diff --git a/.env.example b/.env.example index e837a69..363eb6c 100644 --- a/.env.example +++ b/.env.example @@ -1,6 +1,6 @@ ADMIN_EMAIL="" CRON_SECRET="" -HOME_URL="" +NEXT_PUBLIC_HOME_URL="" OVHCLOUD_API_KEY="" MAINTENANCE_MODE="0" NEWS_LIMIT="50" @@ -8,6 +8,7 @@ NEWS_TO_USE="10" NEXT_PUBLIC_BRAND_COUNTRY="" NEXT_PUBLIC_BRAND_EMAIL="" NEXT_PUBLIC_BRAND_NAME="" +NEXT_PUBLIC_BRAND_OWNER_NAME="" DATABASE_URL="" RESEND_FROM="" RESEND_KEY="" diff --git a/Dockerfile b/Dockerfile index d39ffc7..9209937 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,10 +11,14 @@ COPY . . ARG NEXT_PUBLIC_BRAND_NAME ARG NEXT_PUBLIC_BRAND_EMAIL ARG NEXT_PUBLIC_BRAND_COUNTRY +ARG NEXT_PUBLIC_HOME_URL +ARG NEXT_PUBLIC_BRAND_OWNER_NAME ENV NEXT_PUBLIC_BRAND_NAME=$NEXT_PUBLIC_BRAND_NAME ENV NEXT_PUBLIC_BRAND_EMAIL=$NEXT_PUBLIC_BRAND_EMAIL ENV NEXT_PUBLIC_BRAND_COUNTRY=$NEXT_PUBLIC_BRAND_COUNTRY +ENV NEXT_PUBLIC_HOME_URL=$NEXT_PUBLIC_HOME_URL +ENV NEXT_PUBLIC_BRAND_OWNER_NAME=$NEXT_PUBLIC_BRAND_OWNER_NAME RUN npm run build diff --git a/app/api/unsubscribe/route.ts b/app/api/unsubscribe/route.ts index 6f99e35..037e074 100644 --- a/app/api/unsubscribe/route.ts +++ b/app/api/unsubscribe/route.ts @@ -30,13 +30,10 @@ export async function POST(request: NextRequest) { } }); - if (user && !user.deleted) { - await prisma.user.update({ + if (user) { + await prisma.user.delete({ where: { email - }, - data: { - deleted: true } }); diff --git a/app/privacy/page.tsx b/app/privacy/page.tsx index 4b9f2f0..43ff909 100644 --- a/app/privacy/page.tsx +++ b/app/privacy/page.tsx @@ -2,458 +2,113 @@ import { CustomCard } from '@components/CustomCard'; import { SchemaOrg } from '@components/SchemaOrg'; -import { useState, useEffect } from 'react'; - -const useObfuscatedEmail = () => { - const [email, setEmail] = useState(null); - - useEffect(() => { - setEmail(process.env.NEXT_PUBLIC_BRAND_EMAIL || null); - }, []); - - return email; -}; const Privacy = () => { - const email = useObfuscatedEmail(); - const schema = { '@context': 'https://schema.org', '@type': 'WebSite', name: 'Hackernews Newsletter', title: 'Privacy Policy', - url: `${process.env.HOME_URL}/privacy` + url: `${process.env.NEXT_PUBLIC_HOME_URL}/privacy` }; const body = (
+

Who We Are

- This Privacy Policy describes Our policies and procedures on the - collection, use and disclosure of Your information when You use the - Service and tells You about Your privacy rights and how the law protects - You. + Data controller: {process.env.NEXT_PUBLIC_BRAND_OWNER_NAME}, an + individual based in {process.env.NEXT_PUBLIC_BRAND_COUNTRY}.

- We use Your Personal data to provide and improve the Service. By using - the Service, You agree to the collection and use of information in - accordance with this Privacy Policy. + Contact:{' '} + + {process.env.NEXT_PUBLIC_BRAND_EMAIL} +

-

Interpretation and Definitions

-

Interpretation

+

What We Collect

- The words of which the initial letter is capitalized have meanings - defined under the following conditions. The following definitions shall - have the same meaning regardless of whether they appear in singular or - in plural. + Your email address (required to send the newsletter).

-

Definitions

+

Why We Collect It

- For the purposes of this Privacy Policy: + To deliver the daily {process.env.NEXT_PUBLIC_BRAND_NAME}{' '} + newsletter—a digest of top Hacker News stories with AI-generated + commentary.

+

+ We do not sell products, track your activity beyond essential delivery, + or share your data for marketing. +

+ +

Legal Basis

+

+ Your explicit consent via double opt-in signup (you receive a + confirmation email with an activation link). +

+ +

Third Parties

-

Data Collection and Usage

-

Types of Data Collected

- -

Personal Data

-

- While using Our Service, We may ask You to provide Us with certain - personally identifiable information that can be used to contact or - identify You. Personally identifiable information may include, but is - not limited to: -

+

Your Rights

- -

Usage Data

-

- Usage Data is collected automatically when using the Service. -

-

- Usage Data may include information such as Your Device's Internet - Protocol address (e.g. IP address), browser type, browser version, the - pages of our Service that You visit, the time and date of Your visit, - the time spent on those pages, unique device identifiers and other - diagnostic data. -

-

- When You access the Service by or through a mobile device, We may - collect certain information automatically, including, but not limited - to, the type of mobile device You use, Your mobile device unique ID, the - IP address of Your mobile device, Your mobile operating system, the type - of mobile Internet browser You use, unique device identifiers and other - diagnostic data. -

-

- We may also collect information that Your browser sends whenever You - visit our Service or when You access the Service by or through a mobile - device. -

- -

Use of Your Personal Data

-

- The Company may use Personal Data for the following purposes: -

- -

We may share Your personal information in the following situations:

- - -

Data Handling and Security

- -

Retention of Your Personal Data

-

- The Company will retain Your Personal Data only for as long as is - necessary for the purposes set out in this Privacy Policy. We will - retain and use Your Personal Data to the extent necessary to comply with - our legal obligations (for example, if we are required to retain your - data to comply with applicable laws), resolve disputes, and enforce our - legal agreements and policies. -

-

- The Company will also retain Usage Data for internal analysis purposes. - Usage Data is generally retained for a shorter period of time, except - when this data is used to strengthen the security or to improve the - functionality of Our Service, or We are legally obligated to retain this - data for longer time periods. -

- -

Transfer of Your Personal Data

-

- Your information, including Personal Data, is processed at the - Company's operating offices and in any other places where the - parties involved in the processing are located. It means that this - information may be transferred to — and maintained on — computers - located outside of Your state, province, country or other governmental - jurisdiction where the data protection laws may differ than those from - Your jurisdiction. -

- -

Security of Your Personal Data

-

- Your consent to this Privacy Policy followed by Your submission of such - information represents Your agreement to that transfer. -

-

- The Company will take all steps reasonably necessary to ensure that Your - data is treated securely and in accordance with this Privacy Policy and - no transfer of Your Personal Data will take place to an organization or - a country unless there are adequate controls in place including the - security of Your data and other personal information. -

- -

- Delete Your Personal Data -

-

- You have the right to delete or request that We assist in deleting the - Personal Data that We have collected about You. -

-

- Our Service may give You the ability to delete certain information about - You from within the Service. -

-

- You may update, amend, or delete Your information at any time by signing - in to Your Account, if you have one, and visiting the account settings - section that allows you to manage Your personal information. You may - also contact Us to request access to, correct, or delete any personal - information that You have provided to Us. -

-

- Please note, however, that We may need to retain certain information - when we have a legal obligation or lawful basis to do so. -

- -

Legal Disclosures

- -

Business Transactions

-

- If the Company is involved in a merger, acquisition or asset sale, Your - Personal Data may be transferred. We will provide notice before Your - Personal Data is transferred and becomes subject to a different Privacy - Policy. -

- -

Law Enforcement

-

- Under certain circumstances, the Company may be required to disclose - Your Personal Data if required to do so by law or in response to valid - requests by public authorities (e.g. a court or a government agency). -

- -

Other Legal Requirements

-

- The Company may disclose Your Personal Data in the good faith belief - that such action is necessary to: -

- - -

Additional Information

-

- The security of Your Personal Data is important to Us, but remember that - no method of transmission over the Internet, or method of electronic - storage is 100% secure. While We strive to use commercially acceptable - means to protect Your Personal Data, We cannot guarantee its absolute - security. -

-

Children's Privacy

-

- Our Service does not address anyone under the age of 13. We do not - knowingly collect personally identifiable information from anyone under - the age of 13. If You are a parent or guardian and You are aware that - Your child has provided Us with Personal Data, please contact Us. If We - become aware that We have collected Personal Data from anyone under the - age of 13 without verification of parental consent, We take steps to - remove that information from Our servers. -

-

- If We need to rely on consent as a legal basis for processing Your - information and Your country requires consent from a parent, We may - require Your parent's consent before We collect and use that - information. -

- -

Links to Other Websites

-

- Our Service may contain links to other websites that are not operated by - Us. If You click on a third party link, You will be directed to that - third party's site. We strongly advise You to review the Privacy - Policy of every site You visit. -

-

- We have no control over and assume no responsibility for the content, - privacy policies or practices of any third party sites or services. -

- -

Changes to this Privacy Policy

-

- We may update Our Privacy Policy from time to time. We will notify You - of any changes by posting the new Privacy Policy on this page. -

-

- We will let You know via email and/or a prominent notice on Our Service, - prior to the change becoming effective and update the "Last - updated" date at the top of this Privacy Policy. -

-

- You are advised to review this Privacy Policy periodically for any - changes. Changes to this Privacy Policy are effective when they are - posted on this page. -

- -

Contact Information

-

- If you have any questions about this Privacy Policy, You can contact us - by writing to{' '} - {email ? ( + Request deletion of your email by contacting{' '} - {email} + {process.env.NEXT_PUBLIC_BRAND_EMAIL} - ) : ( - loading... - )} + +

  • + Upon unsubscribe or deletion request, your email is permanently + deleted from our database +
    • + + +

    Data Retention

    +

    + We retain your email address only until you unsubscribe. +

    + +

    International Transfers

    +

    + We rely on EU-approved safeguards including Standard Contractual Clauses + to ensure adequate protection when using US-based services. +

    + +

    Changes

    +

    + We may update this policy occasionally. The latest version will always + be available at{' '} + + {process.env.NEXT_PUBLIC_HOME_URL}/privacy + .

    @@ -465,7 +120,7 @@ const Privacy = () => {