Privacy Policy
Last updated: July 12, 2026 · Applies to https://lowlevelcraft.com
LowLevelCraft("we", "us", or "our") operates an educational platform for learning systems and low-level programming. This policy explains what data we collect, why we collect it, and the choices you have.
1. Information we collect
- Account data — name, email address, password hash (if you sign up with credentials), profile image, and optional username.
- Authentication data — if you use GitHub or Google sign-in, we receive the identity tokens and profile fields those providers share (typically name, email, and avatar).
- Learning activity — code you write and submit, run/submit results, progress, streaks, certificates, comments, and contribution drafts associated with your account.
- Technical data — IP address (for rate limiting and abuse prevention), browser/user-agent, and basic request logs. We use cookies and similar storage for sessions and preferences.
- Communications — messages you send via the contact form or newsletter subscription (if enabled).
2. How we use your information
- Provide and improve the platform (authentication, progress, grading).
- Execute your code in a sandboxed environment via Judge0 (or similar code-execution services) so tasks can be tested.
- Prevent abuse (rate limits, fraud, spam, security incidents).
- Send transactional email (magic links, password reset, important notices).
- Optional product analytics (e.g. Vercel Analytics) to understand aggregate usage.
- Error monitoring (e.g. Sentry) with sensitive headers filtered where configured.
3. Code execution and third parties
When you run or submit code, the source and test inputs are sent to our code-execution provider (currently Judge0 via RapidAPI) to compile and run in a sandbox. Do not submit secrets, credentials, or personal data in your code.
We also rely on infrastructure providers such as Vercel (hosting), Neon or another PostgreSQL host (database), Upstash Redis (rate limiting, where configured), OAuth providers (GitHub, Google), and email delivery (where configured). Each processes data only as needed to provide their service.
4. Cookies and sessions
We use session cookies required for authentication (NextAuth) and may store theme or editor preferences locally in your browser. You can clear cookies and local storage through your browser settings; doing so will sign you out.
5. Data retention
We retain account and learning data while your account is active. You may request deletion of your account and associated personal data by contacting us (see below). Backups and logs may persist for a limited period for security and operational integrity.
6. Your rights
Depending on your location, you may have rights to access, correct, export, or delete personal data we hold about you. Contact us to exercise these rights. You may also disconnect OAuth providers from your account settings where available.
7. Children
The service is not directed at children under 13 (or the minimum age required in your jurisdiction). If you believe we have collected data from a child, contact us and we will delete it.
8. Security
We use industry-standard measures including HTTPS, hashed passwords, and access controls. No method of transmission or storage is 100% secure; use a unique password and enable available account protections.
9. Changes
We may update this policy from time to time. The "Last updated" date at the top will change when we do. Continued use of the service after changes constitutes acceptance of the updated policy.
10. Contact
Questions about privacy: admin@mohitmishra7.com or via our contact form.