Built with Chinaski

Privacy Policy

Chinaski is self-hosted software. This policy describes what data the software collects, how it is stored, and your responsibilities as an operator.

1. What Chinaski collects

When you run a Chinaski instance, the software may store the following data in its SQLite database:

  • Admin user accounts — username, email address, and hashed password for users you create in the admin interface.
  • Form submissions — data submitted through any forms you publish on your site (names, email addresses, and any custom fields you configure).
  • Session tokens — short-lived tokens stored in signed cookies to maintain admin login sessions.
  • Audit and event logs — records of admin actions (content created, updated, or deleted) used for accountability and debugging.
  • Build logs — output from site build runs, retained for diagnostic purposes.

The Chinaski project does not have access to any data on your self-hosted instance.

2. Analytics and tracking

Chinaski does not include any built-in analytics or tracking. If you configure a Google Analytics 4 ID or Google Tag Manager container in Settings, those services will be included in the built site's HTML and governed by Google's privacy policies. You are responsible for obtaining any required consent from your site's visitors.

3. Third-party API keys

If you configure API keys for translation providers (Anthropic, Alibaba, or Ollama), SMTP services, or webhooks, those credentials are stored in your database. You are responsible for keeping your server and database secure.

4. Cookies

The admin interface uses a single signed session cookie for authentication. The published static site does not set any cookies unless you enable the optional cookie-notice banner or embed third-party scripts that set their own cookies.

5. Data retention

Data is retained for as long as your Chinaski instance is running. You can delete form submissions, media, and content through the admin interface. To remove all data, delete the chinaski.db SQLite file.

6. Your obligations as an operator

If your site collects personal data from visitors (through forms, newsletter signups, or analytics), you are responsible for complying with applicable privacy law — including GDPR, CCPA, or other regulations — in the jurisdictions where your site operates. Chinaski provides tooling; legal compliance is your responsibility.

7. Changes to this policy

This policy may be updated as the software evolves. Check this page for the current version.

Last updated: May 2026