Privacy Policy
Effective Date: February 26, 2026 | Last Updated: February 26, 2026
This Privacy Policy describes how QODO ("we", "us", or "our") collects, uses, and protects your personal information when you use our website at qodo.qubase.in ("the Site").
1. Information We Collect
We collect information in the following ways:
1.1 Information You Provide Directly
- Newsletter Subscription: When you subscribe to our newsletter, we collect your email address. Your subscription status (active/unsubscribed) is tracked to respect your communication preferences.
- Contact Form: When you submit a message through our contact form, we collect your name, email address, subject, and message content.
- Comments: When you post a comment on an article, we collect the comment content and associate it with the relevant post. Comments are subject to moderation before being publicly visible.
1.2 Information Collected Automatically
- Page Views: We track article view counts to understand content engagement. This data is aggregated and not linked to individual users.
- Server Logs: Our servers automatically log standard request information including IP addresses, browser type, referring URLs, and timestamps. These logs are used for security monitoring, debugging, and rate limiting enforcement.
2. How We Use Your Information
We use the collected information for the following purposes:
- Newsletter Delivery: To send periodic emails containing curated articles, technical content, and platform updates to active subscribers
- Communication: To respond to inquiries submitted via the contact form
- Content Moderation: To review and moderate user-submitted comments, ensuring they meet our community standards (comments may be approved, rejected, or flagged as spam)
- Analytics: To understand content performance, popular topics, and reader engagement patterns through aggregated view counts and engagement metrics
- Security: To protect against unauthorized access, abuse, and security threats through rate limiting, input sanitization, and request logging
- SEO: To generate dynamic sitemaps and search engine directives based on published content
3. Data Storage & Security
We implement industry-standard security measures to protect your data:
- Encryption: All administrative passwords are hashed using bcrypt before storage. Authentication tokens are signed using JWT with secure secrets.
- Input Sanitization: All user inputs are sanitized to prevent NoSQL injection attacks and cross-site scripting (XSS).
- Rate Limiting: API endpoints are rate-limited to prevent abuse and ensure fair access for all users.
- HTTP Security Headers: We use Helmet.js to set secure HTTP headers, including Content Security Policy, X-Frame-Options, and Strict-Transport-Security.
- Parameter Pollution Protection: We protect against HTTP parameter pollution attacks.
- Error Logging: Errors are logged securely using Winston for monitoring and debugging purposes. Logs do not contain sensitive personal information.
4. Data Retention
- Newsletter Subscriptions: Your email is retained as long as your subscription is active. Unsubscribing changes your status but retains the record to prevent re-subscription issues.
- Contact Messages: Messages are retained indefinitely for reference unless you request deletion.
- Comments: Approved comments remain on the Site indefinitely. Rejected or spam comments may be periodically purged.
- Server Logs: Access and error logs are retained for a reasonable period for security and debugging purposes.
5. Data Sharing & Third Parties
We do not sell, rent, or trade your personal information to third parties. Your data may only be shared in the following circumstances:
- Legal Requirements: If required by law, regulation, or legal process
- Service Providers: With trusted infrastructure providers (hosting, database services) who process data on our behalf and are bound by confidentiality obligations
- Safety: To protect the rights, property, or safety of QODO, our users, or the public
6. Cookies & Tracking
The Site may use cookies for:
- Theme Preferences: Storing your light/dark mode preference across sessions
- Authentication: Managing admin session tokens (administrative users only)
We do not use third-party tracking cookies or advertising cookies. You can manage cookie preferences through your browser settings.
7. Your Rights
You have the right to:
- Access: Request a copy of the personal data we hold about you
- Rectification: Request correction of inaccurate personal data
- Deletion: Request deletion of your personal data, subject to legal retention requirements
- Unsubscribe: Opt out of newsletter communications at any time
- Object: Object to the processing of your personal data in certain circumstances
To exercise any of these rights, please contact us at privacy@qubase.in.
8. Children's Privacy
Our Site is not directed at individuals under the age of 13. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through a notice on the Site. Your continued use of the Site after changes constitutes acceptance of the updated policy.
10. Contact
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:
