Back to Home

Privacy Policy

Last updated: 3/10/2026

What We Actually Store

When you sign up we store: email (used for login and password reset only), a hashed password (we never see the plaintext), optional username and profile photo, and timestamps. No real name is required—handles and pseudonyms are fine. Everything you post—discussions, replies, group memberships, DMs—lives in our database and is tied to your account. We also log basic usage (e.g. which pages you hit) for debugging and abuse prevention.

Auth and session state use HTTP-only cookies so scripts can't steal your token. We don't track you across other sites or sell your data to ad networks. By using GreenHat you agree to our Terms of Service and Code of Conduct.

How Your Data Gets Used

Your email is used for sign-in, password resets, and critical account notifications—nothing promotional unless you opt in. Profile and post data are used to run the site: showing your name on posts, powering search, building your activity and achievements. We use it to enforce our rules (e.g. rate limits, restricted-word filters, ban lists) and to respond to abuse reports or legal process when we have to.

We do not sell, rent, or share your personal data with third parties for marketing. Any third-party services we use (e.g. hosting, email delivery) are bound by contracts that limit use to providing the service.

Security in Practice

All traffic to GreenHat is over TLS; we don't serve the site over plain HTTP. Passwords are hashed with a modern algorithm (we don't store or transmit plaintext passwords). Database access is scoped with row-level security so that, where possible, your data is only readable by you or by the system in defined ways. Backups exist for recovery; we don't use your data for training models or experimentation.

If we learn of a breach that affects your data we'll notify you and the relevant regulators where required. We patch dependencies and review access controls on an ongoing basis—security is part of how we run the platform, not a one-time checklist.

Your Rights and Choices

You can view and edit your profile and account settings in-app. You can delete your account; when you do we remove your personal data and anonymize or drop content as our retention policy allows. If you want a copy of your data or a formal deletion request, email us and we'll process it within the timeframe required by law.

If you're in the EU/EEA you have the usual GDPR rights: access, rectification, erasure, restriction, portability, and the right to object. We don't do automated decision-making that has legal or similarly significant effects. For other regions we follow applicable local rules where they apply.

Privacy Questions

For anything privacy-related—data export, deletion, or how we handle your information—write to privacy@greenhat.com. We respond to legitimate requests without unnecessary delay.