Privacy Policy

Learn how we collect, use, and protect your personal information.

Last updated: September 26, 2025

This Privacy Policy describes how Tangled ("we," "us," or "our") collects, uses, and shares your personal information when you use our platform and services (the "Service").

1. Information We Collect#

Account Information#

When you create an account, we collect:

  • Your chosen username
  • Email address
  • Profile information you choose to provide
  • Authentication data

Content and Activity#

We store:

  • Code repositories and associated metadata
  • Issues, pull requests, and comments
  • Activity logs and usage patterns
  • Public keys for authentication

2. Data Location and Hosting#

EU Data Hosting#

All Tangled service data is hosted within the European Union. Specifically:

  • Personal Data Servers (PDS): Accounts hosted on Tangled PDS (*.tngl.sh) are located in Finland
  • Application Data: All other service data is stored on EU-based servers
  • Data Processing: All data processing occurs within EU jurisdiction

External PDS Notice#

Important: If your account is hosted on Bluesky's PDS or other self-hosted Personal Data Servers (not *.tngl.sh), we do not control that data. The data protection, storage location, and privacy practices for such accounts are governed by the respective PDS provider's policies, not this Privacy Policy. We only control data processing within our own services and infrastructure.

3. Third-Party Data Processors#

We only share your data with the following third-party processors:

Resend (Email Services)#

  • Purpose: Sending transactional emails (account verification, notifications)
  • Data Shared: Email address and necessary message content

Cloudflare (Image Caching)#

  • Purpose: Caching and optimizing image delivery
  • Data Shared: Public images and associated metadata for caching purposes

Posthog (Usage Metrics Tracking)#

  • Purpose: Tracking usage and platform metrics
  • Data Shared: Anonymous usage data, IP addresses, DIDs, and browser information

4. How We Use Your Information#

We use your information to:

  • Provide and maintain the Service
  • Process your transactions and requests
  • Send you technical notices and support messages
  • Improve and develop new features
  • Ensure security and prevent fraud
  • Comply with legal obligations

5. Data Sharing and Disclosure#

We do not sell, trade, or rent your personal information. We may share your information only in the following circumstances:

  • With the third-party processors listed above
  • When required by law or legal process
  • To protect our rights, property, or safety, or that of our users
  • In connection with a merger, acquisition, or sale of assets (with appropriate protections)

6. Data Security#

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet is 100% secure.

7. Data Retention#

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.

8. Your Rights#

Under applicable data protection laws, you have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Request deletion of your information
  • Object to processing of your information
  • Data portability
  • Withdraw consent (where applicable)

9. Cookies and Tracking#

We use cookies and similar technologies to:

  • Maintain your login session
  • Remember your preferences
  • Analyze usage patterns to improve the Service

You can control cookie settings through your browser preferences.

10. Children's Privacy#

The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected such information, we will take steps to delete it.

11. International Data Transfers#

While all our primary data processing occurs within the EU, some of our third-party processors may process data outside the EU. When this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

12. Changes to This Privacy Policy#

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

13. Contact Information#

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us through our platform or via email.

This Privacy Policy complies with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.