Privacy Policy

Last updated: April 8, 2026

1. Who we are

Neopages ("we", "us", "our") is a static-site hosting service available at https://neopages.xyz. This policy explains what personal data we collect, why we collect it, and how we protect it.

2. Information we collect

2a. Account data

When you create an account we store:

  • Your email address — used to identify your account and send essential service notifications.
  • A bcrypt password hash (email/password sign-up only). Your plain-text password is never stored.
  • Your Google account ID and display name (Google sign-in only), obtained after you grant consent via Google OAuth 2.0.
  • Timestamps for account creation and last login.

2b. Site content

Files you upload or create (HTML, CSS, JS, images, etc.) are stored on our servers so they can be served at your public URL. You retain full ownership of that content.

2c. Usage analytics

Our public landing page uses Google Analytics 4 (tag G-8WGFV0CWJJ). Google Analytics collects anonymised usage data such as page views, browser type, and approximate location. This data is governed by Google's Privacy Policy. Analytics is only active on our own marketing pages, not on sites you host.

2d. Server logs

Our web server records standard access logs (IP address, request path, timestamp, HTTP status code). Logs are retained for up to 30 days for security and troubleshooting purposes.

3. How we use your data

  • To authenticate you and maintain your session.
  • To serve your hosted sites at their public URLs.
  • To enforce storage and file-count limits.
  • To detect and prevent abuse (spam, malware, phishing).
  • To improve Neopages based on anonymised analytics.

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Third-party services

Service Purpose Privacy policy
Google OAuth 2.0 Sign-in / account creation policies.google.com
Google Analytics 4 Landing page analytics policies.google.com

5. Cookies and sessions

We use a single session cookie (neopages_sess) to keep you logged in. It is HTTP-only, SameSite=Lax, and expires when you close your browser or log out. No cross-site tracking cookies are set by Neopages itself.

6. Data retention

Your account and hosted files are retained for as long as your account exists. You can delete individual sites from your dashboard at any time. To delete your entire account and all associated data, contact us at the address below.

7. Security

Passwords are hashed with bcrypt. Traffic is served over HTTPS. User-uploaded files are stored in a directory where PHP execution is disabled, preventing code injection. No security measure is perfect; please use a strong, unique password.

8. Children's privacy

Neopages is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has created an account, please contact us and we will delete it promptly.

9. Your rights

Depending on your jurisdiction you may have the right to access, correct, or delete your personal data, or to object to its processing. To exercise any of these rights, contact us at the address below.

10. Changes to this policy

We may update this policy from time to time. Material changes will be announced on the Neopages website. Continued use of the service after a change constitutes acceptance of the revised policy.

11. Contact

Questions about this policy? Reach us via https://neopages.xyz.