Legal

Privacy Policy

Last updated: June 2025

Short version: We collect only what's necessary to run IMBEGNAL. We never sell your data, show ads, or share your information with third parties. You can delete your account anytime.

What Data We Collect

When you sign in with GitHub, we collect and store: your GitHub user ID, username, display name, avatar URL, public email address (if available), and bio. We also store your learning progress (which roadmap nodes you've marked complete) and bookmarks (certifications and courses you've saved). We do not collect passwords, payment information, or any private GitHub data.

How We Use Your Data

Your data is used solely to provide the IMBEGNAL service: displaying your profile, saving your learning progress across sessions, and showing bookmarked resources. We do not sell, share, or monetize your data. We do not use your data for advertising or tracking.

Data Storage

User data is stored in a Cloudflare D1 database (SQLite at the edge). Your authentication is managed via JWT tokens stored in your browser's localStorage. We do not use cookies for authentication.

GitHub OAuth

IMBEGNAL uses GitHub OAuth for authentication. When you click "Sign in with GitHub," you are redirected to GitHub's authorization page. We only request access to your public profile and email (scopes: user:email, read:user). We never request access to your repositories, code, or private information.

Cookies & Local Storage

IMBEGNAL does not use tracking cookies. We store your JWT authentication token in localStorage to keep you signed in. This token expires after 30 days. You can clear it at any time by signing out or clearing your browser's local storage.

Third-Party Services

The Platform links to third-party sites (Coursera, Udemy, AWS, etc.) but does not share any of your personal data with them. Visiting linked sites is subject to their own privacy policies. IMBEGNAL uses Cloudflare Workers and Cloudflare D1 for infrastructure — see Cloudflare's privacy policy for their data handling practices.

Your Rights

You can request deletion of your account and all associated data at any time by opening an issue on our GitHub repository or by contacting us. We will process data deletion requests within 30 days.

Data Security

All data transmission is encrypted via HTTPS/TLS. JWT tokens are signed with a secure secret key. We follow security best practices but cannot guarantee absolute security — no internet transmission is 100% secure.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes are reflected by the "Last Updated" date. Significant changes will be communicated via the GitHub repository.

Privacy questions or data deletion requests? Open an issue on GitHub.