Privacy Policy

When you use SkyLike, we collect the following information: Your Bluesky decentralized identifier (DID) and handle, which are used to authenticate your account and link your activity on the platform. We also collect records of your donation activity, including which posts you have liked and the corresponding micro-donation amounts. If you register as a creator to receive payouts, we collect additional Know Your Customer (KYC) information as required by our payment provider and applicable regulations. This may include your legal name, date of birth, address, and identification documents.

We use your information solely to operate and improve the SkyLike service. This includes processing micro-donations, calculating creator payouts, maintaining your account balance, and providing you with transaction history. We do not sell your personal data to third parties. We do not use your data for advertising or marketing purposes. We do not build advertising profiles based on your activity.

Your data is stored in a PostgreSQL database hosted within the European Union. All data in transit is encrypted using HTTPS (TLS). Session data is managed using iron-session encrypted cookies, ensuring that your session information is cryptographically protected on the client side. We follow industry-standard security practices to protect your data from unauthorized access, alteration, or destruction.

SkyLike integrates with the following third-party services: Bluesky (AT Protocol): We use the AT Protocol to authenticate your identity and monitor your like activity. Your Bluesky handle and DID are shared as part of this integration. Mangopay (future): When payment processing is enabled, we will use Mangopay to handle financial transactions. Your KYC information and payout details will be shared with Mangopay as required to process payments.

Under the General Data Protection Regulation (GDPR), you have the following rights: Right of access: You may request a copy of all personal data we hold about you. Right to rectification: You may request that we correct any inaccurate personal data. Right to erasure: You may request that we delete your personal data and account. We will respond to all data rights requests within 30 days. To exercise any of these rights, contact us at privacy@skylike.social.

We retain your personal data for as long as your account is active. If you delete your account, we will remove your personal information within 30 days. Anonymized transaction records may be retained indefinitely for accounting and regulatory compliance purposes. These records cannot be linked back to your identity.

SkyLike uses a single encrypted session cookie named skylike_session to maintain your authenticated session. This cookie is strictly necessary for the service to function and does not track your activity across other websites. We do not use tracking cookies, analytics cookies, or any third-party cookies.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make changes, we will update the "Last updated" date at the top of this page. Continued use of SkyLike after changes to this policy constitutes your acceptance of the updated terms.

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at: privacy@skylike.social