Privacy

Controller and contact

The controller for this service is Jasper Anders. Privacy requests can be sent to bdf@jasperanders.xyz.

Purpose

.bdf processes document data only to provide the service: creating, storing, editing, deleting, and serving user-provided HTML documents at stable URLs.

Data processed

For each document, the application stores the document title, document HTML, edit and view bearer tokens, creation and update timestamps, and an optional expiry timestamp. Hosting and runtime infrastructure may handle technical request data such as IP address, user agent, request path, timestamp, and transport metadata for delivery, security, abuse prevention, and operations.

Production document data is hosted on Fly.io Tigris S3-compatible object storage.

No accounts or profiling

The service has no accounts, no separate user profiles, no profiling, no sale of personal data, no advertising use, and no unrelated secondary use of document data.

Deletion

Deleting a document deletes the document HTML and metadata/tokens from active application storage. Because the app keeps no separate accounts or person profiles, that is all application data held for that document. If the same person appears in multiple documents, each document must be deleted separately.

GDPR rights

Where the GDPR applies, you may have rights to access, rectification, erasure, restriction of processing, data portability, objection, and complaint to a supervisory authority. Requests can be sent to bdf@jasperanders.xyz.

Limitations

The service is provided without guarantees of uninterrupted availability, permanent retention, legal suitability of user-provided documents, or correctness of content supplied by users, to the maximum extent permitted by law.