Privacy Policy | The AI Manifesto: Using AI responsibly in Development and Collaboration

Last updated: 2025-08-09

1. Introduction

This privacy policy explains how we collect, use, and protect your personal information when you visit ai-manifesto.dev (the "Site"). This Site is operated as a non-commercial project and we are committed to protecting your privacy in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws. We do not collect data for commercial purposes or analytics tracking.

2. Data Controller

The data controller for this website is the AI Manifesto project:
AI Manifesto Organization on GitHub

3. Information We Collect

3.1 Information You Provide

GitHub OAuth: When you sign up via GitHub, we receive only your public profile information including: username, display name, email address (if public), avatar URL, and profile URL. We do not access private repositories or any private data.
LinkedIn OAuth: When you sign up via LinkedIn, we receive only your public profile information including: name, profile picture, and public profile URL. We do not access your connections, private messages, or any private data.
Communications: When you contact us via email, we collect your email address and the content of your message.

3.2 Information Automatically Collected

No Analytics Tracking: We do not use any analytics services, tracking cookies, or data collection tools. This is a privacy-first, non-commercial project.
Technical Data: Our hosting provider Vercel may collect minimal technical information such as IP addresses and access logs solely for security and performance purposes.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Consent: When you voluntarily sign the manifesto using OAuth authentication
Legitimate Interest: For website security and performance (minimal technical logs only)
Legal Obligation: When required to comply with applicable laws

5. Privacy Levels

When signing the manifesto, you can choose from three privacy levels:

Full Profile: Display your full name, optional profile picture, and clickable link to your profile
First Name Only: Display only your first name and optional profile picture, without any profile link
Anonymous: Display "Anonymous Supporter" with a generic avatar and no profile link

You can control whether to show your profile picture for all non-anonymous privacy levels.

6. How We Use Your Information

We use your information only to:

Display your public profile information in the signees list according to your chosen privacy level
Authenticate users through GitHub or LinkedIn OAuth
Respond to your inquiries and communications
Ensure website security and prevent abuse
Comply with legal obligations

We do not: sell your data or use it for any commercial purposes.

7. Data Sharing and Third Parties

We share your data with the following third-party services necessary for website operation:

7.1 GitHub

For user authentication. We only access your public profile information. GitHub's privacy policy applies: GitHub Privacy Statement

7.2 LinkedIn

For user authentication. We only access your public profile information. LinkedIn's privacy policy applies: LinkedIn Privacy Policy

7.3 Supabase

Our database hosting provider that stores signee information securely. Supabase's privacy policy applies: Supabase Privacy Policy

7.4 Vercel

Our hosting provider processes minimal technical data for website delivery and security. Vercel's privacy policy applies: Vercel Privacy Policy

8. Data Retention

Signee Data: Retained until you request deletion or remove your signature
Email Communications: Retained for up to 2 years or until deletion is requested
Technical Logs: Retained by Vercel according to their retention policies (typically 30 days)
No Analytics Data: We don't collect any analytics or tracking data

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of Access: Request a copy of your personal data
Right to Rectification: Request correction of inaccurate data
Right to Erasure: Request deletion of your personal data
Right to Restrict Processing: Request limitation of data processing
Right to Data Portability: Request transfer of your data
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us at mail@ai-manifesto.dev .

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes:

HTTPS encryption for all data transmission
Secure OAuth authentication through GitHub and LinkedIn
Database hosted on Supabase with enterprise-grade security
Regular security updates and monitoring
Data minimization - we only collect what's necessary

11. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States (Vercel, GitHub, Supabase). These transfers are based on adequacy decisions, standard contractual clauses, or other appropriate safeguards as required by GDPR.

12. Cookies and Tracking

This website does not use tracking cookies or analytics. GitHub and LinkedIn OAuth may set necessary session cookies for authentication purposes only. We do not track individual users or collect behavioral data.

13. Non-Commercial Nature

This is a non-commercial, open-source project dedicated to promoting responsible AI development practices. We do not monetize user data, display advertisements, or use data for any commercial purposes. The source code is available at: AI Manifesto GitHub Organization

14. Changes to This Privacy Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. For significant changes, we may provide additional notice.

15. Contact Information

If you have any questions about this privacy policy or our data practices, please contact us: