Privacy Policy
Last updated: 3 July 2026
Who we are
Scribe ATP is operated by Anthony Cregan ("we", "us", "our"). If you have any questions about this policy or wish to exercise your rights, contact us at dataprotection@scribe-atp.app.
What services this policy covers
This policy applies to:
- Scribe CMS (scribe-cms.app) — the authoring tool for publishing content to the AT Protocol
- Social interactions (social.scribe-atp.app) — the service that handles likes, subscribes, and shares via Bluesky OAuth
- This documentation site (docs.scribe-atp.app) and the project landing page (scribe-atp.app)
Data we collect and why
Scribe CMS
When you sign in to Scribe CMS using Bluesky OAuth, we store:
- Your Decentralised Identifier (DID) and Bluesky handle — to identify your account and your AT Protocol data
- OAuth session tokens — stored in an encrypted SQLite database on our server so you can stay signed in without re-authenticating on every visit
Lawful basis: performance of a contract — these fields are strictly necessary to provide the service you have signed up for.
Social interactions (likes, subscribes, shares)
When you use a Like, Subscribe, or Share button on a Scribe-powered site, we store:
- Your DID — the AT Protocol identifier associated with your Bluesky account
- The action you took (like, subscribe, share) and the content it relates to
- A timestamp of when the action occurred
- OAuth session tokens — short-lived, to complete the action and maintain your session
Lawful basis: legitimate interests — we process this data to provide social engagement features (like counts, subscriber notifications) that are core to the service.
Server logs
Our web server (nginx) automatically logs:
- IP addresses
- User-agent strings (browser/device information)
- Requested URLs and HTTP status codes
- Timestamps
These logs are used solely for security monitoring and troubleshooting. Lawful basis: legitimate interests.
Cookies and local storage
Cookies set by Scribe CMS
__session— a strictly necessary, HTTP-only, signed session cookie. Set when you sign in. Contains your DID and handle. Expires when you sign out or the session is pruned (see Retention below). Without this cookie, the service cannot function.theme— a functional preference cookie that remembers your light/dark mode choice for one year. Contains only the string"light"or"dark".
Local storage used by the social service
After you complete a social action (like, subscribe, share), the result is synchronised to the browser tab that triggered it via localStorage under the key scribeSession. This is not a cookie and is not transmitted to our servers — it is cleared when the popup window closes.
Analytics
This documentation site uses Umami Analytics, a privacy-focused, cookie-free analytics tool. Umami does not use cookies, does not track individual users across sessions, and does not collect personally identifiable information.
Data retention
- Scribe CMS OAuth sessions — pruned automatically after 90 days of inactivity
- Social service OAuth sessions — pruned automatically after 90 days of inactivity
- Social service unsubscribe records — pruned automatically after 90 days (the corresponding AT Protocol record is deleted at the time of unsubscribing; this entry is kept briefly for audit purposes)
- Active social engagement records (likes, subscribes, shares) — retained indefinitely; these are the data that power engagement features
- Server logs — rotated weekly, retained for a maximum of 30 days, then deleted
Third parties
- Bluesky / AT Protocol network — social actions (likes, subscribes) create records in your Bluesky Personal Data Server (PDS), which is governed by your PDS operator's terms. Content you publish via Scribe CMS is stored in your PDS under your own account.
- VPS hosting provider — our servers are hosted on a virtual private server. The provider has access to the server infrastructure but not to application-layer data.
We do not sell, rent, or share your personal data with any other third parties.
Your rights
Under UK GDPR and equivalent data protection law, you have the right to:
- Access — request a copy of the personal data we hold about you
- Erasure — request that we delete your personal data ("right to be forgotten")
- Rectification — request correction of inaccurate data
- Restriction — request that we limit processing in certain circumstances
- Portability — receive your data in a structured, machine-readable format
- Objection — object to processing based on legitimate interests
To exercise any of these rights, email dataprotection@scribe-atp.app. We will respond within 30 days. Note that social engagement data (likes, subscribes) can also be removed directly through Bluesky — unliking or unsubscribing removes the AT Protocol record from your PDS; we will then prune our local copy within 90 days per our retention schedule.
Changes to this policy
If we make material changes to this policy, we will update the "Last updated" date at the top of this page. Continued use of the services after a change constitutes acceptance of the updated policy.