BlazeNeuro

Privacy Policy

Last updated: April 2, 2026

1. Introduction

Welcome to BlazeNeuro ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application and services.

2. Information We Collect

2.1 Information You Provide

  • Account Information: When you create an account, we collect your name, email address, and password (encrypted).
  • Profile Information: Optional profile picture and other profile details you choose to provide.
  • Content: Blog posts, comments, feedback (likes/dislikes), and other content you create or submit.

2.2 OAuth Authentication Data

When you sign in using OAuth providers (Google, GitHub, etc.), we collect:

  • Provider ID: Unique identifier from the OAuth provider
  • Access Tokens: Encrypted OAuth access tokens for API access
  • Refresh Tokens: Encrypted refresh tokens for maintaining session
  • Token Expiry: Timestamp for token validity
  • Scope: Permissions granted by you to our application
  • Profile Data: Name, email, and profile picture from your OAuth provider

2.3 Automatically Collected Information

  • Session Data: Session tokens, IP addresses, and session expiry times
  • Device Information: Browser type, operating system, and device identifiers
  • Usage Data: Pages visited, time spent, and interaction patterns
  • Cookies: Session cookies and preference cookies

3. OAuth Data Flow

3.1 Authorization Process

  1. You initiate OAuth login by clicking on a provider (Google, GitHub, etc.)
  2. You are redirected to the provider's authorization page
  3. You grant permissions to BlazeNeuro
  4. Provider redirects back with an authorization code
  5. We exchange the code for access and refresh tokens
  6. Tokens are encrypted and stored in our database
  7. A session is created with encrypted session token

3.2 Token Storage and Security

  • All OAuth tokens are encrypted using industry-standard encryption (AES-256)
  • Tokens are stored in our secure PostgreSQL database
  • Access tokens are used only for authorized API calls to the provider
  • Refresh tokens are used only to obtain new access tokens when expired
  • Tokens are never shared with third parties
  • Tokens are deleted when you revoke access or delete your account

3.3 Data Retrieved from OAuth Providers

We only request and store the minimum necessary data:

  • Google: Email, name, profile picture, and user ID
  • GitHub: Email, name, profile picture, and user ID
  • Other Providers: Similar basic profile information

4. How We Use Your Information

  • Account Management: Create and manage your account
  • Authentication: Verify your identity and maintain sessions
  • Service Delivery: Provide access to blog content and features
  • Personalization: Customize your experience
  • Communication: Send important updates and notifications
  • Analytics: Understand usage patterns and improve our services
  • Security: Detect and prevent fraud, abuse, and security incidents

5. Data Sharing and Disclosure

5.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties.

5.2 Limited Sharing

We may share your information only in these circumstances:

  • With Your Consent: When you explicitly authorize sharing
  • Service Providers: Trusted third-party services (hosting, analytics) under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In case of merger, acquisition, or asset sale
  • Protection: To protect our rights, property, or safety, or that of our users

6. Data Retention

  • Account Data: Retained while your account is active
  • OAuth Tokens: Retained until you revoke access or delete your account
  • Session Data: Automatically deleted after expiration (typically 30 days)
  • Blog Content: Retained indefinitely unless you delete it
  • Deleted Accounts: Personal data deleted within 30 days of account deletion

7. Your Rights and Choices

  • Access: Request a copy of your personal data
  • Correction: Update or correct your information
  • Deletion: Request deletion of your account and data
  • Portability: Export your data in a machine-readable format
  • Opt-Out: Unsubscribe from marketing communications
  • Revoke OAuth: Disconnect OAuth providers from your account
  • Cookie Control: Manage cookie preferences in your browser

8. Security Measures

  • End-to-end encryption for sensitive data
  • Secure HTTPS connections for all communications
  • Regular security audits and updates
  • Access controls and authentication mechanisms
  • Encrypted database storage
  • Secure token management and rotation
  • Protection against common vulnerabilities (SQL injection, XSS, CSRF)

9. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

11. Third-Party Services

Our application integrates with:

  • OAuth Providers: Google, GitHub (governed by their privacy policies)
  • Hosting Services: For application and database hosting
  • Analytics: For understanding usage patterns

We are not responsible for the privacy practices of these third-party services.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at:

  • Email: privacy@blazeneuro.com
  • Address: BlazeNeuro, [Your Address]

14. Data Protection Officer

For EU residents, you may contact our Data Protection Officer at: dpo@blazeneuro.com

15. Consent

By using our service, you consent to our Privacy Policy and agree to its terms. If you do not agree with this policy, please do not use our service.