Privacy Policy

1. Overview

drpr (“we”, “us”, or “our”) operates the website drpr.host and related services. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

By using drpr, you agree to the collection and use of information as described in this policy.

2. Information We Collect

Account information

When you create an account, we collect your email address and, if you sign in via a third-party provider (e.g. Google), your name and profile picture as provided by that service.

Uploaded content

Files you upload to drpr are stored on Cloudflare R2 object storage. We store metadata about your uploads (file name, size, subdomain, creation date) in our database.

Anonymous uploads

You can upload files without an account. In this case, we issue a site token that allows you to manage your upload. We do not associate anonymous uploads with any personal identity.

Usage data

We collect basic analytics on site visits (page views, referrers, country-level location) to understand how drpr is used. This data is aggregated and not linked to individual users.

Payment information

Payments are processed by Stripe. We do not store your credit card details. Stripe may collect and process payment data according to their own Privacy Policy.

3. How We Use Your Information

• To provide and operate the drpr service
• To authenticate you and manage your account
• To process payments and manage subscriptions
• To send transactional emails (e.g. magic links, receipts)
• To monitor for abuse and enforce our Terms of Service
• To improve the service through aggregated usage analytics

We do not sell your personal data to third parties.

4. Data Retention

Free-tier uploads are automatically deleted after 15 days. Paid-plan uploads are retained until you delete them or close your account.

Account data is retained while your account is active. You may request deletion of your account and associated data at any time by contacting us.

5. Cookies

We use cookies solely to maintain your session and remember your preferences. drpr does not use any tracking or advertising cookies. Our analytics tool (Cloudflare Web Analytics) is cookieless — no cookie is set and no personal data is collected for analytics purposes.

6. Third-Party Services

We use the following third-party services to operate drpr:

• Supabase — authentication and database
• Cloudflare R2 — file storage and CDN delivery
• Cloudflare Web Analytics — cookieless, privacy-preserving analytics
• Stripe — payment processing

Each of these services has its own privacy policy and data handling practices. We encourage you to review them.

7. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to or restrict certain processing
• Data portability

To exercise any of these rights, contact us at privacy@drpr.host.

8. Security

All data is transmitted over HTTPS. We follow industry-standard practices to protect your information. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

9. Children's Privacy

drpr is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. Continued use of drpr after changes constitutes acceptance of the updated policy.

11. Contact

Questions about this policy? Reach us at privacy@drpr.host.