Privacy Policy

Who is responsible

AJOURA is the controller for personal data processed through this website, unless a separate notice says otherwise. For privacy requests, contact hello@ajoura.io. If AJOURA is operated by a registered company, that legal company name, address, and registration number should be added here before launch.

What we collect

• Public website usage: selected language, theme preference, article view signals, ad impression/click events, browser request data, and IP address used for security rate limiting.
• News content: article text, translations, source names, images, categories, and related metadata. This is editorial content, not user profile data.
• Admin dashboard: an admin session cookie, login activity, and actions taken by editors or administrators.
• Technical logs: server logs may include IP address, user agent, request time, requested URL, and error details.

Why we use it

• To show news briefings in the selected language.
• To remember language and theme choices on the same device.
• To protect the service from spam, abuse, and excessive automated traffic.
• To measure basic content and ad performance without creating public user accounts.
• To operate the admin dashboard and keep it secure.
• To comply with legal duties and defend legal claims if needed.

Legal bases

• Contract or steps before a contract: where access to admin tools or agreed services requires processing.
• Legitimate interests: site security, abuse prevention, service improvement, basic audience measurement, and fraud prevention, balanced against user privacy.
• Consent: where optional cookies, analytics, marketing tools, push notifications, or similar technologies are introduced.
• Legal obligation: where records must be kept or disclosed under applicable law.

Cookies and local storage

The public website currently uses local storage for language and theme preferences, session storage to avoid repeated article-view signals during one browser session, and an admin-only session cookie for dashboard access. See the Cookie Policy for the full list.

Processors and service providers

• Supabase is used for database, authentication-adjacent admin session support, storage, and server-side data operations.
• Hosting, deployment, monitoring, and email providers may process technical data if they are used in production.
• App store providers may process data separately when users follow app download links.

International transfers

Some providers may process data outside the EU/EEA. Where required, AJOURA should use appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, and vendor data processing agreements.

Retention

• Admin session cookies last up to 7 days unless the admin logs out sooner.
• Language and theme preferences remain on the device until the user clears browser storage.
• Session storage for article view signals is cleared by the browser when the session ends.
• Security logs, rate-limit data, and aggregated performance data are kept only as long as needed for security, operations, legal compliance, or reporting.

Your rights

If EU or UK data protection law applies, you may have the right to access, correct, erase, restrict, object to, or receive a copy of your personal data. Where processing is based on consent, you may withdraw consent at any time. You can also complain to your local data protection authority.

Children

AJOURA is a news and information service and is not directed at children. We do not knowingly create accounts for children or collect children’s personal data through the public website.

Changes

We may update this policy when the service, providers, or legal requirements change. The updated date above shows the latest version.