Privacy Policy

This policy applies to kotauth.com — the marketing and documentation website for the Kotauth open source project. It does not apply to self-hosted Kotauth instances you deploy yourself; those are governed by your own configuration and applicable laws.

Analytics (Google Analytics 4). This website uses Google Analytics 4 to understand how visitors find and use the site. GA4 automatically collects your IP address, browser type, device type, operating system, referring URL, pages visited, and approximate geographic location (country/city level). This data is processed by Google and subject to Google's Privacy Policy.

Contact form. If you use the contact form, your name, email address, and message are composed locally in your browser and sent via your mail client directly. We do not operate a form submission backend — nothing is stored on our servers.

We do not collect passwords, payment information, or account credentials on this website. There are no user accounts on kotauth.com.

Google Analytics sets first-party cookies (_ga, _ga_*) to distinguish visitors and track sessions. These cookies persist for up to 2 years. We do not set any other cookies on this website.

If you are in the European Economic Area (EEA), we process analytics data under Legitimate Interests (Article 6(1)(f) GDPR) — specifically the interest of understanding how the site is used to improve it. If you object to this processing, you can opt out by installing the Google Analytics Opt-out Browser Add-on or using a content blocker that blocks analytics trackers.

Google Analytics retains event-level data for 14 months by default, then aggregates it. We do not retain any personal data independently of Google Analytics.

We use Google Analytics (Google LLC, USA). Google is certified under the EU-U.S. Data Privacy Framework. We do not sell data to any third parties, nor do we use data for advertising purposes.

Depending on your jurisdiction, you may have the right to access, correct, or delete data held about you, or to object to processing. Because we process analytics data through Google, requests related to that data should be directed to Google. For any other inquiry, contact us via the contact page.

Kotauth is open source software licensed under the MIT License. When you self-host Kotauth, you become the data controller for the identity data your instance processes. This privacy policy does not govern that — you are responsible for your own compliance.

We may update this policy as the website evolves. The "Last updated" date at the top of this page will reflect any changes. We will not make material changes without updating that date.

Questions about this policy? Reach us via the contact page or open an issue on GitHub.