v0.9.2
Join to Waitlist Private Alpha

Privacy Policy

Last updated: January 5, 2025

Introduction

This Privacy Policy explains how Crowment ("we," "our," or "us") collects, uses, and protects your personal information when you use our comment system service and website. We are committed to protecting your privacy and ensuring transparency about our data practices.

Information We Collect

Information You Provide Directly

  • Account Information: When you create an account, we collect your name, email address, and authentication information from supported OAuth providers (Google, Discord).
  • Profile Information: You may optionally provide a profile picture, bio, and other profile details.
  • Comments and Content: Any comments, posts, or other content you submit through our service.
  • Payment Information: When you purchase premium features, payment processing is handled by secure third-party payment processors. We do not store your full payment card details.
  • Support Communications: Messages you send to our support team, including feedback, bug reports, and feature requests.
  • Survey Responses: Information provided through customer surveys or feedback forms.

Information We Collect Automatically

  • Usage Data: Information about how you use our service, including pages visited, features used, and interaction patterns.
  • Device Information: Your IP address, browser type, operating system, device identifiers, and other technical information.
  • Cookies and Tracking: We use cookies and similar technologies to enhance your experience and analyze service usage.
  • Performance Data: Data collected through Cloudflare services for security, performance optimization, and analytics.
  • Database Analytics: We collect usage and performance metrics from our database systems (CockroachDB) to optimize service performance and reliability.
  • Notification Metrics: When using our notification services, we may collect delivery and engagement metrics to improve notification effectiveness.
  • Log Data: Server logs that record actions taken on our service, including access times, pages viewed, and system activities.
  • Location Data: General location information derived from IP addresses for security and compliance purposes.

Information from Third Parties

  • OAuth Providers: Information from Google and Discord when you authenticate through these services.
  • Payment Processors: Transaction information from secure third-party payment processors for billing and subscription management.
  • Analytics Services: Usage statistics and performance metrics from integrated analytics tools.
  • Security Services: Threat intelligence and security data from our security partners.

How We Use Your Information

We use your information for the following purposes:

  • Service Provision: To provide, maintain, and improve our comment system service.
  • Authentication: To verify your identity and manage your account through OAuth providers.
  • Communication: To send you service-related notifications, updates, and support responses via email and in-app notifications.
  • Security: To protect against fraud, abuse, and security threats.
  • Analytics: To understand how our service is used and improve user experience.
  • Performance Optimization: To monitor system performance, database efficiency, and service reliability.
  • Legal Compliance: To comply with legal obligations and protect our rights.

Information Sharing and Disclosure

Third-Party Service Providers

We share information with trusted third-party providers who help us operate our service:

  • Cloudflare: For content delivery, security, DDoS protection, and performance optimization.
  • Google OAuth: For authentication services when you choose to sign in with Google.
  • Discord OAuth: For authentication services when you choose to sign in with Discord.
  • Email Service Providers: We may use services like Amazon SES or Brevo for sending transactional emails, newsletters, and notifications.
  • Analytics Services: For website usage analytics and service improvement.
  • Customer Support Tools: For providing customer service and technical support.

Self-Hosted Infrastructure Services

We operate some services on our own infrastructure, but these may still collect operational data:

  • Database Systems (CockroachDB): Our self-hosted database collects performance metrics, query analytics, and usage statistics to ensure optimal service performance.
  • Notification Services (Novu): Our self-hosted notification system may collect delivery metrics, engagement data, and performance analytics to improve notification reliability.

Legal and Safety Disclosures

  • Legal Requirements: We may disclose information when required by law, court order, or government request.
  • Safety and Security: To protect the safety, rights, or property of Crowment, our users, or the public.
  • Fraud Prevention: To investigate potential fraud, security breaches, or violations of our terms.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.

Public Information

Comments and other content you post through our service may be publicly visible on websites where our comment system is embedded. Your username and profile information may also be displayed alongside your comments.

Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal requests from government authorities.

Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. Specifically:

  • Account information is retained while your account is active and for a reasonable period after deletion.
  • Comments and content may be retained to maintain the integrity of discussions on websites using our service.
  • Usage and analytics data may be retained in aggregated or anonymized form for longer periods.
  • Email delivery logs and notification metrics are retained for operational purposes and may be kept for up to 12 months.
  • Database performance metrics and system analytics are retained to ensure service reliability and may be stored indefinitely in anonymized form.

Our Technology Infrastructure

To provide you with a reliable and secure service, we use a combination of third-party services and self-hosted infrastructure:

Self-Hosted Services

These services run on our own infrastructure, giving us greater control over your data:

  • Database (CockroachDB): Your comments, account information, and service data are stored in our self-hosted database cluster. While self-hosted, this system collects operational metrics such as query performance, database health, and usage patterns to ensure optimal service delivery.
  • Notification System (Novu): Our self-hosted notification service handles email notifications, in-app alerts, and other communications. It may collect delivery status, open rates, and engagement metrics to improve notification reliability and effectiveness.

Email Services

For reliable email delivery, we may use:

  • Amazon SES: For transactional emails, password resets, and account notifications
  • Brevo (formerly Sendinblue): For marketing emails, newsletters, and bulk communications

These services may have access to your email address and email engagement data (such as opens and clicks) as necessary to provide email delivery services.

Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Secure infrastructure provided by trusted cloud providers

Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information, subject to certain limitations.
  • Portability: Request a machine-readable copy of your data.
  • Objection: Object to certain processing of your information.
  • Restriction: Request restriction of processing in certain circumstances.

Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Keep you logged in to your account
  • Remember your preferences and settings
  • Analyze service usage and performance
  • Provide security and fraud protection

You can control cookies through your browser settings, but disabling certain cookies may affect service functionality.

International Data Transfers

Crowment is headquartered in Turkiye, while our servers and databases are hosted in Finland (European Union). This means your personal information is primarily processed and stored within the EU, under the protection of the General Data Protection Regulation (GDPR). If you access our service from outside the EU (including Turkiye), your data may be transferred internationally to be processed in Finland. We take all necessary measures to ensure such transfers comply with applicable data protection laws and include appropriate safeguards.

Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

GDPR Compliance (EU Users)

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

  • We process your data based on legitimate interests, consent, or contractual necessity.
  • You have the right to withdraw consent at any time where processing is based on consent.
  • You have the right to lodge a complaint with your local data protection authority.
  • We may transfer your data outside the EU only with appropriate safeguards in place.

CCPA Compliance (California Users)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • We do not sell your personal information to third parties.
  • You have the right to know what personal information we collect, use, and disclose.
  • You have the right to request deletion of your personal information.
  • You have the right to non-discrimination for exercising your privacy rights.

Get notified — Crowment is coming soon

Be the first to try Crowment Comments. Join our waitlist and we'll email you as soon as we launch. No spam — just up to 2 thoughtful updates per month.

Privacy PolicyCookie PolicyAbout Us

© 2025 Crowment. All rights reserved.