🔒 Privacy Policy

👋 1. Overview

Welcome to QuoteMe ZW ("we", "our", or "us"), a Zimbabwe-based platform dedicated to sharing daily inspirational quotes, empowerment stories, and motivational blog content for women, youth, and communities.

This Privacy Policy explains how we handle information when you visit and use our website at quotemeapp.onrender.com and any associated services. By using QuoteMe ZW, you agree to the practices described in this policy.

📊 2. Data We Collect

We collect only what's necessary to run the platform. Here's what we may collect:

Information you provide voluntarily:

• Comments & Forum Posts: Your display name and comment text when you participate in discussions.
• Contact Messages: Your name, email address, and message when you fill in the Contact form.
• Donations: Donation amounts are processed by PayPal — we do not store your payment details.

Information collected automatically:

• IP Address: Used temporarily for rate limiting (anti-spam protection) and is not stored in our database long-term.
• Browser/Device Info: Basic technical data collected by our hosting provider (Render) as part of standard server logging.
• Interaction Data: Like counts and comment interactions — associated with your display name, not a persistent account.

We do NOT collect:

• Persistent user accounts or passwords from the public
• Location data beyond IP-level (country)
• Biometric data of any kind
• Private messaging data

🍪 3. Cookies & Sessions

QuoteMe ZW uses minimal browser-level storage to improve your experience:

• localStorage – Dark Mode Preference: We save your dark/light mode choice in your browser's local storage so it persists between visits. This data never leaves your device.
• localStorage – Liked Items: We track which quotes/stories/blogs you've liked locally in your browser so you don't accidentally double-like. This is stored only on your device.
• Session Cookies: Standard session cookies may be set by our hosting infrastructure (Render/Supabase) for performance and security.

If you clear your browser's local storage, your dark mode preference and liked-item history will reset. This is expected behaviour.

✍️ 4. User-Generated Content

When you post a comment or forum message on QuoteMe ZW, please be aware that:

• Your display name and comment text are visible to all visitors of the website.
• Comments are stored in our Supabase database and may be retained indefinitely unless deleted by an admin.
• Do not post personally identifiable information (phone numbers, addresses, passwords) in comments or forum posts.
• We reserve the right to remove any content that violates our community standards.

Content Guidelines:

• No hate speech, harassment, or discriminatory content
• No spam or repeated messages
• No explicit or adult content
• No sharing of personal information about others

🤖 5. AI & Semantic Analysis

QuoteMe ZW uses automated text analysis on comments and forum posts to help keep the community safe and positive. Here's exactly how it works:

What we analyse:

• The text of comments you submit
• Forum post content

How it works:

• Sentiment Analysis: A keyword-based algorithm classifies comments as 😊 Positive, 😐 Neutral, or ⚠️ Negative based on the words used. This helps our moderators quickly identify comments that may need review.
• Toxicity Scoring: We use an optional machine-learning toxicity classifier (unitary/toxic-bert) to assign a toxicity probability score to comments. Scores above 0.7 are automatically flagged for admin review.

What this analysis does NOT do:

• It does not analyse your browsing behaviour
• It does not identify you personally
• It does not share data with advertisers
• It does not make automated permanent decisions — a human admin reviews flagged content

The AI analysis runs on our backend servers. Comment text is processed in-memory and the sentiment/toxicity scores are stored alongside the comment in our database. The raw text is what you submitted — we do not modify or embellish it.

🛡️ 6. Comment Moderation

QuoteMe ZW is moderated by our admin team using a purpose-built dashboard. Here's how moderation works:

• All comments are visible publicly immediately upon submission.
• Our AI system automatically flags comments with high toxicity scores for review.
• Admins can view, delete, or act on any comment at any time.
• Moderators can see the sentiment label and toxicity score for every comment to assist with review decisions.
• Deleted comments are permanently removed from our database.

We aim to respond to moderation needs promptly. If you believe a comment about you should be removed, please contact us directly.

🤝 7. Data Sharing & Third Parties

We do not sell, trade, or rent your personal data. We may share minimal data with the following trusted services that power our platform:

• Supabase (supabase.com): Our database and file storage provider. Comments, stories, and uploaded images are stored in Supabase. See Supabase's Privacy Policy.
• Render (render.com): Our web hosting provider. Standard server logs including IP addresses are collected by Render. See Render's Privacy Policy.
• PayPal: Donation payments are processed by PayPal. We do not receive or store card details. See PayPal's Privacy Policy.
• Google Fonts: We load fonts from Google Fonts CDN, which may set cookies per Google's privacy practices.

We may disclose information if required by law or to protect the safety of our users or the public.

🔐 8. Security Practices

We take security seriously. Here are the measures we've implemented to protect the platform and its users:

• HTTPS Encryption: All traffic between your browser and our server is encrypted via HTTPS/TLS.
• Admin Authentication: Admin access is protected by bcrypt-hashed passwords and JWT tokens with 12-hour expiry.
• Input Sanitization: All user-submitted text is sanitized to strip HTML tags and prevent cross-site scripting (XSS) attacks.
• Rate Limiting: We limit the number of comments, forum posts, login attempts, and contact messages per IP address to prevent spam and abuse.
• Upload Validation: Uploaded images are validated for file type and size (max 8 MB) before being stored.
• Security Headers: Our server sends X-Content-Type-Options, X-Frame-Options, and X-XSS-Protection headers.

⚖️ 9. Your Rights

You have the following rights regarding any information you've shared on QuoteMe ZW:

• Right to Know: You can ask us what data we hold about you (primarily your submitted comments).
• Right to Delete: You can request deletion of your comments or contact messages by emailing us.
• Right to Rectify: If your submitted content contains an error you'd like corrected, contact us.
• Right to Opt Out: You can stop submitting content at any time — we don't create persistent accounts for the public.

To exercise any of these rights, please contact us using the details in Section 12.

👧 10. Children's Privacy

QuoteMe ZW is intended for users aged 13 and over. We do not knowingly collect personal data from children under 13.

If you believe a child under 13 has submitted personal information to our platform, please contact us immediately and we will take steps to remove that information.

Parents and guardians are encouraged to monitor their children's online activity and use of community features like comments and forum posts.

📝 11. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or new features on the platform.

When we make significant changes, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically.

Continued use of QuoteMe ZW after policy changes constitutes your acceptance of the updated policy.

📩 12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the data we hold, please get in touch: