Skip to main content
TechDecode

TechDecode Privacy Policy

Last updated: May 2026

1. Introduction

TechDecode (“we”, “us”, “our”) operates the blog at blog.damanthaja.dev. This Privacy Policy describes what personal information we collect, how we use it, and how we protect it. By using this site you agree to these practices.

2. Information We Collect

We collect the following categories of information:

  • Google account data: when you sign in with Google we receive your name, email address, and profile picture via Google's OAuth 2.0 service. We do not receive your Google password.
  • Content you create: blog posts, profile bio, social links, and other content you voluntarily publish on TechDecode.
  • Usage data: pages visited, referrer URL, browser type, and approximate geographic region, collected anonymously via server logs.

We do not collect passwords. All authentication is handled by Google OAuth 2.0.

3. How We Use Your Information

  • To create and manage your TechDecode account.
  • To display your public author profile at blog.damanthaja.dev/@username.
  • To send transactional emails (welcome on sign-up, sign-in notification).
  • To analyse site performance and improve content quality.

We do not sell or share your personal data with third parties for marketing purposes.

4. Google Sign-In

TechDecode uses Google OAuth 2.0 as its sole authentication method. When you click “Continue with Google” you are redirected to Google's consent screen. We request access to the following Google Account scopes only:

  • Your name (display name)
  • Your email address
  • Your profile picture

Google's Privacy Policy governs how Google handles your data during authentication.

5. Cookies and Session Tokens

After signing in, we store a single HttpOnly session cookie named auth_token that contains a signed JSON Web Token. This cookie is required for authentication, expires after 60 days, cannot be read by JavaScript (HttpOnly), and is only sent over HTTPS in production (Secure flag). We do not use third-party advertising cookies.

6. Data Retention

Account data is retained for as long as your account is active. Session tokens expire automatically after 60 days. You may request deletion of your account and all associated data at any time by contacting us (see Section 11).

7. Data Security

All data is transmitted over TLS (HTTPS). Authentication tokens are stored in HttpOnly cookies inaccessible to JavaScript. We do not store Google passwords or payment information. While we take reasonable technical and organisational measures, no system can guarantee absolute security.

8. AI Crawlers and Training Data

TechDecode permits AI search engines (Perplexity, ChatGPT Browse, Google AI Overviews) and training crawlers (GPTBot, ClaudeBot) to index our publicly published content. Our llms.txt provides a structured index for AI systems.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate profile data via your account settings.
  • Request deletion of your account and all associated personal data.
  • Withdraw consent at any time by signing out and discontinuing use of the service.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be indicated by a new “Last updated” date at the top of this page.

11. Contact

For privacy-related requests, questions, or account deletion, contact us at: privacy@blog.damanthaja.dev