This Privacy Policy describes how LinearBytes Inc. (“Hashnode,” “we,” “us,” or “our”) collects, uses, and shares information in connection with your use of our website, services, and applications (collectively, the “Service”) available at hashnode.com and associated subdomains.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.

This Privacy Policy supersedes and replaces all prior versions of any privacy policy previously published by Hashnode or LinearBytes Inc.

1. Information We Collect

1.1 Information You Provide to Us

Account Information. When you create an account, we collect your name, email address, username, and profile photo. You may also choose to provide additional information such as a tagline, bio, location, and social media links (Twitter/X, LinkedIn, GitHub, Facebook, Instagram, Stack Overflow, YouTube, Bluesky, and personal website).

Authentication Information. If you sign up or log in using a third-party service (Google, GitHub, LinkedIn, or Apple), we receive information from that service, such as your name, email address, and profile photo, in accordance with that service’s privacy settings and policies.

Publication Information. If you create a blog or publication, we collect the publication title, description, logos, favicon, and social media links you provide.

Newsletter Subscriber Information. If you manage a newsletter through Hashnode, we collect subscriber email addresses and subscription status on your behalf.

Team and Collaboration Information. If you invite others to collaborate on a publication, we collect the names, email addresses, and roles of team members.

Content. We collect the content you create, publish, or share on the Service, including blog posts, drafts, and other written materials.

Communications. When you contact us, we collect the information you provide in your communications, including your email address and message content.

1.2 Information We Collect Automatically

Log and Usage Data. When you access or use the Service, we automatically collect certain information, including your IP address (used transiently for rate limiting and not stored persistently), browser type, operating system, device type, screen dimensions, language preferences, referring URLs, pages visited, and the date and time of your visit.

Analytics Data. We use Google Analytics and PostHog to collect usage and performance data about how you interact with the Service. These tools may automatically collect information such as your IP address, device information, browser type, operating system, geographic location, and browsing behavior.

Cookies and Similar Technologies. We use cookies and similar technologies to operate and improve the Service. See Section 5 (Cookies and Tracking Technologies) for more details.

1.3 Information from Third-Party Integrations

If you configure third-party analytics or tracking integrations on your publication (such as Google Analytics, Google Tag Manager, Facebook Pixel, Hotjar, Matomo, Fathom, Plausible, Koala, or Microsoft Clarity), those third-party services may collect information from visitors to your publication in accordance with their own privacy policies. Hashnode does not control the data collection practices of these third-party services.

2. How We Use Your Information

We use the information we collect to:

• Provide and operate the Service, including hosting your blog, delivering newsletters, and enabling collaboration features.
• Authenticate your identity and maintain account security.
• Personalize your experience, including displaying your profile and publication information.
• Provide AI-powered features in the editor to help you refine your drafts. When you use AI features, your content is sent to third-party AI providers (currently OpenAI, Anthropic, and Google) for processing. These providers process your content solely to provide the AI functionality and in accordance with their respective privacy policies.
• Analyze usage and improve the Service, including understanding how users interact with the Service and identifying areas for improvement.
• Communicate with you, including sending transactional emails (such as magic link authentication, email verification, publication invitations, and welcome emails), and marketing communications where you have opted in.
• Enforce our Terms of Use, prevent fraud, and ensure the security and integrity of the Service.
• Comply with legal obligations and respond to lawful requests from public authorities.

3. How We Share Your Information

We do not sell or rent your personal information to third parties. We may share your information in the following circumstances:

3.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

• Email delivery (Resend and similar providers) for transactional emails and newsletters.
• AI processing (OpenAI, Anthropic, Google) for AI-powered editor features.
• Analytics (Google Analytics, PostHog) for usage analysis and Service improvement.
• Rate limiting and infrastructure (Upstash) for Service security and performance.
• Payment processing (Stripe) for processing payments related to paid plans, when available.

These service providers are contractually obligated to use your information only as necessary to provide their services to us and in accordance with applicable law.

3.2 Public Information

Information you choose to make public on the Service — including your profile information, published blog posts, and publication details — is accessible to anyone on the internet.

3.3 Legal Requirements

We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend our rights or property, prevent fraud, or protect the safety of users or the public.

3.4 Business Transfers

If we are involved in a merger, acquisition, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you the Service. If you delete your account, we will remove your content from public view and delete your account information, though some data may be retained in archived form for a reasonable period for legal, compliance, fraud prevention, or legitimate business purposes.

Cached or distributed copies of your content may take time to be removed from our systems and third-party caches.

5. Cookies and Tracking Technologies

5.1 Cookies We Use

Essential Cookies. These cookies are necessary for the Service to function and cannot be switched off. They include:

• Session cookie — authenticates your identity and maintains your login session.
• UI preference cookies — remember your interface preferences such as sidebar state and theme.

Analytics Cookies. We use Google Analytics and PostHog, which may set cookies to help us understand how users interact with the Service.

5.2 Local Storage

We also use browser local storage to remember certain preferences, such as your selected publication and code editor language preference.

5.3 Third-Party Cookies

If a publication owner configures third-party analytics integrations (such as Google Analytics, Facebook Pixel, or Hotjar), those services may set their own cookies on publication pages. These cookies are governed by the respective third party’s privacy policy.

5.4 Your Choices

Most web browsers allow you to control cookies through their settings. However, disabling essential cookies may impair your ability to use the Service.

6. Data Security

We implement commercially reasonable technical and organizational measures designed to protect your personal information from unauthorized access, use, alteration, and destruction. These include HTTPS encryption, httpOnly and secure session cookies, and rate limiting to prevent abuse.

However, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee the absolute security of your information.

7. Your Rights and Choices

7.1 Account Information

You may access, update, or delete your account information at any time through your account settings. You may also delete your account entirely from the account settings page.

7.2 Data Export

You may export your content from the blog dashboard.

7.3 Email Communications

You may opt out of marketing and non-essential email communications at any time by using the unsubscribe link in the email or by adjusting your preferences under Settings > Email. Transactional emails necessary for the operation of the Service (such as authentication and security emails) cannot be opted out of.

7.4 Push Notifications

If you have enabled push notifications, you may disable them through your device or browser settings.

8. International Users

The Service is operated from the United States. If you are accessing the Service from outside the United States, please be aware that your information will be processed and stored in the United States. By using the Service, you consent to the transfer of your information to the United States and the processing of your information in accordance with this Privacy Policy.

9. Rights for Users in the European Economic Area (EEA) and United Kingdom

If you are located in the EEA or UK, you have certain rights under the General Data Protection Regulation (GDPR) and applicable local law, including:

• Right of access — the right to request a copy of the personal data we hold about you.
• Right to rectification — the right to request correction of inaccurate personal data.
• Right to erasure — the right to request deletion of your personal data, subject to certain exceptions.
• Right to restriction of processing — the right to request that we restrict the processing of your personal data in certain circumstances.
• Right to data portability — the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to object — the right to object to the processing of your personal data for certain purposes, including direct marketing.
• Right to withdraw consent — where processing is based on consent, the right to withdraw that consent at any time.

Legal Basis for Processing. We process your personal data on the following legal bases:

• Performance of a contract — to provide and operate the Service as described in our Terms of Use.
• Legitimate interests — to improve and secure the Service, prevent fraud, and communicate with you.
• Consent — where you have given consent, such as for marketing communications and AI-powered features.
• Legal obligation — to comply with applicable laws and regulations.

To exercise any of these rights, please contact us at hello@hashnode.com. We will respond to your request within the timeframes required by applicable law.

10. Rights for California Residents

If you are a California resident, you have certain rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:

• Right to know — the right to request information about the categories and specific pieces of personal information we have collected about you.
• Right to delete — the right to request deletion of your personal information, subject to certain exceptions.
• Right to correct — the right to request correction of inaccurate personal information.
• Right to opt out of sale or sharing — we do not sell or share your personal information for cross-context behavioral advertising purposes.
• Right to non-discrimination — you will not be discriminated against for exercising your privacy rights.

Categories of Personal Information Collected. In the preceding 12 months, we have collected the following categories of personal information: identifiers (name, email, username, IP address); internet or other electronic network activity information (browsing history, device information, usage data); geolocation data (country, derived from IP address); professional or employment-related information (if provided in your profile); and other information you provide to us (bio, social links, content).

We do not sell your personal information. We do not use or disclose sensitive personal information for purposes other than those permitted under the CCPA.

To exercise your rights, please contact us at hello@hashnode.com. We will verify your identity before processing your request.

11. Children’s Privacy

The Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you believe that a child under 13 has provided us with personal information, please contact us at hello@hashnode.com.

12. Third-Party Links and Services

The Service may contain links to third-party websites, services, or content that are not owned or controlled by Hashnode. This Privacy Policy does not apply to third-party services. We are not responsible for the privacy practices of third-party services and encourage you to review their privacy policies.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by posting the updated Privacy Policy on the Service and updating the “Last Updated” date. Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

14. Data Protection Officer

Our Data Protection Officer is:

Syed Fazle Rahman
Email: fazle@hashnode.com

15. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

LinearBytes Inc.
8 The Green, Ste 300, Dover, DE 19901
Email: hello@hashnode.com