Privacy Policy
Our commitment to your privacy and data protection.
Updated May 15, 2026
This Privacy Policy ("Policy") describes how Manifest ("Manifest", "we", "us" or "our") collects, protects and uses the personally identifiable information ("Personal Information") you ("User", "you" or "your") may provide through the Manifest website (manifestx.dev) and through any product, application, or service offered by Manifest (collectively, the "Service"). The Policy also describes the choices available to you regarding our use of your Personal Information and how you can access and update this information. This Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.
Manifest is currently an unincorporated project being formalized as a corporate entity. References to Manifest in this Policy refer to its operator at the time your Personal Information was collected. We will update this Policy to name the operating entity and its registered address once incorporation completes. For data-protection inquiries, including identifying the current operator, contact us at team@manifestx.dev.
Collection of personal information
We receive and store any information you knowingly provide to us when you sign in to or create an account with the Service. Currently this is limited to your email address, which is required to identify your account and to provide you with access to the features of the Service.
You may sign in using a third-party identity provider such as Google or GitHub. We receive your email from that provider through a standard OAuth 2.0 flow, as described under "Google User Data" below.
Collection of non-personal information
When you visit the Service, our servers automatically record information your browser sends. This may include your IP address, browser and operating system type and version, language preferences, pages visited, time spent on those pages, and access times and dates. We use a privacy-friendly analytics provider that does not identify you individually.
Google User Data
When you sign in to the Service using your Google Account, we access certain information from your Google Account through the OAuth 2.0 authorization flow.
Data accessed. We request a single Google OAuth scope, https://www.googleapis.com/auth/userinfo.email, which grants access to your Google Account email address. We do not request any other Google scopes.
Use of Google user data. Your Google email address is used solely to identify your Manifest account, to associate your session with that account, and to contact you about your account or material changes to the Service. We do not use Google user data for advertising, to train generalized AI or machine-learning models, or for any purpose unrelated to providing user-facing features of the Service.
Storage of Google user data. Your email address is stored by our authentication provider as part of your account record. We do not store your Google OAuth access or refresh tokens in our own database; session tokens are managed by our authentication provider and are scoped to your active session.
Limited Use. Manifest's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Revoking access. You may revoke Manifest's access to your Google Account at any time by visiting your Google Account permissions page.
Use and processing of collected information
We use the information we collect to identify you within the Service, provide access to its features, communicate with you about your account or material changes, improve the Service and our documentation, and operate the Service. We do not sell or rent your Personal Information to any third party.
Legal basis for processing
We process your Personal Information only where we have a lawful basis under applicable law. Depending on your jurisdiction and the context of the processing, that basis may be: your consent; the necessity of authenticating you and providing the Service you have requested; our legitimate interests in operating, securing, and improving the Service, where not overridden by your rights; or compliance with a legal obligation.
Cookies and local storage
We use cookies and browser local storage for authentication, session management, preferences, and anonymized analytics. Strictly necessary entries support authentication and sessions and cannot be disabled without breaking core functionality. Optional cookies, such as analytics, are set only with your consent where required by law. You can manage cookies in your browser settings.
Information transfer and storage
Authentication, sessions, and account storage are provided on our behalf by Appwrite (appwrite.io). Hosting and supporting infrastructure are provided by Cloudflare (cloudflare.com). Each provider has its own privacy policy and processes data under contractual obligations consistent with this Policy.
Data is encrypted in transit using TLS 1.2 or higher and at rest by our providers in accordance with their security practices.
International data transfers
Manifest operates globally, and your Personal Information may be processed in countries whose data protection laws differ from your own. Our providers operate infrastructure in jurisdictions including the United States, the European Union, and Asia-Pacific.
Where Personal Information of Users in the European Economic Area, the United Kingdom, or Switzerland is transferred outside those jurisdictions, we rely on appropriate safeguards, including the European Commission's Standard Contractual Clauses, the United Kingdom International Data Transfer Addendum, and the EU–US, UK Extension, and Swiss–US Data Privacy Frameworks where applicable. You may request a copy of the transfer mechanism we rely on at team@manifestx.dev.
Data retention
We retain your Personal Information for as long as your account is active or as needed to provide the Service. When you delete your account or request erasure, we remove your Personal Information from active systems within thirty (30) days. Backup and archival copies are overwritten on a rolling basis and fully retired within ninety (90) days. We may retain limited information longer where required to comply with legal obligations, resolve disputes, or enforce our agreements.
The rights of users
Subject to the privacy law applicable to you, you have the right to (i) access the Personal Information we hold about you; (ii) request correction of inaccurate or incomplete information; (iii) request deletion or erasure of your Personal Information; (iv) restrict, or object to, certain processing; (v) withdraw consent where processing is based on consent; (vi) receive your Personal Information in a portable, commonly used, machine-readable format and, where technically feasible, have it transmitted to another controller; (vii) limit the use and disclosure of Sensitive Personal Information; (viii) opt out of the sale or sharing of Personal Information; (ix) not be discriminated against for exercising these rights; and (x) lodge a complaint with a competent supervisory authority.
To exercise any right you believe you hold, or to request account deletion, contact us at team@manifestx.dev. Requests are handled free of charge and within one month, except where applicable law permits longer. You may designate an authorized agent, subject to verification of your identity and the agent's authority.
Jurisdiction-specific notices
This Policy is intended to satisfy the substantive requirements of applicable privacy laws globally, including the General Data Protection Regulation, the UK GDPR, the California Consumer Privacy Act as amended by the California Privacy Rights Act, the Personal Information Protection and Electronic Documents Act, and equivalent state, provincial, and national legislation.
Categories of Personal Information collected. In the preceding twelve (12) months, we have collected only the categories of Personal Information described in this Policy: identifiers (such as your email address) and internet or other electronic network activity information (such as anonymized browsing data).
No sale or sharing. We do not sell or share Personal Information as those terms are defined under any applicable privacy law, and have not done so in the preceding twelve (12) months. We do not knowingly process the Personal Information of children, and we do not collect or process Sensitive Personal Information to infer characteristics about you.
Complaints. If your jurisdiction provides for it, you may lodge a complaint with your local data protection or supervisory authority. We encourage you to contact us first so we can address your concern directly.
Privacy of children
The Service is not directed to children under sixteen (16), and we do not knowingly collect Personal Information from them. If we become aware that we have collected such information without verifiable parental consent, we will delete it promptly. If you believe we may have collected information from a child under sixteen (16), contact us at team@manifestx.dev.
Information security
We maintain reasonable administrative, technical, and physical safeguards to protect Personal Information against unauthorized access, use, modification, and disclosure. No method of internet transmission or electronic storage is fully secure, and we cannot guarantee absolute security.
Data breach notification
In the event of a personal data breach affecting your Personal Information, we will notify affected Users and the relevant supervisory authorities where required by applicable law, without undue delay and in any event within seventy-two (72) hours of becoming aware of the breach where law requires.
Links to other websites
The Service may contain links to websites we do not operate, including those of identity providers and our service providers. We have no control over, and assume no responsibility for, their content or privacy practices. We encourage you to review the privacy policy of every site you visit.
Changes and amendments
We may update this Policy from time to time. We will revise the date at the top of this page and communicate material changes through the Service or by email.
Acceptance of this Policy
By using the Service, you accept this Policy. If you do not agree, please do not use the Service. Continued use after changes to this Policy constitutes acceptance of those changes.
Contacting us
For any questions about this Policy or our privacy practices, contact us at team@manifestx.dev.
Article does not exist
There is no documentation at this path.