From 91554d36a57f070c125da87bdea2be0419e77c39 Mon Sep 17 00:00:00 2001 From: Gabriel Kaszewski Date: Fri, 26 Dec 2025 17:08:46 +0100 Subject: [PATCH] feat: add privacy policy page and route it in the application --- k-notes-frontend/src/App.tsx | 4 + k-notes-frontend/src/pages/privacy-policy.tsx | 293 ++++++++++++++++++ 2 files changed, 297 insertions(+) create mode 100644 k-notes-frontend/src/pages/privacy-policy.tsx diff --git a/k-notes-frontend/src/App.tsx b/k-notes-frontend/src/App.tsx index b13c659..e95bc14 100644 --- a/k-notes-frontend/src/App.tsx +++ b/k-notes-frontend/src/App.tsx @@ -4,6 +4,7 @@ import SettingsPage from "@/pages/settings"; import LoginPage from "@/pages/login"; import RegisterPage from "@/pages/register"; import DashboardPage from "@/pages/dashboard"; +import PrivacyPolicyPage from "@/pages/privacy-policy"; import Layout from "@/components/layout"; import { useSync } from "@/lib/sync"; import { useMobileStatusBar } from "@/hooks/use-mobile-status-bar"; @@ -14,6 +15,9 @@ function App() { return ( + {/* Public Routes (accessible to everyone) */} + } /> + {/* Public Routes (only accessible if NOT logged in) */} }> } /> diff --git a/k-notes-frontend/src/pages/privacy-policy.tsx b/k-notes-frontend/src/pages/privacy-policy.tsx new file mode 100644 index 0000000..c2490b9 --- /dev/null +++ b/k-notes-frontend/src/pages/privacy-policy.tsx @@ -0,0 +1,293 @@ +import { FileText, Shield, Database, Lock, Mail, Calendar } from "lucide-react"; +import { Card, CardContent, CardHeader, CardTitle } from "@/components/ui/card"; + +export default function PrivacyPolicyPage() { + const lastUpdated = "December 26, 2025"; + const appName = "K-Notes"; + + return ( +
+
+ {/* Header */} +
+
+ +
+

+ Privacy Policy +

+
+ +

Last Updated: {lastUpdated}

+
+
+ + {/* Introduction */} + + + + + Introduction + + + +
+

🏠 Self-Hosted Application

+

+ {appName} is designed as a self-hosted application. This means you run your own + instance of the backend server, and you have complete + control over your data. The app developer does not collect, store, or have + access to any of your personal information or notes. +

+
+

+ This Privacy Policy describes how the {appName} application handles data when you + self-host it. Since you control the backend infrastructure, you are responsible for + the security and privacy of your own data. +

+

+ Please read this privacy policy carefully to understand how the application processes + information on your self-hosted instance. +

+ + + + {/* Information We Collect */} + + + + + Data Stored on Your Instance + + + +

+ Important: All data described below is stored + exclusively on your self-hosted backend server. The app developer has no access to this data. +

+ +
+

Account Information

+

Your self-hosted instance stores:

+
    +
  • Email address (for account authentication on your instance)
    • +
  • Username
    • +
  • Password (hashed using industry-standard encryption)
    • +
+
+ +
+

User Content

+

Your instance stores the content you create:

+
    +
  • Notes and their content
    • +
  • Tags and categories
    • +
  • Metadata (creation date, modification date, etc.)
    • +
+
+ +
+

Technical Data

+

Your instance may log technical information:

+
    +
  • Server logs (if you enable logging)
    • +
  • Session data for authentication
    • +
  • Any other data you configure your instance to collect
    • +
+
+ + + + {/* How We Use Your Information */} + + + + + How the Application Uses Data + + + +

The {appName} application uses data stored on your instance for:

+
    +
  • Core Functionality: To provide note-taking features, organize content, and manage your account
    • +
  • Synchronization: To sync your notes across devices when using the same instance
    • +
  • Authentication: To secure your account and protect your data from unauthorized access
    • +
  • Data Integrity: To maintain the consistency and reliability of your notes
    • +
+

+ Since you control the backend, you decide how your data is used, stored, and managed. + The app developer does not have access to or control over your self-hosted instance. +

+ + + + {/* Data Storage and Security */} + + + + + Data Storage and Security + + + +

+ Your Responsibility: As a self-hosted application, + the security of your data depends on how you configure and maintain your instance. You are + responsible for securing your server infrastructure. +

+ +

+ The {appName} application includes the following security features: +

+
    +
  • Password Hashing: Passwords are hashed using industry-standard algorithms (never stored in plain text)
    • +
  • Session Management: Secure session handling for authenticated users
    • +
  • HTTPS Support: The application supports HTTPS when properly configured on your server
    • +
+ +
+

Security Recommendations:

+
    +
  • Always use HTTPS in production
    • +
  • Keep your server software and dependencies updated
    • +
  • Use strong passwords and enable proper authentication
    • +
  • Regularly backup your data
    • +
  • Follow security best practices for your hosting environment
    • +
+
+ + + + {/* Data Retention */} + + + Data Retention and Deletion + + +

+ Since you control your own {appName} instance, you have complete control over data retention: +

+
    +
  • You can delete your account and all associated data at any time through the application
    • +
  • You can export your data using the built-in export functionality
    • +
  • You control backup and archival policies for your instance
    • +
  • You can permanently delete all data by removing your instance's database
    • +
+

+ The app developer does not retain any of your data, as all information exists solely + on your self-hosted server. +

+ + + + {/* Third-Party Services */} + + + Third-Party Services and Data Sharing + + +

+ No Data Sharing by Developer: The app developer + does not share your data with any third parties, as they do not have access to it. +

+

+ However, if you integrate third-party services with your self-hosted instance (such as + external authentication providers, backup services, or hosting platforms), those services + may have access to your data according to their own privacy policies. +

+

+ Review the privacy policies of any third-party services you choose to integrate with + your instance. +

+ + + + {/* Children's Privacy */} + + + Children's Privacy + + +

+ Our service is not intended for use by children under the age of 13. We do not knowingly + collect personally identifiable information from children under 13. If you are a parent + or guardian and you are aware that your child has provided us with personal information, + please contact us so we can take necessary action. +

+ + + + {/* Your Data Rights */} + + + Your Data Rights + + +

Depending on your location, you may have the following rights regarding your personal data:

+
    +
  • Access: Request access to your personal data
    • +
  • Correction: Request correction of inaccurate data
    • +
  • Deletion: Request deletion of your personal data
    • +
  • Export: Request a copy of your data in a portable format
    • +
  • Objection: Object to processing of your personal data
    • +
+

+ You can exercise many of these rights directly through the app's settings page + (export/import data functionality). For other requests, please contact us. +

+ + + + {/* Changes to This Policy */} + + + Changes to This Privacy Policy + + +

+ We may update our Privacy Policy from time to time. We will notify you of any changes + by posting the new Privacy Policy on this page and updating the "Last Updated" date. +

+

+ You are advised to review this Privacy Policy periodically for any changes. Changes + to this Privacy Policy are effective when they are posted on this page. +

+ + + + {/* Contact Us */} + + + + + Questions or Concerns + + + +

+ If you have questions about this Privacy Policy or how {appName} handles data, + you can: +

+
    +
  • Review the source code and documentation on GitHub
    • +
  • Open an issue in the project repository
    • +
  • Contact the project maintainer
    • +
+
+

+ Remember: As the operator of your own + instance, you control your data. For questions about data stored on your server, + you are responsible for your own data management practices. +

+
+ + + + {/* Footer */} +
+

© {new Date().getFullYear()} {appName}. All rights reserved.

+
+
+
+ ); +}