Privacy notice

What this site is

sanch.hu is a small personal technical blog focused on AI, code, automation and practical engineering notes. It is meant to publish readable content, not to operate as a large social platform or profile-heavy service.

This page explains in plain language what data is handled in the current development phase, why it is handled and what deletion options exist.

What data is collected

The blog handles content data and limited operational data. In addition to posts, tags, resources and uploads, this includes newsletter subscriptions, contact messages, comments, likes and the user records required for provider-based sign-in.

The intent is to keep only the data that is genuinely needed for the feature in question and to avoid exposing technical or sensitive information publicly when there is no reason to do so.

Newsletter and contact messages

The newsletter flow stores an email address, status and created timestamp. That data should only be used to send quiet updates about new content.

The Message form stores the sender name, email address, message body, status and created timestamp so contact requests can be handled without losing the submitted message.

Comments and likes

Only logged-in users can submit comments or like posts. Likes are stored against the post and user, and the system accepts at most one active like per user per post.

New comments are stored as pending first. Only approved comments appear publicly. Pending and rejected comments remain out of the public view.

Provider login, Google and Facebook OAuth

Public sign-in currently uses Google or Facebook OAuth. The provider may return a provider identifier, email address, display name and in some cases a profile image. Only the fields actually needed for identification or for comment/like functionality should be stored.

Provider application secrets and access secrets are not exposed on the public site. They belong in server-side configuration or environment variables. The goal is not to retain as much provider data as possible, but to keep the minimum required for the feature set.

Cookies and sessions

The site uses sessions for logged-in state, CSRF protection and small pieces of operational state. The lang cookie stores the selected language preference so the site can remember the Hungarian or English view.

The authentication/session cookie is used to keep a provider-authenticated session active. These cookies are used for site operation, not for marketing tracking.

Delete my user

Deletion removes your provider links and likes, deletes pending or rejected comments, and anonymizes approved comments.

The current deletion flow removes likes, deletes pending or rejected comments, anonymizes approved comments, and then removes the provider links and related user record. After a successful deletion the user is logged out.

You need to log in before you can delete your user.

Privacy questions and deletion requests

If you have a privacy question or need to ask about deletion, use the Message action in the footer. If you already have a provider-based account, the self-service deletion section above is the most direct route.