Skip to main content

Privacy policy

Last updated

Scope

This policy covers jesternet.dev — the instance of jesternet operated by Quantum Encoding Ltd (company number 16575953, registered office 33 Oxford Street, Coalville, LE67 3GS, United Kingdom). If you self-host your own copy of jesternet from the source , you are the data controller for your instance — this document does not apply to it.

What we collect

jesternet.dev is access-gated. Only signed-in users have accounts; anonymous visitors browsing the marketing landing aren't recorded beyond standard Cloudflare edge logs.

For signed-in users we store:

  • Email address — from your OAuth provider (Google) or Cloudflare Access. Used as your account identifier and contact address.
  • Display name and avatar URL — from your OAuth provider, if available. Shown on commits and audit log entries.
  • Session cookies — a server-issued opaque token (the jesternet_session cookie) that authenticates your browser. Strictly necessary; cannot be disabled while signed in.
  • Audit logs — per push/clone/token-use: IP address, user-agent, repository, timestamp. Retained for 90 days, then purged.
  • Git data you push — repository objects (R2) and refs (D1). Stored at rest, not analysed, never used as model training data, never shared with third parties.

Why we collect it

  • Email + display name — to identify your account and link commits to a person, on a legal basis of performance of a contract (you signed in to use the service).
  • Session cookies — to keep you signed in across requests. Strictly necessary; no consent required under UK PECR.
  • Audit logs — to detect abuse (leaked tokens, mass-pull scrapers) and to satisfy our security-incident-response obligations. Legal basis: legitimate interest in operating a secure service.
  • Git data — to provide the service you signed up for. Legal basis: performance of contract.

Who we share it with

Third parties used to operate the service:

  • Cloudflare — infrastructure (Workers, D1, R2, edge DNS). All data is stored on Cloudflare; they act as a data processor. Cloudflare privacy policy.
  • Google (OAuth) — when you sign in with Google, your browser briefly redirects through Google's OAuth flow. Google receives your sign-in attempt and returns your email + display name. Google privacy policy.

We do not share data with advertising networks, analytics platforms, or any third party not listed above. Your code is not used to train any model, ours or anyone else's.

Your rights (UK GDPR)

You have the right to:

  • Access — request a copy of the data we hold about you
  • Rectification — correct anything inaccurate (most fields are user-editable in Settings)
  • Erasure — close your account and have your data deleted (audit logs are retained for the legal-basis period before purge)
  • Portability — git data is already in standard format and can be pulled with any git client at any time
  • Object — to any processing relying on legitimate interest
  • Complain — to the UK Information Commissioner's Office at ico.org.uk

To exercise these, email info@quantumencoding.io. We respond within 30 days as required by UK GDPR.

Changes to this policy

We'll update the "last updated" date at the top of this page when material changes ship. Sign-in users with active sessions will see a notice in the app when changes touch how we handle their data — not for minor wording cleanups, but for anything that changes what's collected, why, or who it's shared with.

Contact

Data controller: Quantum Encoding Ltd · Company No. 16575953 · 33 Oxford Street, Coalville, LE67 3GS, United Kingdom
Email: info@quantumencoding.io