1. Introduction

Welcome to Ruman's Blog member login system. This Privacy Policy explains how we collect, use, and protect your information when you use our member authentication service. We are committed to protecting your privacy and ensuring the security of your personal data.

2. Information We Collect

2.1 Member Codes

When you subscribe and receive a member code, we store:

• Member Code Hash: A cryptographic hash (SHA-256) of your access code. We do NOT store the actual code in plain text.
• Your Name: The name you provided during subscription.
• Email Address: Your email address for communication purposes.
• Creation Date: When your membership was created.
• Status: Whether your membership is active or inactive.

2.2 Cookies

When you log in, we store the following cookies in your browser:

• authHash: SHA-256 hash of your member code (30-day expiration)
• memberName: Your name for personalization (30-day expiration)
• auth: Login status indicator (30-day expiration)

3. How We Use Your Information

We use your information solely for:

• Authentication: Verifying your identity and granting access to premium content
• Personalization: Displaying your name when logged in
• Communication: Sending newsletters and important updates via email
• Account Management: Managing your membership status and access rights

We do NOT:

• Sell your data to third parties
• Use your data for advertising purposes
• Share your information with external companies
• Track your browsing behavior across other websites

4. Data Storage and Security

4.1 Storage Location

Your member data is stored locally on a secure external hard drive and is not hosted on any cloud service. This ensures maximum privacy and control over your data.

4.2 Security Measures

• SHA-256 Hashing: All member codes are hashed using industry-standard SHA-256 algorithm
• Secure Cookies: Cookies use SameSite=Strict attribute to prevent cross-site attacks
• No Plain Text Storage: Your original member code is never stored anywhere after initial generation
• Local Storage: Data is kept on secure, offline storage rather than cloud servers

4.3 Automatic Backups

Our system creates timestamped backups of member data to prevent data loss. These backups are stored locally on the same secure external drive.

5. Your Rights

You have the following rights regarding your personal data:

5.1 Right to Access

You can request a copy of all personal data we hold about you.

5.2 Right to Correction

You can request corrections to any inaccurate or incomplete data.

5.3 Right to Deletion

You can request deletion of your member account and all associated data at any time.

5.4 Right to Revoke Access

You can request to have your member code deactivated, which will prevent future logins without deleting your data.

5.5 Right to Data Portability

You can request your data in a portable format (JSON) for transfer to another service.

6. Cookies and Browser Storage

Our login system uses browser cookies to maintain your logged-in session. These cookies:

• Are stored only in your browser
• Expire after 30 days
• Can be deleted by you at any time
• Do not track you across other websites
• Are essential for the login functionality

By using the member login system, you consent to the use of these essential cookies. You can clear them at any time by logging out or clearing your browser cookies.

7. Data Retention

We retain your data:

• Active Members: As long as your membership is active
• Inactive/Deleted Members: We keep backup copies for 90 days after deletion, then permanently remove them
• Email Communications: Newsletter subscription data is kept until you unsubscribe

8. Third-Party Services

Our member login system is self-hosted and does not use any third-party authentication services, analytics, or tracking tools. The only external service used is:

• Gmail: For sending newsletters and member code emails (if applicable)

We do not share your data with any other third parties.

9. Children's Privacy

Our membership service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically.

Major changes will be communicated via email to all active members.

11. International Users

This service is operated from Sydney, Australia. If you are accessing from outside Australia, please be aware that your information may be transferred to and stored in Australia. By using our service, you consent to this transfer.

12. Your Consent

By using our member login system, you consent to this Privacy Policy and agree to its terms. If you do not agree with this policy, please do not use our membership service.