Privacy Policy

1. Who we are

Sharebench is operated by Cosmin Posteuca, an individual based in Romania, acting as the data controller under GDPR. A legal entity has not been formed yet; one will be incorporated if Sharebench reaches commercial scale, and this notice will be updated at that time. A postal address for legal notice is available on request — email [email protected] for anything privacy-related, including formal correspondence.

2. What we collect

Sharebench runs on two surfaces. Each collects a different, minimal set:

The public site — sharebench.ai

Anyone can browse the public bench without signing up. We use PostHog (EU instance) for anonymous product analytics — but only if you opt in via the consent banner that appears on your first visit. Without your acceptance, PostHog is not loaded and nothing is written to your device. If you decline (or never decide), we receive no analytics data from you at all.

If you do accept, PostHog stores a generated anonymous identifier in your browser's localStorage and one cross-subdomain cookie at .sharebench.ai so we can count returning visits and link your pre-signup browsing to your authenticated profile after you sign up. We do not record sessions, do not run autocapture, and do not collect IP addresses for analytics. We honor the Do-Not-Track header — if your browser sends it, PostHog skips the storage writes and the event send even after consent. You can change your mind any time via the Cookie & analytics settings link in the footer.

Your account — app.sharebench.ai

If you create an account, we collect:

• Your email address (required for login and system mail).
• A display name (how teammates see you).
• Your password, stored only as an argon2id hash — we never see or store the plain-text value.
• Timestamps for when you signed up and when you verified your email.
• Which tenant (workspace) you belong to and whether you created it.

We do not collect phone numbers, addresses, payment details (Sharebench is free during v0.1), IP addresses on signup, browser fingerprints, or any data from third-party advertising networks.

When you read a public artifact

Every read of a public artifact is logged with the artifact ID, the requester's IP address, the source (web or MCP), and a timestamp. The IP is automatically deleted from the row after 90 days by a scheduled database job that runs every night at 03:00 UTC; the artifact ID and timestamp stay indefinitely so aggregate read counts on detail pages remain accurate. We use the IP only to detect scraping and abuse, on the basis of Art. 6(1)(f) — our legitimate interest in keeping the public bench available and reliable (the full legitimate-interests assessment is documented internally and available to the supervisory authority on request). Reads of private artifacts (when you are signed in to your own bench) do not log an IP, because authentication has already identified you.

3. How we use it

Every processing activity below lists its GDPR legal basis under Art. 6(1). For account data this is Art. 6(1)(b): the processing is necessary either to perform the service relationship you entered when you signed up, or to take pre-contractual steps at your request (the second limb of Art. 6(1)(b) — relevant because the formal Terms of Service is currently a placeholder pending the full document). For analytics and the audit log it is Art. 6(1)(f) — legitimate interests: we have a real operational reason and the impact on you is minimal.

• Your email: to authenticate you, send verification and password-reset links, and notify you when you are invited to a tenant. Never used for marketing. (Art. 6(1)(b) — contract.)
• Your display name: shown to teammates inside your tenant and as the author label on artifacts you contribute. (Art. 6(1)(b) — contract.)
• Your password hash: only to verify your password at login. (Art. 6(1)(b) — contract.)
• Anonymous analytics: to understand which pages and features people use, so we can prioritize what to improve. (Art. 6(1)(f) — legitimate interest in improving the product.)
• Audit log of public reads: to detect abusive traffic patterns and to keep aggregate read counts on artifact detail pages. (Art. 6(1)(f) — legitimate interest in keeping the public bench reliable.)

We do not use your data for automated decision-making that produces legal or similarly significant effects on you (Art. 22). Every consequential decision — who can access a tenant, what gets published, who gets banned for abuse — is reviewed by a human (today, that is the operator named in §1).

4. Who else touches your data

Sharebench relies on a small set of third-party services (subprocessors) to operate. Each receives the minimum data required to do its job.

• Hetzner (Germany) — hosts the application, the Postgres database, the search index, and object storage. Your account data, artifacts, and uploads live here at rest, in the EU.
• PostHog EU (Germany) — anonymous product analytics for the public site. Receives only categorical signals (page paths, anonymous identifiers in localStorage). No email, no display name, no IP.
• DeepInfra (Delaware, USA) — generates the vector embeddings that power semantic search. Receives the text content of artifacts you publish, never your account data. Because DeepInfra is established in the United States, this is a transfer of personal data outside the EEA; the transfer is covered by the EU Standard Contractual Clauses (SCCs) — specifically the modules adopted in Commission Implementing Decision (EU) 2021/914, relied on as the appropriate safeguard under GDPR Art. 46(2)(c).
• Resend (operated by Resend, Inc., Delaware, USA) — delivers verification, password-reset, and invite emails. Receives the recipient email address and the message body. We do not enable open tracking, click tracking, or marketing-style attribution. We have selected an EU sending region; delivery transits Amazon SES infrastructure. As a US-based provider, the transfer is covered by the same EU Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914, GDPR Art. 46(2)(c)).

We do not currently use error-reporting SDKs, CDN-based scripts, advertising networks, or payment processors. If we add any, we will update this section before the change ships.

5. Cookies and browser storage

• On the public site (sharebench.ai): nothing by default. PostHog only loads after you accept analytics in the consent banner; if you do accept, it writes one anonymous identifier to localStorage plus one cross-subdomain cookie at .sharebench.ai (used only to link your pre-signup activity to your account after you sign up). The consent decision itself is stored under the consent_v1 key in localStorage — this is strictly necessary under ePrivacy Recital 25 (we need to remember whether you said yes or no). Change your mind any time via the Cookie & analytics settings link in the footer.
• On your account (app.sharebench.ai): one functional session cookie (HTTP-only, Secure, signed JWT) that keeps you logged in for up to 30 days. Without it the site cannot work; it is not used for tracking. This cookie is strictly necessary and does not require consent.

6. How long we keep things

• Account + artifacts: kept for as long as your account exists. When you ask us to delete it (see §8), we remove your account, your password hash, and the artifacts you contributed to private tenants. Public-tenant artifacts you contributed remain published unless you specifically ask for their removal.
• Email verification tokens: expire after 7 days, single-use.
• Password reset tokens: expire after 30 minutes, single-use.
• Invite tokens: expire after 7 days, single-use.
• Audit log of public reads: the IP address is automatically deleted after 90 days by a scheduled Postgres job; the remaining fields (artifact ID, source, timestamp) stay indefinitely so that aggregate read counts on artifact detail pages remain accurate. The audit log is not joined with account records.

7. Your rights under GDPR

Because Sharebench is operated from the EU and processes personal data of users worldwide, GDPR applies to everyone. You have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectify — ask us to correct anything that is wrong.
• Erase — ask us to delete your account and associated data (see §8 for the current mechanism).
• Restrict — ask us to stop processing your data while a question is resolved.
• Object — object to a specific processing activity.
• Port — receive your data in a machine-readable format.
• Complain — lodge a complaint with the Romanian supervisory authority, the Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP), or with the supervisory authority in your country of residence.

To exercise any of these rights, email [email protected]. We respond within one month, as Art. 12(3) requires; for complex or high-volume requests we may extend this by a further two months and will let you know in advance.

8. Deleting your account

Self-service deletion is on the v0.1 roadmap but is not shipped yet. Until it is, email [email protected] from the address tied to your account. We delete your account, your password hash, and the artifacts in your private tenants within one month (extendable per Art. 12(3) as described in §7). Public-tenant artifacts you contributed stay published unless you ask for their removal as well; in that case we remove the contributor attribution and the artifact body on the same window.

When the self-service flow ships, this section will be updated with the in-app path.

9. Children

Sharebench is not directed at children under 16. We do not knowingly collect data from anyone under 16. If you believe a child has created an account, email [email protected] and we will remove it.

10. Changes to this notice

We update this notice when the underlying practices change. The Last updated date at the top is authoritative — if it has not changed, neither has the policy. For material changes (a new subprocessor, a new data category collected, a narrowed retention period), we will mention the change in this section for at least one full revision cycle so returning readers can see what moved.

11. Contact

• Privacy questions and data-rights requests: [email protected]
• Anything else: [email protected]