Privacy Policy

Last updated: April 2026

What We Collect

When you register as a donor or submit a blood request, we collect the information you provide in the form. This may include:

• Name, age, gender, and contact details (phone, email)
• Blood type and medical/health screening information relevant to donation eligibility (smoking, alcohol, chronic illnesses, medications, allergies, travel history, vaccination status, dental work, etc.)
• Location (city, state, country) to match you with nearby donors or seekers
• Hospital and doctor information for blood requests
• Identity documents (government ID, selfie, blood type proof) for donor verification
• Account credentials (email, hashed password) if you create an account to save registration progress

We also collect basic usage data (pages visited, browser type) through standard web server logs.

How We Use It

• Match blood donors with people who need blood in their area
• Display donor search results to people looking for compatible donors
• Process and display blood requests
• Improve the platform based on how it is used

We do not sell your data to anyone. We do not use your data for advertising.

How We Store It

Your data is stored in a Cloudflare D1 database. All connections to and from the site use HTTPS (TLS encryption in transit). The database is hosted on Cloudflare's infrastructure, which provides physical and network security.

Passwords are hashed using PBKDF2 (100,000 iterations, SHA-256) with a unique random salt per account. We never store plaintext passwords.

Who Can See Your Data

When you register as a donor, your first name, blood type, city, age, gender, and health screening details (smoking, vaccination, travel history, etc.) may be shown to people searching for donors. Your email and phone number are never shown in search results — contact information is only shared when a blood request is submitted.

Blood requests are visible to potential donors so they can respond.

Only site administrators can access the full database for moderation purposes.

Your Rights

• Access: You can ask what data we have about you
• Correction: You can ask us to fix incorrect information
• Deletion: You can ask us to delete your data

To exercise any of these rights, use the contact form.

Cookies & Local Storage

We use localStorage to remember your theme preference (light/dark mode) and save registration progress as a backup. We use sessionStorage for admin session tokens. We do not use tracking cookies or third-party analytics.

Third-Party Services

• Cloudflare: Hosting, database, and CDN
• Google Fonts: Loads the Inter typeface
• Font Awesome: Loads icons via CDN
• Resend: Sends transactional emails (verification codes, donor notifications)

These services may collect standard web request data (IP address, browser info) as part of serving content.

Data Protection & Security Commitment

We take every possible measure to ensure that your data is protected against unauthorized access, misuse, or breaches. We do not, and will never, sell or share your personal or confidential information.

We fully recognize that, despite our best efforts, breaches can occur due to evolving technological threats. In the unlikely event of a data breach, we pledge to take immediate and decisive action to contain and resolve the situation swiftly, with transparency and full compliance with applicable regulations.

Your trust as a donor is invaluable to us, and we deeply respect the role you play in helping others through your generous contributions. Our dedication to your privacy and security is at the heart of our operations, and we will continue to invest in the latest security measures to protect your data.

Children

This platform is not intended for children under 16. We do not knowingly collect data from minors.

Changes

If we update this policy, the changes will be posted on this page with an updated date.

Contact

If you have questions about this policy or want to request data access or deletion, please use the contact form.