Skip to main content
<CodeWithBhurtel/>
HomeLearnProjectsChallengesBlogAboutContactLogin
<CodeWithBhurtel/>

Learn through structured lessons, real projects, and live challenges. Free tutorials for HTML, CSS, JavaScript, and more.

Pages

  • Home
  • Learn
  • Blog
  • Projects
  • Challenges
  • About
  • Contact

Lessons

  • HTML
  • CSS
  • JavaScript

© 2026 CodeWithBhurtel. All rights reserved.

Privacy PolicyTerms & Conditions

Privacy Policy

Last updated: 30 April 2026 — We keep this policy dated so you can see when it was last revised. Material changes are summarised here when needed.

This policy explains how CodeWithBhurtel collects, uses, stores, and shares personal data when you use our website. We aim to be transparent and to comply with the UK GDPR, the EU GDPR (where applicable), and related privacy rules. If anything is unclear, please contact us using the details at the end.

1. Who is responsible for your data?

The data controller for personal data processed through this website is the operator of CodeWithBhurtel (referred to as "we", "us", "our"). You can reach us via the Contact page or any contact details shown in the site footer.

2. Scope & children

This policy applies to visitors and registered users of codewithbhurtel.com (and any subdomains we use for the same service). The site is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe we have, please contact us and we will delete it promptly where required by law.

3. Data we collect

Depending on how you use the site, we may process:

  • Account & profile: email address, display name, avatar URL, OAuth provider identifiers (when you sign in with Google or GitHub), and similar account fields needed to run authentication.
  • Usage & technical data: IP address, approximate location derived from IP, browser type, device type, pages viewed, referring URLs, timestamps, and similar diagnostics. Some of this is collected automatically by our hosting and analytics tools.
  • Comments & public content: text you post on project pages or elsewhere we allow comments, associated account identifier, and timestamps.
  • Challenges & guest sessions: display names or identifiers used for leaderboards or lobbies, scores or results where applicable, and session-related data needed to run the feature.
  • Blog: if you are an administrator publishing posts, we store editorial content and metadata (title, slug, cover image, publication status). Public blog pages are visible to everyone.
  • Contact form: the information you choose to send (typically name, email, and message content).
  • AI-assisted features: when you use optional AI tools, we may send the relevant page context, code snippets, or your typed question to a third-party AI provider to generate a response. Where an administrator generates content for all users, we may store that output in our database. Where a non-admin generates content, we may store it only in your browser (for example local or session storage) so you can see it again in the same session — check the feature UI for specifics.
  • Administrative & security logs: limited technical logs for abuse prevention, debugging, and legal compliance.

Advertising & measurement data (Google AdSense)

Where we display ads (including through Google AdSense), Google and participating ad partners may process personal data for advertising — for example to choose which ads to show, measure whether an ad was shown or clicked, reduce fraud, and (where permitted) personalise ads. Typical categories include:

  • Cookies and similar technologies — stored on your device to recognise browsers or devices, deliver ads, limit repetition, and associate activity with an advertising identifier where applicable.
  • Online identifiers & device data — such as browser type, device type, language, and coarse location often inferred from IP address, used for ad relevance, regulatory compliance (for example geography-based restrictions), and reporting.
  • Ad interaction data — impressions, clicks, and related metadata used for billing, campaign measurement, and aggregated analytics.
  • Partner signals — where allowed, data processed across sites or apps by Google or certified partners under Google's publisher and EU user-consent rules; see Google's ads technologies policy linked in our Cookies section.

We do not sell your personal data. Advertising processing is described further in Cookies & similar technologies below, including where to adjust ad personalisation.

4. Why we use your data (purposes) & legal bases

Under UK/EU GDPR we rely on one or more of the following legal bases:

  • Contract (Art. 6(1)(b)): to provide the service you request — for example creating and maintaining your account, delivering downloads you are entitled to, running challenges you join, and processing contact messages you send us.
  • Legitimate interests (Art. 6(1)(f)): to secure the site, prevent fraud and abuse, improve performance and reliability, analyse aggregate usage (including with analytics tools), communicate service-related notices where appropriate, and defend legal claims. We balance these interests against your rights; you may object in some cases (see Your rights).
  • Consent (Art. 6(1)(a)): where required for non-essential cookies or similar technologies, for certain marketing if we add it, or for optional AI processing where we ask for consent in the product. You may withdraw consent at any time without affecting lawfulness of processing before withdrawal.
  • Legal obligation (Art. 6(1)(c)): where we must retain or disclose data to comply with law or respond to lawful requests from public authorities.

5. Who we share data with (processors & recipients)

We use trusted service providers who process data on our instructions. They may be located outside your country; see International transfers. Categories include:

  • Supabase — database, authentication, file storage (for example blog images), and related backend services.
  • Vercel — website hosting and edge delivery.
  • Vercel Analytics — privacy-oriented web analytics (see Vercel's documentation for what is collected).
  • Google — Google AdSense (advertising and related cookies/identifiers); Google OAuth if you choose "Sign in with Google"; and, when you use our AI features, Google AI services (for example Gemini) to generate text from the inputs we send.
  • GitHub — OAuth sign-in if you choose that option.
  • Resend (or another transactional email provider we configure) — to deliver email from our contact form and operational messages.

We do not sell your personal data. We may disclose data if required by law, to protect rights and safety, or in connection with a business transfer (for example a merger) subject to appropriate safeguards.

6. International transfers

Your data may be processed in the United Kingdom, the European Economic Area, and other countries (including the United States) where our providers operate. Where we transfer personal data from the UK or EEA to countries not recognised as adequate, we rely on appropriate safeguards such as the UK International Data Transfer Agreement / Addendum and the EU Standard Contractual Clauses, or equivalent mechanisms offered by our providers, unless another derogation applies.

7. Retention

We keep personal data only as long as needed for the purposes above, including:

  • Account data — for as long as your account exists and a reasonable period afterwards for backups, disputes, and legal obligations.
  • Comments & public posts — until you delete them where the product allows, we remove them for policy reasons, or you close your account (subject to legal retention needs).
  • Contact messages — long enough to respond and handle follow-up, typically up to 24 months unless a longer period is justified (for example ongoing correspondence or legal claims).
  • Logs & security data — typically a limited rolling period unless longer retention is required for investigations or law.

8. Security

We use industry-standard measures appropriate to the risk (encryption in transit, access controls, and provider security features). No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

9. Your rights (UK & EEA)

Subject to conditions and exemptions in applicable law, you may have the right to:

  • Access — request a copy of personal data we hold about you.
  • Rectification — correct inaccurate data.
  • Erasure — ask us to delete data in certain circumstances.
  • Restriction — ask us to limit processing in certain circumstances.
  • Portability — receive machine-readable data you provided where processing is based on consent or contract and is automated.
  • Object — object to processing based on legitimate interests (including profiling in some cases) or to direct marketing.
  • Withdraw consent — where processing is consent-based.
  • Lodge a complaint — with a supervisory authority. In the UK, the ICO (ico.org.uk). In the EEA, contact the authority in your country (EDPB list).

To exercise your rights, use Contact. We may need to verify your identity before responding. We will answer within the timeframes required by law (typically one month, extendable in complex cases).

10. Automated decision-making

We do not use fully automated decisions that produce legal or similarly significant effects solely based on profiling of your personal data. AI features generate suggestions or explanations; they do not replace human review for binding decisions about you.

11. Cookies & similar technologies

We use cookies and similar technologies for essential site operation (for example session and security), and where you have consented or applicable law allows, for analytics and advertising.

Google AdSense may set cookies or use advertising identifiers to deliver and measure ads, including personalised ads where permitted. Those technologies are controlled by Google as well as by your browser or device settings. You can learn more and manage ad personalisation at Google's Ads technologies policy and Google Ad Settings. You can also use industry tools where available (for example the Your Online Choices site for the EEA).

If we add a dedicated cookie banner or preference centre, we will link it here and honour your choices as required by law.

12. Changes to this policy

We may update this policy when our practices or the law change. The "Last updated" date at the top shows the revision you are reading. For material changes we may provide additional notice where appropriate.

13. Contact

For privacy questions or requests: Contact us via the site. Please include enough detail for us to identify your request and, for access or deletion, help us verify your identity safely.

← Back to Home