Menu
تسجيل الدخول
ذا كرونيكل

أخبار وتحليلات مستقلة

Privacy Policy

What this policy covers

The Chronicle is a multilingual news publication. This policy

explains what personal data we collect when you read, subscribe

to, or interact with our site, why we collect it, who else can

see it, and what control you have over it.

This policy applies to every page at our website. If you

contact us privately (e.g. by email), we receive only what you

choose to send.

We last updated this policy on the date shown at the foot of

this page.

What we collect

When you read articles without an account

For each article view, our servers temporarily process your

IP address and User-Agent string in order to:

- count anonymous reads against a metered limit (when

subscriptions are enabled),

- defend against scrapers and bot abuse,

- generate aggregate traffic statistics.

We hash your IP and User-Agent together using SHA-256 so the

counter can recognise a returning anonymous visitor without

storing the raw values. The hash is held in our rate-limit

store for 30 days and then deleted.

When you create an account

Account creation is handled by our auth provider, Clerk. To

create an account we collect:

- your email address,

- the password you set (which Clerk stores in hashed form; we

never see the cleartext),

- any profile fields you choose to fill in (display name, etc.),

- if you sign in with a social provider, the basic profile that

provider shares (name, email, profile image).

When you subscribe to the newsletter

We collect the email address you submit and a record of when

you confirmed (or unsubscribed). The unsubscribe link in every

email lets you opt out at any time.

When you opt in to push notifications

Your browser generates a push-subscription token; we store

that token so we can send breaking-news notifications. You

can revoke it from your browser settings.

When something breaks

Server errors and a sample of browser errors are sent to our

error-monitoring provider, Sentry. We strip personal data from

error reports before they are sent.

Aggregated analytics

When we enable our analytics provider, we collect aggregated,

cookieless page-view counts. No personal identifier is sent;

no cross-site tracking is performed.

Who else can see your data

We use the following providers to operate the site. Each is

covered by a written data-processing agreement and is the only

third party that handles the data described.

- Clerk (United States) — authentication and session

management.

- Resend (United States) — transactional email delivery

(newsletter, system mail).

- Vercel (United States, with European edge) — application

hosting.

- Neon (operated in the European Union, Frankfurt) —

database hosting.

- Cloudflare R2 (global CDN) — storage of images and other

media uploaded by editorial.

- Upstash (European Union, Frankfurt) — rate-limit counters

and double-opt-in storage.

- Sentry(United States) — error monitoring.

- Cloudflare Turnstile (global) — bot defence on forms.

We do not sell your data. We do not share your data with any

advertising network. We do not use third-party tracking pixels

or cross-site advertising cookies. We do not run user-facing

artificial intelligence systems.

Cookies and similar storage

See our separate Cookie Policy for the full list. In summary:

we use a session cookie (set by Clerk) to keep you signed in,

and small browser-storage entries to remember preferences such

as your language and reading mode. We do not set any tracking

or advertising cookies.

Your rights

Whether you live in the European Union, the United Kingdom, or

elsewhere, we offer every visitor the following rights:

- Right of access — sign in and visit your account page to

see what we hold about you.

- Right to erasure — request deletion of your account and

all personal data tied to it from your account settings, or

by emailing us at the address below. Deletion completes

within thirty days.

- Right to portability — request a structured export of

your account data.

- Right to object — unsubscribe from newsletters using the

link in every email, or remove your push subscription from

your browser settings.

- Right to lodge a complaint — you may contact a supervisory

authority in your jurisdiction at any time.

How long we keep things

- Anonymous read counters: 30 days.

- Account data: until you delete the account.

- Newsletter records: until you unsubscribe; basic unsubscribe

proof retained indefinitely so we do not re-mail you.

- Server logs: 30 days.

- Error reports: 90 days.

Children

The Chronicle is not directed at children under the age of

sixteen. We do not knowingly collect personal data from

children. If you believe a child has provided personal data,

write to us and we will remove it.

How to reach us

For any privacy question, data request, or correction notice:

**<contact-email>**

Postal address available on request.

Changes to this policy

When we update this policy, we update the date shown at the

foot of this page. Significant changes will be announced at

the top of the site for thirty days.