Privacy Policy

ACCESS LOGIN ("we", "our", or "us") operates https://access.akiru.online. This Privacy Policy explains how we collect, use, and protect information obtained when you use our access portal. By using the platform you agree to the practices described here.

When you authenticate via our SSO provider we receive and store the following data in our database:

• —Your display name
• —Your email address
• —A unique user identifier assigned by the SSO provider
• —The timestamp of first sign-in

We do not collect passwords. We do not store payment information.

Free Fire access tokens you register on the platform are stored in our database exclusively for the purpose of managing session state. Token strings are visible only to you and to authorized administrators. Tokens are automatically invalidated after an 8-hour session window or upon explicit deletion.

We use collected data solely to:

• —Authenticate and identify you within the platform
• —Associate access tokens with your account
• —Send administrative Telegram notifications to platform operators (not to you)
• —Maintain platform security and audit logs

We do not sell, rent, or trade your personal information to third parties.

All data is stored in a Supabase (PostgreSQL) database hosted on infrastructure governed by Supabase's own security and compliance standards. Server-side secrets, including backend server addresses and API keys, are stored exclusively in environment variables and are never transmitted to the browser or included in client-side bundles.

We use a single first-party HTTP-only session cookie named session to maintain your authenticated state. This cookie is:

• —HTTP-only — not accessible via JavaScript
• —Secure — transmitted only over HTTPS
• —SameSite=Lax — protected against cross-site request forgery
• —Valid for 7 days from the time of sign-in

We do not use analytics cookies, advertising cookies, or any third-party tracking.

We integrate with the following third-party services:

• —Supabase — database and authentication infrastructure
• —Telegram Bot API — administrative notifications only
• —Our SSO provider (auth.akiru.online) — identity verification

Each service operates under its own privacy policy. We share only the minimum necessary data with each.

Your profile record and associated tokens are retained for as long as your account is active. You may request deletion of your data by contacting us via Telegram. Upon deletion, all tokens and profile data are permanently removed from our database within 30 days.

Depending on your jurisdiction you may have rights to access, correct, or erase your personal data. To exercise these rights, contact us through the links provided in the Contributors section of the homepage.

We may update this Privacy Policy periodically. When we do, we will revise the "Last updated" date at the top of this page. Continued use of the platform after changes constitutes acceptance of the revised policy.

Questions about this Privacy Policy can be directed to the platform administrators via Telegram at t.me/AKIRU07.