1Introduction

Auktiva ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our free, open-source auction platform for fundraisers, charities, and internal events.

2Information We Collect

We collect information you provide directly to us when you use Auktiva:

Account Information

Your name, email address, and password when you create an account. If you sign in with Google or Microsoft, we receive your name, email address, and profile picture from the respective provider.

Auction Data

Information about auctions you create or join, items you list, bids you place, and your membership roles.

Uploaded Content

Images and descriptions you upload for auction items and auction thumbnails.

Preferences

Your email notification settings and theme preferences.

How We Use Your Information

We use the information we collect to provide and improve our auction services:

Process your auction activities, bids, and membership roles
Display real-time bid updates and auction status to participants
Send you email notifications about auction activity when you opt in
Generate auction results and allow you to export data
Respond to your questions and provide support

Data Storage

If you use the hosted version at auktiva.org, your data is stored securely using industry-standard infrastructure. Database information is stored using Turso (distributed SQLite), and uploaded images are stored using S3-compatible cloud storage.

If you choose to self-host Auktiva, you are responsible for your own data storage and security. Self-hosted instances can use local SQLite databases and local filesystem storage for complete control over your data.

Data Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties. Your auction data is only visible to members of the auctions you participate in, according to the privacy settings configured by each auction owner.

Auction owners can configure privacy settings including anonymous bidding to hide bidder identities, invite-only access restrictions, and role-based permissions to control what each member can see and do.

Third-Party Authentication (OAuth)

If you choose to sign in with Google or Microsoft, we use their OAuth 2.0 services to authenticate your identity. When you sign in with these providers, we receive your basic profile information (name, email address, and profile picture) from them.

We do not receive or store your Google or Microsoft password. Each provider's use of your information is governed by their respective privacy policies. You can revoke Auktiva's access at any time through your Google Account settings (myaccount.google.com) or Microsoft Account settings (account.microsoft.com).

Email Communications

We may send you emails for welcome messages when you register, auction invitations when someone invites you to participate, outbid notifications when another user places a higher bid, and new item notifications for auctions you've joined.

You can manage your email preferences in your account settings at any time. Notifications for outbids and new items are disabled by default to respect your inbox.

Cookies and Local Storage

We use browser local storage to remember your theme preference (light or dark mode) and to maintain your session authentication. We do not use third-party tracking cookies or analytics services that track your behavior across websites.

Open Source Transparency

Auktiva is 100% open source software released under the MIT License. You can review our complete codebase on GitHub to see exactly how we collect, store, and handle your data. You can also self-host Auktiva for complete control over your information.

Your Rights (GDPR)

Under GDPR and similar data protection regulations, you have the right to: access your personal data through your account settings, correct inaccurate information by updating your profile, request deletion of your account and all associated data (right to erasure), and manage your email notification preferences.

To exercise any of these rights, visit your account settings or contact us through the channels listed below.

Account Deletion

You can permanently delete your account at any time through Settings → Delete Account. This process is immediate and irreversible.

When you delete your account, we remove: your profile information (name, email, password hash), your user settings and preferences, your auction memberships, auctions you own (or transfer them to another user), items you created, your complete bid history, all your notifications, and any connected OAuth accounts.

If you own auctions, you must either transfer ownership to another registered user or choose to delete them before your account can be deleted. If you are the Deployment Admin, you must transfer those rights first.

Data Retention

We retain your data for as long as your account is active. Auction data is retained until the auction owner deletes the auction. When you delete your account, all your personal data is immediately and permanently removed from our systems. We do not retain backups of deleted user data.

Children's Privacy

Auktiva is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will post the new Privacy Policy on this page and update the "Last updated" date at the top. We encourage you to review this policy periodically.

Contact Us

If you have questions about this Privacy Policy or how we handle your data, please reach out through our GitHub Issues or contact the project maintainer at tamaslorincz.com.