Privacy Policy

What we collect

SkaiRWE is an anonymous read-only catalog for unauthenticated visitors. In Phase 1 we do not run any analytics, tracking pixels, or third-party scripts. The only cookies set are the NextAuth v5 session cookies issued to users who sign in, scoped to the .skai-line.com domain so a single session works across the Skai Line property.

Signing in is optional and only required for curator, ingestor, and admin roles. Anonymous visitors never see a cookie banner because no cookies are set for them.

Authentication data

When you sign in with Google, we receive your email address, name, and profile image URL from Google's OAuth 2.0 identity endpoint. These fields are stored in Postgres and used to determine your role and attribution for audit events. We never receive your Google password.

Audit logging

Every write action performed by a signed-in curator, ingestor, or admin is recorded in a per-tenant hash-chained audit log. The log records the actor's user ID, role, action, resource type, and timestamp. It does not record IP addresses or user agents.

No PHI

SkaiRWE does not ingest protected health information. All catalog entries are metadata about publicly available data sources. If you identify any personally identifiable information accidentally present in a catalog record, please report it via skai-line.com and it will be removed.

Data export and deletion

If you have signed in at any point and wish to request a copy of your account data or ask for it to be deleted, contact us via skai-line.com. We will honor the request within 30 days.