Privacy Policy

1. Who we are

DigiBioFi ("we", "our", or "us") operates the professional profile platform at digibiofi.com. Your privacy matters to us. This policy explains what personal data we collect, why we collect it, how we protect it, and the rights available to you.

2. Data we collect

Account data: When you register, we store your email address, username, and hashed password. We never store plain-text passwords.

Profile data: Any content you choose to add to your public profile — full name, headline, bio, location, work experience, education, skills, projects, links, and profile image — is stored to render your profile page.

Uploaded files: Profile images, resumes (PDF), project thumbnails, and certificates you upload are stored in our file system and served at public URLs when your profile is public.

Analytics: When a visitor views your public profile, we log a pseudonymous visit event (a one-way hash of IP + User-Agent) to power your dashboard analytics. We do not store raw IP addresses in analytics records.

Contact messages: Messages submitted through the contact form are stored in our database and reviewed by our team.

Billing data: If you subscribe to a paid plan, payment processing is handled entirely by Stripe. DigiBioFi stores only Stripe customer and subscription identifiers — never raw card numbers or full payment details.

Session data: We use secure HTTP-only session cookies for authentication and flash messages. These are not used for advertising tracking.

3. How we use your data

• To create and display your public professional profile
• To send email verification and password reset messages through our configured SMTP provider
• To display profile view and engagement analytics in your dashboard
• To process subscription payments and manage billing state via Stripe webhooks
• To prevent abuse, enforce rate limits, and protect platform security
• To respond to contact form messages

We do not sell your personal data. We do not use your data to build advertising profiles.

4. Advertising

DigiBioFi may display Google AdSense advertisements on public and content pages. Google may use cookies to serve ads based on prior visits to our site or other sites. You can opt out of personalized advertising at Google Ads Settings. Ads are not shown on authenticated account or billing pages.

5. Data sharing

We share data only with the following third-party services required to operate the platform:

• Stripe — payment processing
• Configured SMTP provider — transactional email delivery
• Google AdSense — advertising display (public pages only)

We do not share your data with data brokers, list vendors, or unaffiliated third parties for marketing purposes.

6. Data retention

Account data is retained for as long as your account is active. If you close your account, your data will be deleted within 30 days unless we are required to retain it for legal or financial compliance purposes.

Contact messages are retained for up to 1 year. Analytics events are retained for up to 2 years.

7. Security

We use industry-standard measures to protect your data: HTTPS enforced in production, bcrypt password hashing, CSRF protection on all forms, HTTP security headers (HSTS, CSP, X-Frame-Options), and rate limiting. We conduct security reviews before deploying changes.

8. Your rights

You have the right to access, correct, export, or delete your personal data. To exercise these rights, contact us at privacy@digibiofi.com. We will respond within 30 days.

You can update profile visibility (public / private) and edit or delete profile content at any time through your dashboard.

9. Cookies

We use the following cookies: a session cookie for authentication state, a CSRF token cookie for form security, and Google AdSense cookies on ad-enabled pages. We do not use tracking pixels or third-party marketing cookies for our own purposes.

10. Changes to this policy

We may update this policy to reflect changes in our practices or applicable law. When we make material changes, we will update the effective date at the top of this page. Continued use of DigiBioFi after changes constitutes acceptance of the updated policy.