PRIVACY POLICY (sasasak.net)
Last updated: 2025-09-06

1) Introduction & Scope
sasasak.net (“we,” “us,” “our”) explains how we collect, use, share, and protect personal data when you use the Service.

2) Data We Collect
A. You provide: email, username, password (hashed), profile info (e.g., avatar, bio), posts, comments, messages, reports.
B. Automatically collected: IP address, device/browser info, approximate location (from IP), cookies, usage and diagnostic logs (including error/security logs).
C. Contact/support: messages you send to support, attachments, and metadata.
D. Optional data (if enabled): marketing preferences, social logins, polls/surveys, etc.

3) How We Use Data (Purposes)
- Account creation, authentication, and security (fraud/spam prevention).
- Operating community features (posting, comments, messaging, notifications).
- Moderation, enforcing policies, and handling reports/disputes.
- Analytics, service improvement, and personalization of content.
- (Optional) Advertising and measurement.
- Legal compliance and recordkeeping.

4) Legal Bases (where applicable, e.g., EEA/UK)
- Consent (e.g., certain cookies/marketing; optional personalization features).
- Contract (to provide the Service you request).
- Legitimate interests (security, analytics, product improvement).
- Legal obligations (e.g., responding to lawful requests).

5) Cookies & Similar Technologies
We use cookies and similar tech for login, preferences, analytics, and (if applicable) ads. You can manage cookies in your browser settings; disabling cookies may limit functionality.

6) Sharing & Disclosure
We do not sell personal data. We share data:
- With service providers/processors (hosting, analytics, email, moderation tools, payment processors) under contracts requiring appropriate safeguards.
- For legal reasons (to comply with law, enforce terms, protect users).
- With your direction or consent (e.g., integrations).

7) Third-Party Services
Links or embedded content (e.g., media, ads) are subject to those third parties’ privacy practices. Review their policies.

8) Data Retention
We keep personal data only as long as necessary for the purposes above:
- Account data: kept while your account is active; deleted or anonymized (e.g., within 90 days) after deletion request, subject to legal holds.
- Posts/comments: retained until you delete them; backups/caches may persist for a limited period.
- Logs/diagnostics: (e.g., 6 months) or as required for security and legal compliance.
Retention periods may vary based on legal obligations.

9) Children’s Privacy
The Service is not directed to children under [age threshold per local law, e.g., 13 or 16]. We do not knowingly collect personal data from children without appropriate consent.

10) International Transfers
If data is processed outside your country, we implement appropriate safeguards (e.g., contractual clauses). Details available upon request.

11) Security
We use reasonable technical and organizational measures (encryption in transit, access controls, monitoring). No system is 100% secure.

12) Your Rights
Depending on your location, you may have rights to access, correct, delete, restrict, object, or port your data, and to withdraw consent.
- Requests: support@sasasak.net
- If you believe your rights were violated, you may lodge a complaint with your local data protection authority.

13) Your Choices
- Profile/settings for communications and notifications.
- Cookie controls via browser and (if applicable) a cookie banner/settings page.
- Opt-out of marketing emails via unsubscribe links.

14) Data Controller & Contact
Data Controller/Operator: sasasak.net
Privacy inquiries: support@sasasak.net
(Address, if applicable)

15) Changes to This Policy
We may update this Policy. We will post the new date and, for material changes, provide advance notice (at least 7 days; 30 days if changes are adverse).

16) Effective Date
This Policy takes effect on 2025-09-06.