Privacy Policy

1 Who we are

Architectena is operated by an individual based in Egypt. As the data controller, we are responsible for deciding how and why your personal data is processed.

2 Data we collect

Data you provide directly

• Account details — full name, email address, username, password (stored hashed)
• Profile information — birthdate, nationality, phone number, profession, bio, location, website
• Media — profile avatar, cover photo, portfolio images, project files, and other uploads
• Content you create — posts, comments, project descriptions, group messages, job listings, résumé data
• Communications — messages sent through the platform, contact-form submissions

Data collected automatically

• Log data — IP address, browser type, operating system, pages visited, and timestamps, retained in server logs for security and abuse-prevention purposes
• Session data — a session cookie required to keep you signed in
• Error and diagnostic data — when a technical error occurs, limited diagnostic information (which may include your IP address and the page you were viewing) is recorded so we can diagnose and fix the problem

We do not use advertising networks, third-party analytics services (such as Google Analytics), or tracking pixels of any kind. Our own first-party, aggregate usage measurement is described in the Cookies section below.

3 How we use your data

We use your personal data to:

• Create and manage your account and public profile
• Provide platform features — feed, groups, jobs, projects, messaging, and search
• Send transactional emails — account verification, password reset, follow and job notifications
• Detect and prevent fraud, abuse, and unauthorised access
• Comply with legal obligations

We do not use your data for advertising, profiling for marketing purposes, or automated decision-making that produces legal or similarly significant effects.

4 Legal basis for processing (GDPR)

• Contract — processing your account, profile, and content data is necessary to provide the service you signed up for.
• Legitimate interests — security logging and abuse prevention, where our interest in protecting the platform does not override your rights.
• Legal obligation — where processing is required by applicable law.
• Consent — for optional features you explicitly enable. You may withdraw consent at any time.

5 Data sharing and third parties

We do not sell, rent, or trade your personal data. We share data only with the service providers we rely on to operate the platform, each acting as a data processor on our behalf:

• Cloudflare — media storage and content delivery. Files you upload — avatars, cover photos, portfolio images, and project files — are stored on Cloudflare R2 and served through Cloudflare's content-delivery network. Cloudflare acts as a data processor; it is based in the United States and relies on Standard Contractual Clauses for GDPR-compliant transfers.
• Hetzner — our hosting provider. The platform's servers and database run on Hetzner infrastructure located in Germany, within the European Economic Area (EEA).
• Resend — our transactional email provider. Your email address and the content of system-generated emails (e.g. verification links, notifications) are transmitted to Resend solely to deliver those messages. Resend acts as a data processor under a Data Processing Agreement and does not use your data for its own purposes. Resend is based in the United States and relies on Standard Contractual Clauses for GDPR-compliant international transfers.
• Sentry — error monitoring. When the platform encounters a technical error, limited diagnostic data — which may include your IP address and the page you were on — is sent to Sentry so we can diagnose and fix it. Sentry acts as a data processor and is based in the United States.

We may also disclose your data if required by law, court order, or to protect the rights and safety of Architectena or its users.

6 International data transfers

Architectena is operated from Egypt and runs its primary servers and database with Hetzner in Germany, within the European Economic Area (EEA). Some of your data is also processed outside the EEA — by Resend, Cloudflare, and Sentry, which operate in the United States. Such transfers are protected by Standard Contractual Clauses approved by the European Commission. Where Egyptian law applies, we comply with the Personal Data Protection Law No. 151 of 2020.

7 How long we keep your data

• Active accounts — data is kept for as long as your account remains open.
• After account deletion — your personal data is permanently deleted within 5–10 business days. Anonymised aggregate data (e.g. counts) may be retained indefinitely as it can no longer identify you.
• Server logs — retained for up to 90 days for security purposes, then deleted.

8 Cookies

We group cookies and similar storage into three categories. Today we set only the strictly-necessary ones, so no cookie-consent banner is shown. If we ever add analytics or advertising cookies, we will ask for your consent through a banner before any non-essential cookie is set.

1. Strictly necessary — always active

• Session cookie — keeps you signed in during your browsing session. It is deleted when you sign out or your session expires.
• CSRF token — a security token that prevents cross-site request forgery attacks on forms.
• Language preference — remembers whether you chose English or Arabic.
• Theme preference — remembers your chosen light or dark theme.
• Consent choice — if you are ever asked about cookies, this remembers your answer so we don't ask again.

2. Analytics — We measure aggregate site usage — pages viewed, the site you arrived from, your approximate country (from your IP address), and device type — to understand traffic and improve Architectena. This measurement is first-party and recorded on our own servers under our legitimate interest; we do not sell or share it, and raw records are kept for up to 12 months. We do not currently set any analytics cookie on your device.

3. Advertising — We do not show ads and set no advertising or tracking cookies. If that changes, we will request your consent through a cookie banner before any advertising cookie is set, and you will be able to withdraw it at any time.

9 Your rights

Under GDPR, you have the following rights regarding your personal data:

• Access — request a copy of the data we hold about you.
• Rectification — correct inaccurate or incomplete data.
• Erasure — request deletion of your data ("right to be forgotten").
• Restriction — ask us to pause processing of your data in certain circumstances.
• Portability — receive your data in a structured, machine-readable format.
• Objection — object to processing based on legitimate interests.
• Withdraw consent — where processing relies on your consent, you may withdraw it at any time without affecting prior processing.

Many of these rights can be exercised directly through your account Settings page. For requests that cannot be completed there, contact us at [email protected]. We will respond within 30 days.

You also have the right to lodge a complaint with your local data-protection supervisory authority. EU residents may contact their national authority; other users may contact the relevant authority in their jurisdiction.

10 Security

We implement technical and organisational measures to protect your data against unauthorised access, loss, or disclosure — including HTTPS encryption in transit, hashed password storage, and restricted database access. No transmission over the internet is completely secure; we will notify you promptly if a breach affecting your data occurs.

11 Children

Architectena is intended for users who are 16 years of age or older. We do not knowingly collect personal data from children under 16. If you believe a child under 16 has registered, please contact us and we will delete the account.

12 Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, for material changes, notify you by email or an in-platform notice. Continued use of Architectena after changes take effect constitutes acceptance of the revised policy.