Privacy Policy

Effective date: May 31, 2026
Last updated: June 13, 2026

1. Scope

This policy explains how information is handled in Nobo Page ("the Service"). External sites linked from the Service, and third-party services such as GitHub and Google, are governed by their own policies.

2. Operator and contact

The Service is operated by an individual. For questions, requests, or page-recovery requests, please reach us via the contact page (a GitHub Issue).

3. Information we collect and store

The Service is usable without logging in or creating an account. We handle the following:

• Board content: the content you enter when creating or editing a page (title, text, lists, checklists, and links).
• Board settings: access mode (link-only or passphrase-protected), expiry, and lock state.
• Identifiers and timestamps: the public ID (which appears in your page URL) and the created, updated, expiry, and scheduled-deletion timestamps.
• Access keys: the keys contained in the View, Edit, and Admin links are stored only as a one-way hash (HMAC-SHA256). The raw key values are never stored.
• Passphrase: if you set one, it is stored only as a salted one-way hash derived with PBKDF2-HMAC-SHA256. The plaintext passphrase is never stored (this is hashing, not encryption — it cannot be reversed to the original).
• IP address: used transiently to prevent abuse (rate-limiting page creation and detecting repeated authentication failures). It is used in short-lived counters that expire automatically and is not linked to board content or to a personal profile.
• Network and error logs: the hosting platform (Cloudflare) may record IP addresses, User-Agent strings, and request metadata to route traffic and maintain security, and diagnostic information may be recorded in platform logs when an error occurs. Retention of these is governed by the platform's policies. The operator does not maintain a separate long-term access-log database.
• Language and consent state: stored in your browser's localStorage (see Section 5).
• Analytics data: only if you consent, the usage data that Google Analytics 4 collects on public pages (see Section 6).

We do not collect or request your name, email address, phone number, postal address, payment details, or account credentials.

4. How we use information

• To provide the create, view, edit, and manage features.
• To manage expiry, automatic deletion, and recovery.
• To prevent abuse, spam, and attacks, and to maintain security.
• To investigate and resolve faults.
• To maintain and improve the Service.
• To respond to inquiries.
• With your consent, to analyze usage of public pages.
• To comply with applicable law.

We do not use information for advertising or marketing.

5. Cookies and browser storage

For the Service to function, the following is stored in your browser (none of it is sent to our server):

• localStorage: language — display language (English or Japanese).
• localStorage: nobo_analytics_consent_v1 — your analytics consent choice.
• sessionStorage: nobo_new_… — temporary data used to show your share links right after creation; cleared when the tab is closed.

As optional analytics, we may use the following cookies:

• Google Analytics 4 cookies (_ga / _ga_*) — created only on public pages and only if you choose "Allow." They are never used on board pages. You can use the core features whether you accept them or not, and you can withdraw consent at any time from "Cookie settings" in the footer.

6. Google Analytics

• We use Google Analytics 4 (provided by Google LLC) to understand how public pages are used.
• It is enabled only if you consent. While consent is unknown or denied, the measurement script is not loaded, and no request to Google or analytics cookie is created.
• It is never used on board pages.
• It is not used for advertising or ad personalization, and Google Signals is not enabled.
• Information that may be sent: the public page URL (path only — query strings and URL fragments are not sent), referrer, device and browser information, approximate region, and a random cookie-based identifier. Board content, board URLs, IDs, access keys, passphrases, and personally identifying information are never sent.
• To reject or withdraw: choose "Reject" in the consent banner, or change your choice from "Cookie settings" in the footer. On withdrawal, we delete Google Analytics cookies where possible.
• For how Google handles this data, see the Google Privacy Policy and How Google uses information from sites or apps that use our services.

7. Transfers to third parties

If you consent, the information described in Section 6 is sent from public pages to Google LLC.

• Recipient: Google LLC (Google Analytics 4).
• Information sent: as described in Section 6.
• Purpose: measuring and analyzing usage of public pages.
• Sent only with your consent.

Ordinary network traffic for hosting and delivery (Cloudflare) is communication necessary to provide the Service and is distinct from analytics transfers.

8. Third-party sharing and processors

• We do not sell or hand over your content to third parties.
• We rely on external infrastructure (as a processor) to the extent necessary to run the Service: Cloudflare (hosting, database, and network processing).
• With your consent, analytics information is sent to Google (Analytics 4).
• We may respond to lawful disclosure requests.
• Information may be transferred in connection with a business transfer.

9. International processing

Cloudflare and Google may process information on servers located outside your country. Such processing is carried out under their respective policies.

10. Retention and deletion

• Board content and settings: deleted (made inaccessible) at or shortly after the expiry you set (1 hour to 7 days).
• Physical deletion: after expiry or manual deletion, rows are physically deleted from the database within 1 to 72 hours, by a scheduled job.
• Manual deletion: you can delete a page at any time using the Admin link.
• Recovery: until physical deletion occurs, an Admin-link holder may be able to restore a page (not guaranteed).
• Rate-limit and similar counters: expire automatically after a short period.
• Platform logs and backups: the hosting platform (e.g. Cloudflare) may keep transient copies or logs for operational purposes, with retention governed by their policies. The operator does not keep separate content backups. The exact retention of any platform-side backups or logs is outside the operator's control.
• Inquiries: handled on GitHub under GitHub's policies (not stored in the Service's database).

11. Share URLs and capability information

• Each board has three links — View, Edit, and Admin — and anyone who knows the key contained in a link can access it accordingly.
• Treat these links as secrets and share them only with intended recipients. You control how widely they are shared.
• Because keys are stored only as hashes, the operator cannot recover a lost key.
• We do not recommend storing confidential or highly sensitive information.
• Setting a passphrase does not guarantee absolute safety if a link is exposed to a third party.

12. Security measures

We use measures including HTTPS for transport, hashing of access keys and passphrases (so plaintext is never stored), rate-limiting and authentication-failure detection, and security-related HTTP headers (such as a Content Security Policy). However, no transmission or storage over the internet can be guaranteed to be completely secure.

13. Your rights and contact

The Service is usable anonymously without an account, and the operator generally cannot link a particular board to an individual. You can delete a board using its Admin link. For access, correction, or deletion requests, contact us via the contact page. We may ask you to confirm the Admin link for the relevant board. Because the Service is anonymous, we may be unable to verify identity or act on some requests.

14. Minors

Minors should use the Service only with the consent of a parent or guardian (consistent with the Terms of Service).

15. Changes to this policy

We may update this policy as needed. For significant changes, we will give notice within the Service and reflect them on this page, and may ask for consent again where appropriate. The "Last updated" date will be revised accordingly.