Data
We automatically collect: - IP address - Browser type and version - Device information - Pages visited and interactions - Time and date of visits - Referring website addresses
How We Use Your Information
We use the collected information to:
- Operate, maintain, and improve the Platform
- Process your account registration and authentication
- Send transactional emails (verification codes, password resets, security alerts)
- Enable collaboration features between users
- Detect and prevent fraud, abuse, and security incidents
- Comply with legal obligations
- Communicate with you about platform updates and changes
We do NOT: - Sell your personal information to third parties - Use your content for advertising purposes - Share your data with data brokers
Data Storage & Security
We implement industry-standard security measures to protect your data:
- Passwords are hashed using argon2id with salt
- Session tokens are encrypted
- Data is transmitted over HTTPS
- Database connections are restricted to authorized services
- Access logs are monitored for suspicious activity
Your data is stored on our secure servers. File assets may be stored on Backblaze B2 and delivered via BunnyCDN. Email services are handled by Brevo (formerly Sendinblue).
Data Retention
We retain your data for as long as your account is active. If you delete your account:
- Your data enters a 30-day grace period during which you can restore your account
- After 30 days, we permanently delete your personal data and project files
- Content you contributed to shared projects may remain accessible to other team members after deletion
- Login attempt records are retained for 90 days for security analysis
We may retain certain data as required by law or for legitimate business purposes.
Third-Party Services
We use the following third-party services:
- Brevo (Sendinblue) — Transactional email delivery
- Backblaze B2 — File storage
- BunnyCDN — Content delivery network
- Google OAuth — Optional sign-in integration
- Meilisearch — Search functionality
- MinIO — Development file storage
- PostgreSQL — Database
- Redis — Session and cache management
Each service provider has its own privacy policy governing the use of your data. We select providers who maintain strong privacy and security standards.
Cookies & Tracking
We use essential cookies for:
- Authentication and session management
- CSRF protection
- Theme preference (dark/light mode)
We do not use tracking cookies, advertising cookies, or third-party analytics cookies. You can control cookie settings through your browser preferences. Disabling essential cookies may affect platform functionality.
Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Restrict or object to processing of your data
- Data portability
- Withdraw consent at any time
To exercise these rights, contact us at privacy@anielab.app or use the Settings page to manage your data.
Children's Privacy
The Platform is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal data, we will delete it promptly. If you believe a child has provided us with personal data, please contact us.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify users of material changes via email or through the Platform. Changes take effect immediately upon posting. Your continued use of the Platform after changes constitutes acceptance of the updated policy.
The most current version of this policy will always be available on this page.
Contact
If you have questions or concerns about this Privacy Policy or our data practices, please contact us:
Email: privacy@anielab.app Platform: https://anielab.app
We will respond to your inquiry within 30 days.
2026 © AnieLab