Privacy Policy

Last Updated: January 30, 2026

1. Introduction

This Privacy Policy applies to the IDPFlare open-source software project and its associated documentation website ("Site"). IDPFlare is self-hosted software that you deploy on your own infrastructure.

Important: When you deploy IDPFlare on your own infrastructure, YOU become the data controller and are responsible for compliance with applicable privacy laws. This privacy policy covers only our documentation website, not your deployment of the software.

2. Information We Collect (Documentation Website Only)

2.1 Automatically Collected Information

When you visit our documentation website, we may automatically collect:

  • Browser type and version
  • Operating system
  • Referring website
  • Pages visited and time spent
  • IP address (anonymized)

2.2 Analytics

We may use privacy-focused analytics tools (such as Cloudflare Analytics or Plausible) that do not use cookies and do not track individual users across websites.

2.3 GitHub Interactions

If you interact with our GitHub repository (issues, pull requests, discussions), your GitHub username and public profile information will be visible according to GitHub's privacy policy.

3. IDPFlare Software (Self-Hosted)

3.1 Data Collection by Your Deployment

When you deploy IDPFlare software:

  • YOU control all data collection and storage
  • User data is stored in YOUR Cloudflare account (D1 database, KV storage)
  • We (the IDPFlare project) do NOT have access to any data in your deployment
  • We do NOT collect telemetry or usage data from your deployment

3.2 Your Responsibilities

As the operator of an IDPFlare deployment, you are responsible for:

  • Creating and publishing your own privacy policy
  • Obtaining necessary consents from your users
  • Complying with GDPR, CCPA, and other applicable privacy laws
  • Implementing appropriate security measures
  • Handling data subject requests (access, deletion, etc.)
  • Maintaining audit logs as required by law

4. How We Use Information (Documentation Website)

Information collected from our documentation website is used solely to:

  • Improve website performance and user experience
  • Understand which documentation is most useful
  • Protect against abuse and security threats

We do NOT:

  • Sell or rent your information
  • Share your information with third parties for marketing
  • Use cookies for tracking or advertising
  • Track you across other websites

5. Data Retention

Analytics data collected from our documentation website is retained for a maximum of 12 months and is automatically purged thereafter.

6. Third-Party Services

6.1 Website Hosting

Our documentation website is hosted on Cloudflare Pages. Please review Cloudflare's Privacy Policy.

6.2 GitHub

Our source code is hosted on GitHub. Please review GitHub's Privacy Policy.

7. Your Rights

Regarding data collected from our documentation website, you have the right to:

  • Access: Request information about data we've collected
  • Opt-Out: Use browser extensions to block analytics
  • Do Not Track: We respect browser DNT signals
Note: For data rights regarding YOUR deployment of IDPFlare software, users must contact YOU (the deployment operator), not the IDPFlare project.

8. International Data Transfers

Our documentation website may be accessed globally. Data is processed on Cloudflare's global network, which may include servers in various countries.

9. Security

We implement reasonable security measures to protect our documentation website, including:

  • HTTPS encryption for all traffic
  • Regular security updates
  • DDoS protection via Cloudflare

10. Children's Privacy

Our documentation website is not directed at children under 13. We do not knowingly collect information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Continued use of our documentation website after changes constitutes acceptance of the updated policy.

12. Contact Information

For privacy-related questions about this documentation website, please open an issue on our GitHub repository.

Important: We cannot assist with privacy matters related to third-party deployments of IDPFlare software. Please contact the operator of the specific deployment you're using.

13. GDPR Compliance (EU Visitors)

For visitors from the European Union:

  • Legal Basis: Legitimate interest (website operation and improvement)
  • Data Controller: IDPFlare Project
  • Data Processor: Cloudflare, Inc.
  • Data Protection Officer: Not required (open-source project)

14. California Privacy Rights (CCPA)

California residents have additional rights under the CCPA:

  • Right to know what personal information is collected
  • Right to opt-out of sale of personal information (we do not sell information)
  • Right to deletion (limited to documentation website data only)
  • Right to non-discrimination
Summary: This privacy policy covers only our documentation website. When you deploy IDPFlare software, YOU are responsible for privacy compliance and should create your own privacy policy for your users.