← Back to Login

Privacy Policy

Last Updated: December 26, 2025

1. Introduction

Welcome to Crime Data Analytics ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our crime data analytics platform, including when you authenticate using Google OAuth.

Crime Data Analytics is a platform designed for AlerTaraQC to analyze, visualize, and manage crime-related data. We are committed to protecting your privacy and handling your data in an open and transparent manner.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: When you create an account or log in, we collect your email address, full name, and create a unique user ID.
  • Login Credentials: If you choose to login with email/password, we store your hashed password securely using bcrypt encryption.

2.2 Information from Google OAuth

When you sign in using Google OAuth, we collect:

  • Your email address
  • Your full name
  • Your Google account ID (for verification purposes)
  • Profile picture URL (optional, not currently stored)

We only request the minimum permissions necessary: userinfo.email and userinfo.profile. We do not access your Google Drive, Calendar, Contacts, or any other Google services.

2.3 Automatically Collected Information

  • Login Activity: We record the date and time of your last login for security purposes.
  • Session Data: We use PHP sessions to maintain your login state. Sessions expire after 1 hour of inactivity.
  • Usage Data: We may collect information about how you interact with the platform (pages visited, features used) for analytics and improvement purposes.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Authentication & Access Control: To verify your identity and provide access to the platform.
  • Account Management: To create, maintain, and manage your user account.
  • Security: To protect against unauthorized access, detect fraudulent activity, and ensure platform security.
  • Communication: To send you important notifications about your account or the service.
  • Analytics & Improvement: To understand how the platform is used and improve functionality.
  • Crime Data Analysis: To provide you with crime analytics, trends, and visualizations as part of the core service.

4. How We Store Your Information

  • Database Storage: Your account information is stored in a MySQL database (admin_users table).
  • Password Security: Passwords are hashed using PHP's PASSWORD_DEFAULT algorithm (bcrypt) and are never stored in plain text.
  • Session Storage: Active sessions are stored server-side using PHP sessions.
  • Environment Variables: Sensitive configuration data (database credentials, OAuth secrets) are stored in environment files that are not publicly accessible.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

  • With Your Consent: When you explicitly authorize us to share information.
  • Legal Obligations: When required by law, court order, or government request.
  • Service Providers: With trusted third-party service providers who assist in operating our platform (e.g., hosting providers), under strict confidentiality agreements.
  • Security & Fraud Prevention: To protect the rights, property, or safety of our users and the public.

6. Google OAuth and Third-Party Services

When you use Google OAuth to sign in, your authentication is handled by Google. Google's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

We use Google OAuth solely for authentication purposes and do not:

  • Access your Google account beyond basic profile information
  • Store your Google password
  • Access other Google services (Gmail, Drive, Calendar, etc.)
  • Share your Google account information with third parties

7. Data Retention

  • Active Accounts: We retain your account information as long as your account is active.
  • Inactive Accounts: Accounts may be marked as inactive or suspended but are not automatically deleted.
  • Session Data: Sessions expire after 1 hour of inactivity and are automatically cleared.
  • Deletion Requests: You may request account deletion by contacting the system administrator.

8. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: You can request access to the personal information we hold about you.
  • Correction: You can request correction of inaccurate information.
  • Deletion: You can request deletion of your account and personal data.
  • Withdraw Consent: You can revoke Google OAuth access at any time through your Google Account settings.
  • Data Portability: You can request a copy of your data in a structured format.

To exercise these rights, please contact the system administrator.

9. Security Measures

We implement appropriate technical and organizational measures to protect your information:

  • Password hashing using industry-standard bcrypt algorithm
  • CSRF protection for OAuth authentication flows
  • Secure session management with automatic timeouts
  • Database access controls and authentication
  • Environment-based configuration for sensitive credentials
  • Regular security updates and monitoring

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

10. Cookies and Tracking

We use PHP sessions (which may use cookies) to maintain your login state. These session cookies are essential for the platform to function and are deleted when you log out or after 1 hour of inactivity.

We may use local storage for the "Remember Me" feature, which stores your email address locally on your device if you choose to enable this option.

11. Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete such information.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your own. By using our service, you consent to such transfers. We ensure appropriate safeguards are in place for such transfers.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.

14. Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, please contact:

AlerTaraQC - Crime Data Analytics

Email: admin@alertaraqc.com

Website: www.alertaraqc.com

15. Compliance

This Privacy Policy is designed to comply with applicable data protection laws and regulations, including but not limited to the General Data Protection Regulation (GDPR) and the Data Privacy Act of 2012 (Philippines).

© 2025 Crime Data Analytics - AlerTaraQC. All rights reserved.

Privacy Policy Terms of Use