Data We Collect

We collect your login ID, IP address, device/browser information, and API request logs.

How We Use Data

Data is used solely for authentication, rate limiting, audit logging, and security.

Data Security

Rotating session tokens (authkey + remember_token) are regenerated on every login. Token mismatch = automatic logout. Prepared SQL statements prevent injection. Same-site httponly cookies are enforced.

Single Session Policy

Each login generates new auth tokens, invalidating all previous sessions for that account. This prevents concurrent logins from multiple devices.

Third Parties

Cloudflare Turnstile is used for bot protection on login and contact forms. No data is sold.

Log Retention

Request logs are retained for audit purposes. Admins may clear logs at any time.