id
doxanh IdentityLegal and privacy

Auth Platform Privacy Policy

Effective 2026-06-30
Privacy terms for doxanh Identity application registration, email verification, and auth-code exchange.

Who we are

doxanh Identity is an independent authentication and application-registration platform used by doxanh applications and future registered applications.

General contact: contact@doxanh.dev. Privacy requests: privacy@doxanh.dev. Abuse reports: abuse@doxanh.dev. Legal notices: legal@doxanh.dev.

Information we collect

We collect application configuration such as app id, client id, active secret prefix, protected secret hash records, redirect URI allowlists, browser origin allowlists, login mode, client mode, sender settings, and security policy.

We collect sign-in and identity data such as email address, challenge method, request token metadata, verification status, failed-attempt state, one-time auth-code records, and verified identity data returned after successful exchange.

We collect email and anti-abuse data such as email job status, provider metadata, suppression records, rate-limit signals, Turnstile results, failed attempts, and auth/security audit logs.

How we use information

We use information to verify that a user controls an email address, send magic-link or 6 digit code emails, issue one-time auth codes, and let registered application backends exchange auth codes for verified identity data.

We use operational records to enforce redirect URI and origin restrictions, prevent enumeration, email bombing, brute force, spam, abusive login attempts, and support incident investigation.

Product boundary

Auth Platform does not create RecURL's final logged-in web or extension session. The registered application backend creates its own session after successful auth-code exchange.

Auth Platform does not own RecURL media, recordings, screenshots, share links, viewer ads, or RecURL workspace data.

Sharing information

We may share verified identity data with the registered application backend after successful auth-code exchange.

We may share information with email, anti-abuse, hosting, storage, logging, monitoring, legal, and security providers that help operate the platform.

Security

Auth Platform uses controls such as hashed secrets and tokens, one-time request tokens, one-time auth codes, exact redirect URI allowlists, browser origin checks, generic public responses, rate limits, Turnstile/adaptive challenge support, suppression records, and audit logging.

No internet service can guarantee absolute security.

Your choices

Depending on location, users may request access, correction, deletion, restriction, portability, objection, or consent withdrawal.

Requests should be sent to privacy@doxanh.dev.

Updated 2026-06-30. Contact contact@doxanh.dev, privacy@doxanh.dev, legal@doxanh.dev, or abuse@doxanh.dev.