Privacy Policy

How we collect, use, and protect your personal data

Last updated: November 6, 2025

Version 1.0 | Document ID: PP-20251106-v1

Applicable to: Official FeedCentral instance at feed.benzoogataga.com only. Third-party forks must provide their own privacy policies.

Open Source Transparency

FeedCentral is an open-source project. You can review our entire codebase, including how we handle your data, at github.com/BENZOOgataga/feedcentral

This means complete transparency: you can verify exactly what data we collect, how it's stored, and how it's used. No hidden tracking, no secret data collection.

What IS Open Source:

  • All application code and logic
  • Database schema and structure
  • Data handling and processing methods
  • Security implementations and encryption methods

What is NOT Open Source:

  • Database content: Your personal data, articles, user accounts, and all database records are private and secured
  • Credentials: Passwords are always hashed (never stored in plain text) and cannot be viewed by anyone, including developers
  • Production data: Developers work with test data in development environments and never access production user data
  • Environment secrets: API keys, database connection strings, and other sensitive configuration

Legal Mentions (Mentions Légales)

In accordance with French law (Loi n° 2004-575 du 21 juin 2004 pour la confiance dans l'économie numérique):

Service Operator

This service is operated by an individual residing in France.

In accordance with Article 6 III-2 of French law (LCEN), the operator's full postal address is kept confidential and may be disclosed only upon legitimate legal request to the hosting provider.

Contact: contact@benzoogataga.com (emails handled from France)

Hosting Provider

Company: Vercel Inc.
Address: 440 N Barranca Ave #4133, Covina, CA 91723, United States
Technical Infrastructure: Vercel Inc. (deployment) and Neon.tech (database)

Publication Director

Individual operator residing in France (identity available upon legitimate legal request to hosting provider)

1. Introduction

This Privacy Policy explains how FeedCentral ("we", "us", or "our") collects, uses, and protects your personal information when you use our RSS feed aggregation service at feed.benzoogataga.com.

Legal Framework

This Privacy Policy complies with:

  • GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council (General Data Protection Regulation)
  • French Data Protection Law: Loi n° 78-17 du 6 janvier 1978 relative à l'informatique, aux fichiers et aux libertés (modified)
  • ePrivacy Directive: Directive 2002/58/EC as amended by Directive 2009/136/EC

Responsible Party: This service is operated by an individual residing in France. Contact email (contact@benzoogataga.com) is handled by the operator from France. Full identity and postal address available upon legitimate legal request to the hosting provider (Vercel Inc.).

Your Rights: Under GDPR and French law, you have extensive rights regarding your personal data. We are committed to respecting and facilitating these rights.

2. Data We Collect & Legal Bases

📋 Legal Bases for Processing (GDPR Art. 6)

We process your data based on the following legal grounds:

  • Contract Performance (Art. 6(1)(b)): Account data, authentication, service functionality
  • Legitimate Interest (Art. 6(1)(f)): Security, fraud prevention, service improvement
  • Legal Obligation (Art. 6(1)(c)): Data retention for legal compliance when required

2.1 Account Information

When you create an account, we collect:

  • Email address - Used for authentication and account recovery
  • Username - Your chosen display name
  • Password - Stored as a secure hash (we cannot see your actual password)

Legal basis: Contract performance (GDPR Art. 6(1)(b)) - necessary to provide the service you've requested.

2.2 Usage Data

We collect data about how you use FeedCentral:

  • Articles you read and bookmark
  • Your feed preferences and subscriptions
  • UI preferences (theme, layout)

Legal basis: Contract performance (GDPR Art. 6(1)(b)) - necessary to deliver personalized content and save your preferences.

2.3 Technical Data

Automatically collected for security and functionality:

  • IP address - For security and fraud prevention
  • Browser type and version - For compatibility
  • Device information - For responsive design
  • Access times - For security monitoring

Legal basis: Legitimate interest (GDPR Art. 6(1)(f)) - ensuring security, preventing fraud, and maintaining service quality.

3. How We Use Your Data

We use your personal data only for the following purposes:

Service Provision: To provide you with access to FeedCentral's RSS aggregation features, personalized feed recommendations, and article bookmarking

Authentication: To verify your identity and maintain your session securely

Security: To protect against unauthorized access, abuse, and spam

Service Improvement: To understand usage patterns and improve our features (anonymized analytics only)

Legal Compliance: To comply with applicable laws and respond to lawful requests from authorities

What we DON'T do: We do not sell, rent, or share your personal data with third parties for marketing purposes. We do not track you across other websites. We do not use your data for advertising.

4. Data Storage & Security

4.1 Where We Store Data

Your data is stored in a secure database hosted by Neon Database (Neon.tech). The database region is configured based on deployment settings (typically EU for GDPR compliance). Application hosting is provided by Vercel, Inc., with edge functions distributed globally for performance.

4.2 Security Measures

  • Passwords are hashed using industry-standard algorithms (never stored in plain text)
  • All connections use HTTPS encryption
  • Database access is restricted and monitored
  • Regular security updates and patches
  • Automatic backups to prevent data loss

4.3 Data Retention

We retain your personal data only as long as necessary:

  • Active accounts: Data retained while your account is active
  • Deleted accounts: Personal data permanently deleted within 30 days
  • Articles: Soft-deleted after 7 days (unless bookmarked), hard-deleted after 14 days
  • Logs: Security logs retained for 90 days maximum

5. Your Rights Under GDPR

As a user in the European Union (or anywhere GDPR applies), you have the following rights:

Right to Access

You can request a copy of all personal data we hold about you

Right to Rectification

You can correct inaccurate or incomplete data through your settings page

Right to Erasure ("Right to be Forgotten")

You can delete your account and all associated data at any time

Right to Data Portability

You can export your data in a machine-readable format (JSON/CSV)

Right to Object

You can object to certain types of data processing

Right to Withdraw Consent

You can withdraw consent for data processing at any time

Right to Lodge a Complaint

You can file a complaint with your local data protection authority (CNIL in France: www.cnil.fr)

Post-Mortem Data Directives (GDPR Art. 85 & French Law)

Under French law (Loi Informatique et Libertés, Art. 40-1), you have the right to define instructions regarding the retention, deletion, and communication of your personal data after your death. You can:

  • Designate a trusted third party to execute your wishes
  • Specify whether your data should be deleted or preserved
  • Authorize data transmission to specific individuals

To set your post-mortem directives, contact us at contact@benzoogataga.com (handled from France).

To exercise your rights: Visit your account settings or contact us at contact@benzoogataga.com

6. Cookies & Tracking

We use minimal cookies strictly necessary for the service to function:

  • Authentication cookie (auth_token): Keeps you logged in securely using an HTTP-only, secure cookie containing a JWT token (7-day expiry)
  • Preference storage: Your theme and display settings are stored locally in your browser using localStorage (not cookies)

We do NOT use: Third-party tracking cookies, advertising cookies, or social media tracking pixels. Vercel Analytics and Speed Insights operate without cookies.

For more details, see our Cookie Policy.

7. Third-Party Services

We use the following third-party services that may process your data:

Neon Database (Neon.tech)

Purpose: Database hosting
Data processed: All user data (accounts, bookmarks, preferences)
Location: European Union (exact region depends on database configuration)
Privacy policy: neon.tech/privacy-policy

Vercel, Inc.

Purpose: Application hosting and deployment
Data processed: Technical data, request logs, IP addresses
Location: United States (GDPR-compliant)
Privacy policy: vercel.com/legal/privacy-policy

Vercel Analytics

Purpose: Anonymous website analytics and performance monitoring
Data collected: Page views, navigation patterns, device type, country (anonymized)
Tracking: Does NOT use cookies, does NOT track across websites, does NOT collect personal identifiers
Privacy-first: Designed to be GDPR-compliant without cookie consent banners
Privacy policy: vercel.com/docs/analytics

Vercel Speed Insights

Purpose: Real User Monitoring (RUM) for performance metrics
Data collected: Core Web Vitals (LCP, FID, CLS), page load times, device performance data
Tracking: Does NOT use cookies, anonymized performance metrics only
Privacy-first: No personal data collected
Privacy policy: vercel.com/docs/speed-insights

Important: Vercel Analytics and Speed Insights are privacy-first tools that do NOT require cookie consent banners under GDPR because they don't use cookies or track personal data. They collect only anonymous, aggregated metrics to improve performance.

8. Children's Privacy

FeedCentral is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.

9. International Data Transfers

While our primary database is hosted in the EU region, some technical services may involve data transfers to countries outside the European Economic Area (EEA).

Transfer Safeguards

When your data is transferred outside the EEA, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs): European Commission-approved contract templates that ensure GDPR-level protection (Decision 2021/914)
  • EU-U.S. Data Privacy Framework: Vercel Inc. participates in the Data Privacy Framework, providing an adequacy mechanism for data transfers to the United States
  • Contractual Commitments: All third-party service providers are contractually obligated to maintain GDPR-compliant data protection

Third-Party Service Locations

  • Vercel Inc. (Hosting): United States (Data Privacy Framework participant, uses edge functions for EU data locality where possible)
  • Neon (Database): Configurable region, typically EU (Frankfurt/Ireland) for European users
  • Vercel Analytics/Speed Insights: Privacy-first, cookieless analytics with EU data processing options

For more information about transfer mechanisms, contact contact@benzoogataga.com (handled from France).

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will provide more prominent notice (such as an email notification).

11. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

FeedCentral Data Protection

Email: contact@benzoogataga.com

GitHub Issues: github.com/BENZOOgataga/feedcentral/issues

Based in France - Subject to French law and GDPR

French Data Protection Authority (CNIL)

If we cannot resolve your concern, you have the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL): www.cnil.fr

Important: About Forks & Third-Party Instances

This Privacy Policy applies ONLY to the official FeedCentral project and its official deployments.

FeedCentral is open-source software available on GitHub. While we encourage forking and derivative works, we are NOT responsible for:

  • Third-party deployments: Instances of FeedCentral hosted by other individuals or organizations
  • Modified versions: Forks that have altered the codebase, added features, or changed data handling practices
  • Data breaches on forks: Security incidents, data leaks, or unauthorized access on third-party instances
  • Non-compliant features: Illegal or non-GDPR-compliant modifications made by fork maintainers
  • Malicious code: Backdoors, tracking, or other harmful additions made to forked versions

Always verify: If you're using a FeedCentral instance, make sure you know who operates it and review their privacy policy. The official FeedCentral instance is hosted at feed.benzoogataga.com. Third-party instances may have different privacy practices, data handling, and security measures.

Official FeedCentral:

View Terms of ServiceView Cookie PolicyBack to Dashboard
    FeedCentral - Centralized News Aggregator