Privacy Policy

Last updated: February 2026

1. Introduction

Welcome to dylantrose.com ("the Site"), operated by Dylan Rose. Your privacy is important to us. This Privacy Policy explains what information we collect, how we use it, and your choices regarding that information.

2. Information We Collect

2.1 Analytics Cookies

We use first-party cookies to understand how visitors interact with the Site. These cookies do not identify you personally. They include:

  • Visitor ID — A randomly generated anonymous identifier stored for up to 2 years. This helps us distinguish new visitors from returning visitors.
  • Session ID — A temporary identifier that expires after 30 minutes of inactivity. This helps us understand how many pages visitors view per visit.

2.2 Page View Data

When you visit a page on the Site, we automatically collect:

  • The page URL visited
  • Date and time of the visit
  • Referring URL (the page that linked you here)
  • Browser type and device category (desktop or mobile)

2.3 Account Information

If you create an account on the Site, we collect the information you provide during registration (username, email, password). If you are logged in, your browsing activity on the Site may be associated with your account to provide a personalized experience.

2.4 User-Generated Content

If you post comments on blog articles, we store the comment text, your display name, and the date it was posted.

2.5 Email Integration (Gmail/Outlook OAuth)

If you choose to connect your Gmail or Outlook email account to use the contact management features, we collect and store:

  • OAuth Access Tokens — Encrypted tokens that allow us to access your email on your behalf. These tokens are stored securely in our database and are never shared with third parties.
  • OAuth Refresh Tokens — Encrypted tokens used to renew access tokens when they expire (typically after 1 hour for Gmail).
  • Email Address — Your email address associated with the connected account.
  • Email Metadata — When you view contact details, we temporarily retrieve email subjects, senders, recipients, dates, and message previews from your inbox. We do not store email content — emails are fetched on-demand for display only.

Scopes Requested:

  • Gmail: Read-only access to your Gmail messages (gmail.readonly), your email address, and basic profile information
  • Outlook: Read-only access to your mail (Mail.Read) and basic user information

How to Revoke Access: You can disconnect your email account at any time from your account settings. This will delete all stored OAuth tokens. You can also revoke access directly through your Google Account or Microsoft Account settings.

3. How We Use Your Information

We use the collected information to:

  • Understand site traffic and visitor behavior through our analytics dashboard
  • Improve the content and user experience of the Site
  • Identify and fix technical issues
  • Provide account functionality (login, comments, profile pictures)
  • Display email history with your contacts for relationship management (when you connect Gmail/Outlook)
  • Automatically refresh OAuth tokens to maintain email access without requiring re-authentication

Email Data Usage: Email data retrieved through OAuth is used solely to display your communication history with contacts in your contact management dashboard. We do not analyze, mine, or use your email content for any other purpose. Email content is never stored permanently — it is fetched on-demand when you view a contact's details.

4. Third-Party Services

We do not sell, trade, or share your personal information with third parties. The Site uses the following external services:

  • Google Cloud Platform — For hosting and file storage (profile pictures, blog images)
  • Google Gmail API — When you connect your Gmail account, we use Google's API to fetch email data on your behalf. We comply with Google's API Services User Data Policy, including the Limited Use requirements.
  • Microsoft Graph API — When you connect your Outlook account, we use Microsoft's API to fetch email data on your behalf.
  • Bootstrap & Font Awesome — For UI components, loaded from CDNs
  • Chart.js — For rendering analytics charts, loaded from a CDN

Google API Services User Data Policy Compliance: Our use of information received from Gmail APIs adheres to Google API Services User Data Policy, including the Limited Use requirements. We only use Gmail data to provide contact management features and do not transfer it to third parties.

5. Cookies & Your Choices

The Site uses only first-party, functional cookies. We do not use third-party advertising or tracking cookies. You can control cookies through your browser settings:

  • Block or delete cookies at any time via your browser's privacy settings
  • Use your browser's incognito/private mode to browse without persistent cookies
  • The Site will continue to function if you disable cookies, but some analytics features will not track your visits

6. Data Retention

Analytics data (page views, visitor IDs, session IDs) is retained indefinitely for historical trend analysis. Account information is retained as long as your account exists. You may request deletion of your account and associated data by contacting us.

7. Data Security

We take reasonable measures to protect your information, including:

  • HTTPS encryption for all data transmission
  • Encrypted storage of OAuth access and refresh tokens using industry-standard encryption
  • Secure cookie flags (HttpOnly, SameSite) to prevent cross-site attacks
  • Secure cloud infrastructure with regular security updates
  • No permanent storage of email content — emails are fetched on-demand only

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

8. Children's Privacy

The Site is not directed at children under 13. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.

10. Contact

If you have questions about this Privacy Policy or wish to request data deletion, please contact us at dylantrose@gmail.com.