ShareCode (sharecode.in) is a real-time, AI-powered code sharing and collaboration platform operated by Octopus Technologies, based in India. Throughout this Privacy Policy, "ShareCode", "we", "our", or "us" refers to Octopus Technologies as the data controller responsible for the personal information collected through our website, applications, and related services (collectively, the "Services").

This Privacy Policy describes what information we collect, why we collect it, how we store and protect it, and the choices available to you. By accessing or using the Services you agree to this Policy. If you do not agree, please stop using the Services.

1.1 Information You Provide Directly

• Account registration — name, email address, and password when you sign up for ShareCode.
• Profile & content — code snippets, project titles, and any other content you upload or share through the editor.
• Communications — messages sent via our contact form, support emails, or feedback channels.

1.2 Information Collected Automatically

• Device type, browser, operating system, screen resolution, and language preferences.
• Pages visited, features used, referral URLs, and session duration.
• IP address, approximate geolocation, timestamps, and error or crash logs.
• Cookie identifiers, advertising IDs, and analytics signals (see Section 4).

We use the information we collect to:

• Operate the ShareCode editor, real-time collaboration sessions, and code-space management features.
• Authenticate users via Firebase Authentication and maintain secure sessions.
• Respond to support requests and communicate important service updates.
• Analyze usage patterns and product performance to improve the platform.
• Detect, investigate, and prevent abuse, fraud, or terms violations.
• Display advertisements (including Google AdSense) and measure their effectiveness.
• Comply with applicable laws, regulations, and legal processes.

Where required (including under the GDPR and UK GDPR), we rely on one or more of the following lawful bases:

• Contract — processing necessary to provide the Services you signed up for.
• Consent — where you have given explicit consent (e.g., accepting cookies or opting into newsletters).
• Legitimate interests — improving security, preventing fraud, and enhancing the platform, balanced against your rights.
• Legal obligation — compliance with applicable laws or regulations.

ShareCode uses cookies and similar tracking technologies to operate the platform, remember your preferences, and display advertisements. We display ads served by Google AdSense and potentially other third-party ad networks.

• Third-party vendors, including Google, use cookies to serve ads based on your prior visits to sharecode.in and other websites on the internet.
• Google's use of the DoubleClick cookie enables it and its partners to serve personalized ads to you based on your browsing history.
• You may opt out of personalized advertising at any time by visiting Google Ads Settings.
• You can manage additional third-party ad preferences at aboutads.info/choices and youronlinechoices.com.
• Most browsers let you block or delete cookies. Note that disabling cookies may affect some features of the Services.

Cookie consent: When you first visit ShareCode, a cookie consent banner is displayed. Tracking and advertising cookies are not set until you provide consent, in line with GDPR and ePrivacy requirements.

We strictly prohibit invalid click activity, artificial traffic, misleading ad placements, and any form of traffic manipulation. We reserve the right to restrict or terminate access for users involved in such behavior.

ShareCode relies on the following third-party services to deliver core functionality:

• Firebase (by Google) — we use Firebase Authentication to manage sign-up, login, and session security; Cloud Firestore to store code documents, user profiles, and collaboration data; and Firebase Hosting and related infrastructure services. Firebase processes data on our behalf in accordance with Google's data processing terms.
• Google Analytics — for aggregated usage statistics and performance monitoring.
• Google AdSense — for displaying advertisements (see Section 4).
• Vercel — for hosting and deployment of the web application.

Each provider operates under its own privacy policy and data processing agreements. We only share the minimum data necessary for them to deliver their services.

• Service providers — infrastructure, analytics, hosting, and support partners (listed in Section 5).
• Advertising & analytics partners — subject to your cookie consent and applicable law.
• Legal authorities — when required by a court order, subpoena, or other legal process, or to protect the rights, safety, or property of ShareCode and its users.
• Business transfers — in connection with a merger, acquisition, or sale of assets, with appropriate safeguards.

We do not sell, rent, or trade your personal data to third parties for their marketing purposes. We are not a data broker.

We keep your data only as long as needed for the purposes described in this Policy:

• Account data — retained while your ShareCode account is active and for a reasonable period afterward to fulfill legal obligations.
• Code documents — retained until you delete them or until your account is removed.
• Server logs — typically retained for up to 90 days after collection for security and diagnostic purposes.
• Contact & support messages — retained for a reasonable period to resolve issues and improve service quality.

When data is no longer required, we delete, anonymize, or securely archive it.

We use industry-standard technical and organizational measures — including HTTPS encryption, Firebase security rules, and access controls — to protect the personal information we process. However, no internet-based system can be guaranteed to be 100% secure, and we cannot ensure absolute security.

Our security measures include, but are not limited to:

• Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security). This includes code you type in the editor, authentication credentials, and real-time synchronization data sent via WebSocket connections.
• Firebase Security Rules: Cloud Firestore access is governed by server-side security rules that validate every read and write operation. These rules ensure that users can only access data they are authorized to view or modify, preventing unauthorized access to code spaces, user profiles, and session data.
• Authentication safeguards: Firebase Authentication handles password hashing, session token management, and brute-force protection. Passwords are never stored in plain text. Session tokens are cryptographically signed and validated on every request.
• Minimal data collection: We follow the principle of data minimization — we collect only the information necessary to provide and improve the Services. We do not collect sensitive personal information such as financial data, government identifiers, or health information.
• Access controls: Access to production systems and databases is restricted to authorized personnel only. We use role-based access controls and audit logs to monitor administrative access.

Despite these measures, we strongly recommend that users do not share sensitive information such as API keys, passwords, database credentials, or proprietary business logic through any online code editor, including ShareCode. If you discover a security vulnerability or suspect unauthorized access to your account, please contact us immediately at sharecodelive@gmail.com.

ShareCode uses Yjs, a CRDT (Conflict-free Replicated Data Type) library, for real-time code synchronization. When multiple users edit the same code space simultaneously, their changes are transmitted through a WebSocket relay server. Here is how this data flow works from a privacy perspective:

• Relay server: The signaling server acts as a relay — it forwards binary-encoded CRDT updates between connected clients. It does not parse, inspect, or store the content of your code. The server is stateless with respect to document content.
• Document persistence: The current state of each code space document is persisted in Firebase Cloud Firestore. This allows users to close their browser and return to the same code later. Documents remain stored until the user deletes them or the account is removed.
• Awareness data: Yjs uses an "awareness " protocol to show other users' cursor positions and online status. This data is ephemeral — it exists only while users are connected and is not stored or logged.
• No code analysis: ShareCode does not analyze, scan, or inspect the content of your code for any purpose. We do not use your code to train machine learning models, extract patterns, or derive insights. Your code belongs to you.

ShareCode is operated from India. Your information may be processed by our service providers in other countries (including the United States). Where required, we rely on Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms.

Depending on where you live, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you.
• Correction — ask us to correct inaccurate or incomplete data.
• Deletion — request deletion of your account and associated data.
• Restriction & objection — ask us to limit or stop certain processing activities.
• Portability — receive your data in a structured, commonly used format.

California residents (CCPA/CPRA): You have additional rights to know, delete, correct, and opt out of the sharing of personal information. We do not discriminate against users who exercise their privacy rights.

How to request account or data deletion:

Send an email to sharecodelive@gmail.com with the subject line "Data Deletion Request" and include the email address associated with your account. We will verify your identity and process the request within 30 days.

ShareCode is not intended for children under 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal information from children. If we discover that a child has provided us with personal data, we will delete it promptly.

The Services may contain links to external websites or resources not operated by ShareCode. We are not responsible for the content, privacy practices, or security of any third-party sites. We encourage you to review their privacy policies before providing personal information.

We may revise this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page. For material changes, we may also notify you via email or an in-app notice.

If you have questions about this Privacy Policy, want to exercise any of your rights, or need to report a concern, contact us at:

• Operator: Octopus Technologies
• Country: India
• Email: sharecodelive@gmail.com
• Website: sharecode.in