Privacy Policy

This Privacy Policy describes how the ARCHI online service (“ARCHI”, “we”, “us”) collects, uses, and protects personal data when you use our website and related applications.

The operator responsible for your data is the person or organisation that deploys and administers this instance of ARCHI (the “Controller”). If contact details are published on the site (for example in the footer or About page), you may use them for privacy-related requests.

Account and profile: email address, display name, password (stored only as a cryptographic hash; we do not store your password in plain text), interface language, and optional profile preferences (for example map location label, wallpaper, UI theme, notification level, auto-translate preference). Some older accounts may still have a phone number stored from a previous registration form.

Verification: one-time or short-lived codes sent by email (and related delivery metadata held by your email provider, for example Resend or your SMTP host).

Content you submit: news posts, marketplace listings, job posts, comments, chat messages, and any images, links, or media you attach. Listings and job posts may include a contact phone number you choose to publish.

Technical data: when you use the service, standard server and application logs may include IP address, approximate timestamps, device/browser type, and URLs requested, as needed for security, debugging, and abuse prevention.

To create and secure your account, authenticate you, and send verification codes to your email address (and, where configured, other email notifications).

To operate community features: displaying posts, listings, jobs, comments, and chat to other users in line with how the product works.

To enforce our rules and the law: automated or manual content checks (including optional third-party moderation tools if enabled by the operator), fraud prevention, and responding to valid legal requests.

To improve reliability and safety of the service (logging, error diagnostics), and to respect your preferences (language, theme, location on the map if you save it).

Where GDPR or the UK GDPR applies, we rely on: performance of a contract (providing the service you signed up for); legitimate interests (security, anti-abuse, product improvement balanced against your rights); consent where required (for example optional features clearly presented as such); and legal obligation where the law requires us to process data.

We do not sell your personal data. We share data only as needed to run ARCHI:

Infrastructure and hosting: servers and databases chosen by the operator of this deployment.

Messaging: email delivery via providers such as Resend or SMTP when the operator configures them (for example registration codes and optional notifications).

Optional moderation: if enabled, short text segments may be sent to an external moderation API (for example OpenAI) solely to detect disallowed content before or after publication, according to the operator’s configuration.

Other users: content you post in public or semi-public areas (news, listings, chat, comments) is visible as designed by the product, including your display name or email-derived identifier where the interface shows it.

Legal: we may disclose information if required by law or to protect rights, safety, and integrity of users and the service.

We use cookies or similar storage as needed to keep you logged in (session / authentication), remember preferences where applicable, and maintain basic security. You can control cookies through your browser settings; disabling essential cookies may prevent sign-in from working.

We keep account and content data while your account exists and the operator keeps the service running, unless a shorter period is required by law or chosen by the operator.

Verification codes are short-lived. Logs may be rotated or deleted according to server configuration.

If you ask to delete your account, the operator should erase or anonymise personal data unless retention is required by law.

Depending on your location, you may have the right to access, correct, delete, restrict, or object to certain processing of your personal data, and to data portability. You may also withdraw consent where processing is consent-based.

To exercise these rights, contact the Controller using the contact information published on this site. If you believe processing violates applicable law, you may lodge a complaint with your local data protection authority.

If your data is processed in countries outside your region, we ensure appropriate safeguards where required (for example standard contractual clauses or adequacy decisions), depending on how this instance is hosted and which subprocessors the operator uses.

ARCHI is not directed at children. We do not knowingly collect personal data from children below the age at which local law requires parental consent. If you believe a child has provided data, please contact us so we can delete it.

We may update this policy from time to time. The “Last updated” date at the top will change when we do. Continued use of the service after changes means you accept the updated policy, except where your consent is required for new processing.

For privacy questions, contact the operator of this ARCHI deployment using the email or link shown in the site footer or About page, if provided.