Privacy Policy

Last updated: January 2025

1. Data We Collect

We collect information you provide directly: name, email address, and any content you create within the platform (projects, objectives, messages). We also collect usage data such as page views and feature interactions, only if you opt in to analytics.

2. How We Use Your Data

• To provide and maintain the WorkFolks service
• To send account-related emails (verification, password reset, project invitations)
• To improve the platform (only with your analytics consent)

3. Data Storage & Security

Your data is stored in PostgreSQL databases. Passwords are hashed with bcrypt (cost factor 12). Connections use JWT authentication with short-lived tokens. We implement rate limiting, input sanitization, and regular security audits.

4. Data Sharing

We do not sell, trade, or share your personal data with third parties. Project data is only visible to project members.

5. Your Rights (GDPR)

• Access: Export all your data from Settings → Privacy → Export My Data
• Rectification: Edit your profile at any time in Settings
• Erasure: Delete your account from Settings → Privacy → Delete Account
• Portability: Data is exported in standard JSON format
• Withdraw Consent: Toggle analytics off in Settings → Privacy

6. Cookies

We use essential cookies only: a secure httpOnly refresh token cookie scoped to /api/auth, and a localStorage theme preference. No tracking cookies are used.

7. Contact

For privacy-related inquiries, contact us at privacy@workfolks.com.