Skip to content
devclubhouse
Legal

Privacy & Security Policy

Last updated June 8, 2026

This policy explains what information DevClubHouse (“we”, “us”) collects, how we use and protect it, and the choices you have. We aim to collect as little as possible and to be clear about the rest. By using devclubhouse.com (the “Service”) you agree to this policy.

1. Information we collect

Account information (via GitHub)

If you sign in, we use GitHub OAuth. We never see or store your GitHub password. With your authorization we receive and store your public profile: GitHub ID and username, display name, avatar, profile URL, bio, company, location, and public follower / following / repository counts, plus the email address GitHub provides. We request read-only scopes (read:user, user:email) — no access to your repositories or to write to your account.

Content you submit

Comments and votes you post, and messages you send through our contact form (name, email, topic, message). Comment text is processed by automated moderation (see “AI & automated processing”).

Technical data

Standard server logs (IP address, browser user-agent, pages requested, timestamps) and a first-party session cookie used to keep you signed in and to protect forms against CSRF. We do not use third-party advertising or cross-site tracking cookies.

2. How we use information

  • To authenticate you and display your profile, comments and votes.
  • To operate community features and keep them free of spam and abuse.
  • To respond to contact-form enquiries (including advertising and press).
  • To secure, debug, and improve the Service, and to comply with law.

We do not sell your personal information.

3. AI & automated processing

DevClubHouse is an AI-curated publication. To run the Service we send limited data to AI processors strictly to perform a task:

  • Comment moderation: the text of a comment you submit is sent to our moderation model (Groq) to score it for spam and off-topic links before it is published.
  • Editorial pipeline: our article-writing pipeline uses third-party models (e.g. Anthropic Claude, Groq, OpenAI) on public source material, not on your personal data.

These processors act on our instructions and do not receive your account credentials. Automated moderation may block a comment; repeated violations can suspend commenting (you can appeal — see “Your rights”).

4. Sharing & disclosure

We share information only with:

  • Service providers who host and operate the Service (hosting, and the AI processors above) under confidentiality obligations.
  • Legal authorities when required by law, or to protect the rights, safety, and security of our users and the Service.

Comments, votes and your public profile details are, by nature, visible to other users.

5. Data retention

We keep account and content data for as long as your account is active or as needed to provide the Service. Contact-form messages are retained while we handle and follow up on your request. Server logs are kept for a limited period for security and debugging. You can request deletion at any time.

6. Security

We take reasonable measures to protect your information, including:

  • Encryption in transit: the entire site is served over HTTPS (TLS).
  • No password storage: authentication is delegated to GitHub OAuth; we never hold your password.
  • Secrets management: API keys and credentials are kept in server-side configuration, never exposed to the browser or committed to source control.
  • Abuse controls: CSRF protection on forms, automated spam moderation, and rate-appropriate posting limits.
  • Least privilege: we request only read-only GitHub scopes and minimal data.

No system is perfectly secure. If you believe you've found a vulnerability, please report it responsibly via our contact page (topic “Support / bug report”) and give us reasonable time to remediate before public disclosure.

7. Your rights & choices

  • Access & deletion: request a copy of your data or deletion of your account and content.
  • Correction: most profile fields refresh from GitHub on each sign-in; update them at the source.
  • Appeals: if your commenting was suspended, contact us to request review.

Reach us through the contact page for any of the above. Depending on where you live, you may have additional rights under laws such as the GDPR or CCPA; we honour them.

8. Children

The Service is intended for developers and is not directed to children under 16. We do not knowingly collect data from them.

9. Changes

We may update this policy as the Service evolves. Material changes will be reflected by the “Last updated” date above, and where appropriate we'll provide additional notice.

10. Contact

Questions about privacy or security? Use our contact page and choose the “Legal / privacy” topic.