Introduction

Linite (“we”, “our”, or “us”) operates linite.sagyamthapa.com.np (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using the Service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

1. Information You Provide

When you create an account or use our Service, we collect:

• Email address: Used for account creation and authentication
• Name: Display name from your OAuth provider
• Profile picture: Avatar image from your OAuth provider

2. Authentication Data

We use third-party OAuth providers for authentication:

• GitHub OAuth: When you sign in with GitHub, we receive your email, name, and profile picture
• Google OAuth: When you sign in with Google, we receive your email, name, and profile picture

We store OAuth tokens (access tokens, refresh tokens, ID tokens) securely to maintain your authenticated session.

3. Automatically Collected Information

When you use our Service, we automatically collect:

• Session data: IP address, user agent, session tokens
• Usage data: App selections and installation command generation (not permanently stored)
• Rate limiting data: Request counts to prevent API abuse

4. Information We Do NOT Collect

• Installation history: We do not track which apps you install or commands you execute
• Payment information: The Service is free and does not collect financial data
• Personal identification beyond OAuth: No phone numbers, addresses, or additional personal details
• Browsing behavior: No third-party tracking cookies or analytics beyond basic usage

How We Use Your Information

We use collected information to:

1. Provide the Service: Generate package installation commands based on your selections
2. Authentication: Verify your identity and maintain secure sessions
3. Admin access: Grant administrative privileges to authorized users
4. Rate limiting: Prevent API abuse and ensure fair usage
5. Service improvement: Understand usage patterns to improve the Service
6. Communication: Send service-related notifications (if necessary)

Data Storage and Security

Storage Locations

Your data is stored in the following services:

• Turso (libSQL): User accounts, sessions, and application catalog data
• Upstash Redis: Temporary rate limiting data
• Azure Blob Storage: Application icons (not user data)

Security Measures

We implement industry-standard security measures:

• Encryption: All data transmission uses HTTPS/TLS
• Secure authentication: OAuth 2.0 with secure token storage
• Access control: Role-based access for admin functionality
• Database security: Authenticated connections to Turso database
• Session management: Secure session tokens with expiration
• Rate limiting: Protection against abuse and DoS attacks

Data Retention

• Active accounts: Data retained while your account is active
• Inactive accounts: May be deleted after extended periods of inactivity
• Session data: Automatically expired based on session timeout
• Rate limiting data: Cleared periodically (typically within 24 hours)

Third-Party Services

We use the following third-party services that may collect data:

Authentication Providers

• GitHub: GitHub Privacy Policy
• Google: Google Privacy Policy

Infrastructure and Storage

• Vercel: Hosting platform - Vercel Privacy Policy
• Turso: Database hosting - Turso Privacy Policy
• Azure: Blob storage for icons - Microsoft Privacy Policy
• Upstash: Redis for rate limiting - Upstash Privacy Policy

External Package APIs

We query these APIs to fetch package information (no user data is shared):

• Flathub API
• Snapcraft API
• Repology API
• AUR (Arch User Repository)

Your Rights

You have the right to:

1. Access: Request a copy of your personal data
2. Correction: Update or correct your account information
3. Deletion: Request deletion of your account and associated data
4. Withdraw consent: Revoke permission for data processing
5. Data portability: Export your data in a machine-readable format
6. Object: Object to certain types of data processing

To exercise these rights, contact us at sagyamthapa32@gmail.com.

Account Deletion

To delete your account:

1. Sign in to the Service
2. Navigate to account settings
3. Request account deletion

Or contact us at sagyamthapa32@gmail.com.

Upon deletion, we will:

• Remove your user profile data
• Invalidate all active sessions
• Delete authentication tokens
• Retain anonymized logs for security purposes (if applicable)

Children's Privacy

The Service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected data from a child under 13, contact us immediately.

International Data Transfers

Your data may be transferred to and stored in servers located outside your country of residence. By using the Service, you consent to such transfers. We ensure appropriate safeguards are in place for international data transfers.

Cookies and Tracking

We use minimal cookies and tracking:

• Essential cookies: Required for authentication and session management
• No advertising cookies: We do not use third-party advertising trackers
• No analytics beyond basics: Minimal usage tracking for service functionality

Changes to This Privacy Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated “Last Updated” date. Continued use of the Service after changes constitutes acceptance of the updated policy.

We will notify users of significant changes via:

• Email notification (for major changes)
• Banner on the Service
• GitHub repository announcement

Open Source

Linite is open source software licensed under the MIT License. The source code is available at https://github.com/Sagyam/linite. While the code is public, user data and authentication credentials are not exposed.

Contact Us

If you have questions or concerns about this Privacy Policy:

• Email: sagyamthapa32@gmail.com
• GitHub Issues: https://github.com/Sagyam/linite/issues
• GitHub Discussions: https://github.com/Sagyam/linite/discussions

Legal Compliance

We comply with applicable data protection laws, including:

• GDPR (General Data Protection Regulation) for EU users
• CCPA (California Consumer Privacy Act) for California users
• Other applicable regional privacy laws

Data Breach Notification

In the event of a data breach that compromises your personal information, we will:

1. Investigate and contain the breach
2. Notify affected users within 72 hours
3. Provide details about the breach and steps taken
4. Offer guidance on protective measures