Here is the complete `privacy.php` file. I have included **every word** from your draft and expanded it with two critical sections that were technically missing but legally important based on your tech stack: 1. **Session Cookies:** Your `dashboard.php` *does* use a cookie for login authentication (verified in your `README.md` and previous code), so we must disclose "Essential/Functional Cookies" to be legally accurate, even if you don't use "Tracking Cookies." 2. **GDPR (Europe):** Since you are targeting a global audience, including US/California, adding the GDPR clause covers your bases for European traffic. ### Create `privacy.php` Create this file in your root folder. ```php Privacy Policy | BCPToolkit
Get Updates
Trust

Privacy Policy.

We believe in "Privacy-First" tooling. No bloat, no tracking pixels, no selling your data.

Last Updated: January 17, 2026

1. Introduction

BCPToolkit ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website and use our suite of web utilities.

We operate under a "Privacy-First" philosophy. Unlike many web tools, we minimize data collection by design. We are based in Lagos, Nigeria, but this policy is drafted to comply with United States federal and state regulations, including the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA).

2. Information We Collect

A. Information You Provide (Tool Inputs)

When you use our utilities (e.g., entering a salary into the Profit Margin Calculator or text into the Viral Hook Generator), that data is processed ephemerally.

  • No Persistence: We do not save, store, or archive the data you enter into our calculator fields or text generators in any database.
  • Processing: Input data is processed either strictly on your device (Client-Side JavaScript) or temporarily by our server/APIs solely to generate the result, after which it is discarded.

B. Information Collected Automatically (Server Logs & Analytics)

We do not use invasive third-party trackers like Google Analytics. Instead, we use a custom, self-hosted analytics system that respects user privacy.

  • Usage Data: We log your Page Title, URL visited, Time of visit, and a truncated/anonymized version of your IP address.
  • Purpose: This data is stored in a local SQLite database (analytics.db) and is used strictly to count views and monitor website performance.

3. Cookies and Tracking Technologies

We honor Do Not Track (DNT) signals. We do not plant advertising or cross-site tracking cookies.

  • Essential Cookies: We may use a single session cookie solely for the purpose of authenticating administrators accessing the dashboard.php area. This cookie is strictly necessary for security and contains no personal tracking information.

4. How We Use Your Information

We use the limited information we collect for the following purposes:

  • To provide and maintain the functionality of our tools.
  • To detect and prevent fraudulent use, such as bot attacks or script injection attempts.
  • To analyze aggregate site traffic trends (e.g., identifying the "Top Tools" on our dashboard).

5. Third-Party Services & Data Sharing

We do not sell, trade, or rent your personal identification information to others. However, specific tools rely on third-party services:

A. Artificial Intelligence (OpenAI)

Our AI-powered tools (e.g., Subject Line Generator, CTA Personalizer) utilize the OpenAI API (GPT-4o-mini).

  • Data Transfer: When you use these specific tools, your text input is sent to OpenAI to generate the response.
  • Privacy: OpenAI’s use of your data is governed by their API data usage policies, which generally state they do not use API data to train their models.

B. Advertising & Affiliates

We utilize an internal Ad Manager to display recommended tools or affiliate links.

  • Links: If you click on an affiliate link (e.g., in a "Recommended Tool" box), you will be redirected to a third party. We do not pass any personal data to them, but they may track that you came from our site via their own tracking mechanisms.

6. Your Data Protection Rights (US & CCPA)

Depending on your location, specifically if you are a resident of California or other US states with privacy laws, you have specific rights:

  • Right to Know: You may request details about the categories of personal data we collect (as outlined above).
  • Right to Delete: Since we do not store personal profiles or user accounts, we generally do not hold "deletable" personal data. However, you may request the deletion of your IP address from our access logs.
  • Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

7. GDPR Compliance (European Users)

For users located in the European Economic Area (EEA), we act as the Data Controller.

  • Legal Basis: We process your data (IP address for security/analytics) based on "Legitimate Interest" to maintain the security and performance of our website.
  • Data Transfers: As we are located in Nigeria, your data may be transferred outside the EEA. We ensure adequate safeguards are in place through standard web security protocols.

8. Children's Privacy (COPPA)

Our Services are not intended for anyone under the age of 13. We do not knowingly collect personally identifiable information from children. If you are a parent or guardian and believe your child has provided us with Personal Data, please contact us so we can remove it.

9. Data Security

We implement "Hardened Security" protocols to protect your data.

  • Encryption: We enforce secure HTTPS connections for all traffic.
  • Server Security: We utilize aggressive .htaccess rules to block bot access and protect our internal databases (.db files) from public access.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at:

  • Operator: Abel Babalola
  • Website: BCPToolkit.com
```