Skip to content
SheCodes Challenges
Last updated April 29, 2026

Privacy Policy

Plain-English explanation of what we collect, why we collect it, and what we do with it. No dark patterns, no resale of your data.

SheCodes Challenges ("SheCodes Challenges", "we", "us") is a social showcase of websites and apps women are building with AI tools. It's a project of SheCodes. This page explains how we handle your personal data when you use the site.

What we collect

Account info from your sign-in provider. We use Google and LinkedIn for sign-in. When you log in, your provider shares your name, email address, and profile picture URL with us. We never see your password.

Profile info you give us. Display name, username, bio, and any social links (X, LinkedIn, GitHub, personal website) you choose to add on your settings page.

Content you post. Project submissions (URL, title, description, tools used, optional uploaded preview image), hearts, comments, challenge participation, and reports you file on other submissions. This content is public and tied to your profile.

Technical data. Standard server request logs (IP address, user agent, timestamp) kept by our hosting provider, plus an authentication cookie that keeps you logged in. We use Vercel Analytics for privacy-friendly aggregate page-view stats — it does not set cookies or track you across sites.

How we use your data

  • To run the service — authenticating you, displaying your profile and submissions, and showing your activity (hearts, comments) on the site.
  • To fetch a preview image and metadata when you submit a project URL. We pass the URL you paste to Microlink.io so it can return the page's title, description, and screenshot.
  • To moderate the community — reviewing reports and hiding content that violates the rules.
  • To improve the site by looking at aggregate, non-identifying usage patterns.

We do not sell your personal data, run third-party advertising, or share your information with data brokers.

Service providers we share with

To run SheCodes Challenges, your data is processed by a small set of third-party services:

  • Supabase — hosts our database, authentication, and the storage bucket for uploaded preview images.
  • Vercel — hosts the application, serves the site, and provides privacy-friendly analytics.
  • Google and LinkedIn — handle sign-in. We only receive the basic profile information you authorize them to share.
  • Microlink.io — receives the URL you paste during submission so we can auto-generate the preview card.

We may also disclose information when required by law, to protect users from harm, or as part of a business transfer (e.g. if SheCodes restructures the project).

Cookies

We use a single category of cookies: an authentication cookie set by Supabase that keeps you logged in between visits. We don't use advertising, tracking, or third-party marketing cookies. If you log out or clear cookies, the session is removed.

Your rights

You can:

  • Edit your profile — update your display name, bio, avatar, and social links any time on your settings page.
  • Delete your content — remove your own submissions, comments, and hearts directly from the site.
  • Delete your account — email hello@shecooked.ai and we'll remove your account, profile, and submissions within 30 days.
  • Request a copy of your data— email us and we'll send you the data we hold about you.

Depending on where you live, you may also have rights under the GDPR (EU/UK), CCPA (California), or similar laws — including the right to object to certain processing or lodge a complaint with your local data protection authority. Reach out at the email above and we'll help.

How long we keep your data

We keep your account and content for as long as your account is active. When you delete your account, we remove your profile and submissions; routine server logs roll off after 90 days. Anonymized analytics may be retained longer.

Age requirement

SheCodes Challenges is intended for users aged 16 and older. We don't knowingly collect data from children under 16. If you believe a minor has signed up, email us and we'll remove the account.

International transfers

Our service providers (Supabase, Vercel, Microlink, Google, LinkedIn) may process your data in the United States or other countries. Where required, we rely on standard contractual clauses or equivalent safeguards offered by these providers.

Security

We use industry-standard practices: HTTPS everywhere, row-level security in our database, and OAuth-based sign-in so we never store your password. No system is perfectly secure — if you spot a vulnerability, please email hello@shecooked.ai.

Changes to this policy

If we update this policy, we'll change the "last updated" date at the top of this page. Material changes will be highlighted on the homepage or sent to you via the email address tied to your account.

Questions?

Email us anytime — we're a small team and we read everything.

hello@shecooked.ai