CodeSyncUp

Legal

Privacy Policy

Your privacy matters. CodeSyncUp is designed around anonymity - no accounts, no tracking, no ads. This policy explains exactly what data we handle and why.

Last updated: May 2026

1. Information We Collect

CodeSyncUp is built to minimize data collection. We do not require accounts, logins, or personal information. The following data is collected solely to provide and protect the service:

  • Room content - Code you enter into a room is stored temporarily to enable real-time collaboration. Content is automatically deleted when the room expires.
  • Hashed passwords - If you create a password-protected room, the password is hashed using bcrypt before storage. We never store plaintext passwords.
  • Owner tokens - A hashed ownership token is generated when you create a room. The corresponding raw token is stored only in your browser's localStorage.
  • IP addresses - Your IP address is temporarily processed for rate limiting and abuse prevention. It is not stored permanently or linked to room content.
  • Anonymous display names - Random display names may be generated for participants in a room. These are not tied to any real identity.

2. How We Use Your Information

  • Providing the service - Room content and real-time edits are transmitted via WebSocket connections to enable live collaboration.
  • Rate limiting - IP-based rate limiting prevents brute-force attacks on password-protected rooms and excessive room creation.
  • Abuse prevention - Basic request throttling protects the platform from spam and misuse.

3. Data Storage & Retention

All room data is stored on MongoDB Atlas, a cloud-hosted database service. Rooms are temporary by design:

  • Room creators choose an expiry duration between 1 hour and 168 hours (7 days).
  • MongoDB TTL (Time-To-Live) indexes automatically delete expired room data.
  • Inactive rooms are cleaned up automatically via a separate inactivity deadline.
  • We do not permanently store room content, and there are no backups of expired data.

4. Cookies & Local Storage

CodeSyncUp does not use cookies for tracking, analytics, or advertising. The only client-side storage we use is:

  • localStorage - Used exclusively to store room owner tokens. These tokens let you manage rooms you created, such as deleting a room or changing its settings. No other data is stored in your browser by this application.

5. Third-Party Services

We use the following third-party infrastructure to operate the service:

  • MongoDB Atlas - Cloud database for storing room data. Subject to MongoDB's own privacy and security policies.

We do not use any third-party analytics, advertising networks, or tracking services.

6. Data Security

We take reasonable measures to protect your data:

  • Passwords for private rooms are hashed using bcrypt before storage.
  • All connections are served over HTTPS to encrypt data in transit.
  • Rate limiting is enforced to prevent brute-force and abuse attacks.
  • Owner tokens are hashed server-side; only the raw token exists in your browser.

While we strive to protect your information, no method of transmission or storage is 100% secure. Use the service at your own discretion.

7. Children's Privacy

CodeSyncUp is not directed at children under the age of 13. We do not knowingly collect information from children. If you believe a child has used the service in a way that concerns you, please contact us and we will take appropriate action.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected on this page with an updated "Last updated" date. Continued use of CodeSyncUp after changes constitutes acceptance of the revised policy.

9. Contact

If you have questions or concerns about this Privacy Policy, reach out to us at contact@codesyncup.com.