Privacy policy

Public browsing does not require an account. If likes are enabled, the API stores hashed visitor, IP, and user-agent signals to prevent repeated or abusive likes without storing raw IP addresses in the likes table.

If comments are enabled and you sign in with GitHub, the site stores your GitHub username, avatar URL, comment body, and timestamps so the discussion can be displayed and moderated.

Engagement data is used to show useful comments, reduce spam, rate-limit abuse, and give the site owner an audit trail for private moderation or content changes.

Admin-only diagnostics may include rate-limit events, invalid API attempts, and unexpected server errors so production issues can be investigated.

Visible comments are public. Admin role data, audit logs, private diagnostics, and moderation records are restricted by server-side authorization rules.

Public feature flags can keep likes, comments, and admin UI disabled until the Supabase project, OAuth settings, RLS rules, and moderation flow have been verified.

For privacy or moderation requests, contact Filbert Sembiring Meliala through the email address listed on the portfolio contact section.