arkyn
ChangelogGuides

Privacy Policy

Last updated: 2026-06-02
This Privacy Policy describes how the Arkyn ecosystem collects, uses, shares, stores, and protects personal data related to its documentation website, associated services, and NPM packages, including, without limitation, @arkyn/components, @arkyn/server, @arkyn/shared, and @arkyn/templates.
By accessing the documentation, interacting with official project channels, or using related services, you acknowledge this Policy.

1. Scope

This Policy applies to:
  • The official Arkyn website and documentation.
  • Official forms and contact channels.
  • Online resources associated with the project (for example, analytics, monitoring, newsletter forms, and repository links).
This Policy does not apply, unless explicitly stated, to:
  • Data processed locally by your application when using NPM packages.
  • Third-party websites accessed through external links.
  • Internal processing performed by maintainers outside official infrastructure.

2. Apache License and Privacy

Arkyn packages may be distributed under the Apache License. The software license governs software use, copying, modification, and distribution. It does not replace this Privacy Policy and does not, by itself, define how personal data is handled in online services.
In short:
  • The license governs software rights.
  • This Policy governs personal data processing in official channels and services.

3. Data Controller

For the processing described in this Policy, the controller is the team responsible for the Arkyn project, through official channels published in the documentation.
Main privacy contact: lucasgoncalves@arkyn.dev

4. Categories of Data Collected

Depending on your interaction, we may collect:

4.1 Data provided by you

  • Name, email address, and message content submitted through contact, support, or newsletter channels.
  • Information you voluntarily include in issues, forms, comments, or communications.

4.2 Technical browsing data

  • IP address, access date and time, pages visited, traffic source, language, and browser settings.
  • Device data, operating system, browser type, screen resolution, and basic usage events.
  • Technical identifiers associated with cookies and similar technologies.

4.3 Security and operations data

  • Technical logs for diagnostics, abuse prevention, failure detection, and operational security.

5. What We Do Not Automatically Collect Through NPM Packages

By default, Arkyn packages installed in your project do not automatically collect end-user personal data for transmission to official Arkyn servers without explicit configuration action in your own environment.
Important:
  • Your use of the packages in your application is your responsibility as controller or processor, as applicable.
  • If you integrate third-party tools (analytics, logs, monitoring, external APIs), those integrations are governed by their own policies.

5.1 Optional Logging and Monitoring Services

Certain Arkyn ecosystem components may provide optional logging, monitoring, and observability features, including functionality made available through ApiInstance and related services.
These features are disabled by default and are only activated when explicitly configured by the developer using the software.
When enabled:
  • Technical logs may be transmitted to Arkyn infrastructure for monitoring, diagnostics, observability, troubleshooting, performance analysis, and service improvement purposes.
  • The content of transmitted logs is determined entirely by the developer's own configuration.
  • Arkyn does not automatically collect end-user personal data through its packages without explicit configuration and activation by the developer.
  • Developers are solely responsible for determining which information is collected, logged, and transmitted through these services.
  • Developers are responsible for ensuring compliance with applicable privacy, data protection, and regulatory requirements, including obtaining any necessary permissions, notices, or legal bases for processing personal data.
We strongly recommend that sensitive, confidential, authentication, financial, health-related, or otherwise unnecessary personal information not be included in transmitted logs.
For data submitted through these optional monitoring services, the developer generally acts as the data controller (or equivalent role under applicable law), while Arkyn acts as a service provider, processor, or operator for the purpose of storing, processing, and displaying the submitted logs.
By enabling these features, the developer acknowledges responsibility for the information transmitted and represents that they have the appropriate authority and legal basis to collect, process, and transmit such data.

6. Purposes of Processing

We process personal data to:
  • Provide and maintain the website/documentation.
  • Improve performance, usability, and user experience quality.
  • Respond to contact, support, and technical requests.
  • Send institutional or informational communications, when applicable.
  • Detect and prevent fraud, abuse, misuse, and security incidents.
  • Comply with legal or regulatory obligations, and lawful orders from competent authorities.

7. Legal Bases (LGPD/GDPR)

Where applicable, we process data based on one or more legal grounds, including:
  • Data subject consent.
  • Preliminary procedures and relationship requested by the data subject.
  • Legitimate interest for operation, improvement, and service security, while respecting fundamental rights and freedoms.
  • Compliance with legal or regulatory obligations.
  • Regular exercise of rights in administrative, arbitration, or judicial proceedings.

8. Cookies and Similar Technologies

We may use cookies, local storage, and similar technologies for:
  • Essential website operation.
  • Audience and performance measurement.
  • Browsing analysis and content improvement.
You can manage cookies in your browser settings. Disabling essential cookies may affect functionality.

9. Data Sharing

We may share data, when necessary, with:
  • Infrastructure, hosting, analytics, email, and monitoring providers.
  • Communication and support tools.
  • Public authorities, when legally required.
We seek to share only the minimum data necessary for each purpose, with appropriate contractual and technical safeguards.

10. International Transfers

Some providers may process data outside the data subject's country of residence. In such cases, we adopt appropriate safeguards, such as contractual clauses and practices compatible with applicable law.

11. Retention and Deletion

Data is retained for as long as necessary to fulfill the purposes of this Policy, including legal, regulatory, audit, security, and rights-defense requirements.
When retention is no longer necessary, data is deleted, anonymized, or retained in a blocked form when required by law.

12. Information Security

We adopt administrative, technical, and organizational measures to protect personal data against unauthorized access, misuse, alteration, disclosure, or accidental/unlawful destruction.
No system is completely invulnerable. In case of a relevant incident, we will adopt response measures and, when required, notify data subjects and competent authorities.

13. Data Subject Rights

Under applicable law, you may request:
  • Confirmation of data processing.
  • Access to personal data.
  • Correction of incomplete, inaccurate, or outdated data.
  • Anonymization, blocking, or deletion of unnecessary or excessive data.
  • Data portability, where applicable.
  • Information about sharing.
  • Withdrawal of consent and objection in applicable cases.
  • Review of automated decisions, where applicable.
To exercise rights, contact: lucasgoncalves@arkyn.dev
We may request proof of identity to protect the data subject and prevent fraud.

14. Children's and Teenagers' Data

Our services are not intentionally directed to children without legal supervision. If we identify inappropriate processing of minors' data, we will take measures to stop processing and delete data, subject to legal requirements.

15. Third-Party Content and External Links

The documentation may contain links to third-party platforms and services (for example, NPM, GitHub, analytics providers, design tools, and communication tools). Each third party has its own policy and independent data processing practices.

16. Public Repositories, Issues, and Contributions

Interactions in public repositories (issues, discussions, pull requests, comments) may be publicly visible and indexed by search engines. Avoid publishing sensitive personal data in those environments.

17. Changes to This Policy

We may update this Policy periodically to reflect technical, legal, or operational changes. The current version will be published on this page with an updated date.
When legally required or materially relevant to data subjects, we will communicate changes through appropriate means.

18. Contact

For questions, privacy requests, or the exercise of rights:
  • Email: lucasgoncalves@arkyn.dev

19. Important Notice

This document is informational and operational in nature for transparency in data processing. Depending on jurisdiction and your application's business model, this text may need to be complemented by specialized legal review.
On this page