Privacy Policy
Last updated: June 8, 2026
This policy explains what data DTB Vault collects, why it collects it, and what you can do about it. DTB Vault is a public, moderated repository of Device Tree files (.dtb, .dtbo and .dts) for handheld consoles and embedded devices.
Data we collect
We collect only what we need to run the platform securely.
- Account: name, email and password. The password is never stored in plain text; we keep only a cryptographic hash of it.
- Files and metadata: the files you upload and the technical details attached to them (console, manufacturer, model, board revision, panel, SoC, RAM, source system and notes).
- Download records: when you download a file we log the file id, the IP address, the browser and the date and time. This supports download limits and helps detect abuse.
- Administrative records: moderation actions are kept in an audit log, with the actor, the IP and the timestamp.
- Session cookie: we use a cookie to keep you signed in after login. It is not used for advertising tracking.
How we use your data
- Authenticate your access and protect your account.
- Validate, moderate and publish files contributed by the community.
- Apply per-user and per-IP download limits, and calculate the contribution bonus.
- Send operational emails such as sign-up confirmation, password recovery and updates about your uploads.
- Investigate abuse, improper content and violations of the Terms of Service.
Sharing with third parties
DTB Vault does not sell your data. We share information only with providers that keep the platform running, and only with what each one needs to deliver its service:
- Email delivery: we use Resend to deliver transactional messages. The recipient email is shared so the message reaches you.
- Backup: when the administrator connects Google Drive, backups of the database and files may be uploaded to the Google account configured by the administration.
- Hosting: the application and database run on the administration's own server.
We may also disclose data when required by law or by an order from a competent authority.
Retention
We keep account data for as long as the account exists. Approved files stay public until removed by the administration or by the contributor, according to the platform rules. Download records and audit logs are kept for a limited time, enough to support limits, security and moderation.
Security
We apply technical measures to protect your data: passwords stored as hashes, integration tokens stored encrypted, role-based access control, attempt limits and security headers. No system is fully immune to failure, but we treat data protection as a priority.
Your rights
Under Brazil's data protection law (LGPD), you can request access, correction, portability or deletion of your personal data, and withdraw consents. To exercise these rights, write to contato@dtbvault.com. Deleting your account removes your personal data, but already-approved files may remain public when they are of interest to the community, with no direct link to your identity.
Children and minors
The platform is intended for people old enough to consent to the use of their data. If we find a minor's account created without proper consent, it may be removed.
Changes to this policy
This policy may be updated to reflect changes to the platform or to the law. When that happens, we update the date at the top. Significant changes may be announced through the platform's channels.
Contact
Questions about privacy or your data can be sent to contato@dtbvault.com.