🔒 Privacy Policy

Last updated: May 15th, 2026

What data do I collect?

By default

• I do not collect, share, or sell any data
• I do not log traffic
• I do not use any analytics, tracking, or browser fingerprinting
• Cloudflare Proxy is disabled
• All services are self-hosted on Oracle Cloud Infrastructure, unless mentioned otherwise below

All services adhere to this policy. Any exceptions are listed below.

Service-specific exceptions

redlib.r4fo.com
Cloudflare Proxy is temporarily enabled due to increased bot activity and abuse, causing rate limiting from the upstream provider.

status.r4fo.com
Hosted on GitHub Pages. See GitHub’s Privacy Policy.

How your data is processed

I use the following open-source security tools to protect my infrastructure from abuse and bots. Both run entirely on my servers and do not share personal data with third parties.

• Anubis — A proof-of-work challenge that runs in your browser to verify you are human. It uses a few signals to decide whether to allow a request. No data is transmitted externally.

• CrowdSec — Detects malicious traffic such as exploit attempts, scans, and brute-force attacks. All processing is done locally. In cases of confirmed abuse, the offending IP address may be reported to CrowdSec Cyber Threat Intelligence to help protect other operators.

Third parties

• All services are hosted on Oracle Cloud Infrastructure. Oracle Privacy Policy
• The status page is hosted on GitHub Pages. GitHub Privacy Policy
• Cloudflare is used for CDN and security on subdomains where Cloudflare’s proxy is enabled. Cloudflare may log suspicious traffic, including IP address, user agent, and query string. These WAF logs are discarded after 14 days. Cloudflare Privacy Policy