Privacy policy

Last updated: July 19, 2023

The privacy of your data is very important to us. In this policy, we go over our GDPR compliance; what information we collect; how we store your data; and third parties we utilize.

We have never and will never sell your data.

GDPR compliance

Moddermore is a Data Controller of your information.

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please contact us by email at privacy@moddermore.net.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you.
  • The right of rectification.
  • The right to object.
  • The right of restriction.
  • The right to data portability.
  • The right to withdraw consent.

If you are in the EU or UK, you can contact your data protection authority to file a complaint or learn more about local privacy laws.

What we collect

The information that we store include:

  • your email
  • any OAuth connections linked to your account
  • the data in the lists that you create

What we don’t collect

  • your IP address
  • the raw files you upload to our import interfaces (analysis takes place client-side)

Cookies

Cookies are small files of information that a web server generates and sends to a web browser. Web browsers store the cookies they receive for a predetermined period of time, or for the length of a user's session on a website. They attach the relevant cookies to any future requests the user makes of the web server. You can learn more about cookies here.

We only store functional cookies on your device, when you log in to our services. These cookies include session tokens, CSRF tokens, etc. which make the login / logout experience possible.

Third party authentication

When you sign in on Moddermore via OAuth, we collect a very minimal amount of information from the third party you used to log in, mostly comprising of your email. We link your accounts with the same email together if possible.

Your usage of the third party falls under their privacy policy and we disclaim liability for their usage of your personal data.

Outbound links

Anytime you click on links which take you to third-party websites, you will be subject to the third parties’ privacy policies. We expressly disclaim any and all liability for the actions of third parties, including but without limitation to actions relating to the use and/or disclosure of your personal information by third parties.

Data security

All data is encrypted via SSL/TLS when transmitted from our servers to your browser.

On our database provider, MongoDB Atlas, all network traffic is encrypted using Transport layer Security (TLS), with flexibility to configure the minimum TLS protocol version. Encryption for data at rest is automated using encrypted storage volumes.

Data subprocessors

Your user data and information are stored on MongoDB Atlas. There is a Data Processing Agreement available on their website.

We utilize AWS SES to send transactional emails. Feel free to take a look at their Data Processing Agreement.

This site and its preview deploys are hosted on Vercel. They have a pre-signed Data Processing Agreement you can view on their website.

Anonymized analytics

We use Plausible to anonymously count visits to our website. No cookies are used and no personally identifiable data—not even an IP address or browser user agent—is stored. For more information, see the Plausible Data Policy.

Children's Information

We do not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.