Privacy Policy

Last updated: January 2, 2026

The "Human Readable" Summary

  • We do not sell your data. Ever.
  • We support multiple login methods (Email, GitHub, Google, etc.) so you can choose how to secure your account.
  • We only collect data necessary to run the site (like your username for your profile).
  • We use cookies strictly for keeping you logged in and security.

1. Information We Collect

We try to collect as little as possible. Here is exactly what we store:

Account Data

Social Login: When you sign in via GitHub, GitLab, Discord, or Google, we receive your public profile info (Username, Avatar, Email). We do not receive your password from these services.

Email Login: If you register with an email and password, we store your email and a securely salted and hashed version of your password. We cannot see your actual password.

Usage Logs

Like almost every website, our servers automatically record your IP address and browser type when you request a page. This helps us prevent abuse, rate-limit malicious bots, and fix bugs.

2. How We Use Your Information

We use your data solely to provide the Modtale service:

  • To create your user profile so people know who uploaded a mod.
  • To allow you to link multiple accounts (e.g., linking GitHub to an Email account) for easier login.
  • To track download counts and view statistics (these are aggregated).
  • To allow you to post reviews and comments.
  • To send important account notifications (like security alerts or transfer requests).

3. Third-Party Services

We rely on a few trusted external providers to keep the lights on. We don't share your data with them for marketing, only for infrastructure.

  • Google Cloud Platform (GCP) & AWS: Hosting our database, backend API, and file storage.
  • Authentication Providers: GitHub, GitLab, Discord, and Google are used to verify your identity if you choose to sign in with them.
  • Sentry: Used for error tracking. If the site crashes, Sentry gets a report so we can fix it. This may include basic device info but attempts to strip sensitive data.

4. Cookies

We use a session cookie (`SESSION`) to remember that you are logged in. We also use a security cookie (`XSRF-TOKEN`) to prevent cross-site request forgery attacks. We do not use third-party tracking pixels or advertising cookies.

5. Your Rights

You own your data. You have the right to:

  • Access: Ask us what data we have on you.
  • Correction: Fix any wrong information via your Settings page.
  • Unlinking: You can unlink connected social accounts (like GitHub or Discord) in your dashboard, provided you have at least one valid login method remaining.
  • Deletion: You can permanently delete your account via the "Danger Zone" in your settings.

Note on Mod Deletion: If you delete your account, your public mods may be kept (but anonymized) if deleting them would break modpacks that depend on them. You can manually delete your mods before deleting your account if you wish to remove everything.

6. Contact Us

If you have concerns about your privacy, please open an issue on our GitHub repository or contact the maintainers directly.