Terms & Conditions

1. Acceptance of Terms

By accessing or using Dashboard ("the Service"), a web application available at dashboard.ws.stinsky.dev, you agree to be bound by these Terms & Conditions ("Terms"). If you do not agree to all of these Terms, you must not use the Service. These Terms constitute a legally binding agreement between you ("User," "you," or "your") and the operator of this Dashboard instance ("we," "us," or "our").

2. Description of Service

Dashboard is an open-source, self-hosted personal productivity application that allows users to create customizable dashboards composed of drag-and-drop widgets. The Service integrates with third-party platforms including but not limited to GitHub and Google Calendar. All user dashboard data is encrypted at rest using AES-256-GCM with user-derived encryption keys.

3. Account Registration and Authentication

3.1 Google OAuth

Access to the Service requires authentication through Google OAuth 2.0. By signing in, you authorize Google to share your basic profile information (name, email address, profile picture) with the Service. You are responsible for maintaining the security of your Google account.

3.2 Encryption password

Upon first sign-in, you are required to set an encryption password. This password is used to derive the cryptographic key that encrypts your dashboard data. You are solely responsible for remembering this password. We do not store your password in any form (plaintext, hashed, or otherwise) and cannot recover or reset it.

3.3 Consequences of password loss

If you lose your encryption password and do not have a registered passkey, your encrypted data is permanently and irreversibly inaccessible. We cannot decrypt, recover, or reconstruct your data under any circumstances. You acknowledge and accept this risk as an inherent property of the zero-knowledge encryption architecture. Your only option in this case is to reset your account, which permanently deletes all encrypted data and allows you to start fresh.

3.4 Biometric authentication

You may optionally register a passkey (Touch ID, Face ID, Windows Hello, or other WebAuthn-compatible authenticator) as an alternative unlock method. Biometric authentication is processed entirely by your device's operating system — no biometric data is transmitted to or stored on the server. Passkey registration does not replace your encryption password; it provides an additional unlock method.

4. Acceptable Use

You agree to use the Service only for lawful purposes and in accordance with these Terms. You agree not to:

• Use the Service in any way that violates any applicable local, national, or international law or regulation
• Attempt to gain unauthorized access to other users' data, accounts, or encrypted database files
• Attempt to circumvent, disable, or interfere with the encryption mechanisms of the Service
• Use the Service to store or transmit malicious code, malware, or content that infringes on the rights of others
• Overload, flood, or otherwise impair the availability or performance of the Service for other users
• Use automated tools (bots, scrapers, crawlers) to access the Service in a manner that exceeds reasonable use
• Reverse engineer, decompile, or disassemble the Service except as expressly permitted by applicable open-source licenses

5. Third-Party Integrations

5.1 GitHub

If you configure a GitHub widget, you provide a personal access token (PAT) that is stored encrypted within your personal database. API calls to GitHub are made from the server on your behalf. You are responsible for ensuring that your token has appropriate permissions and that your use of the GitHub API complies with GitHub's Terms of Service.

5.2 Google Calendar

If you configure a Google Calendar widget, you provide a service account key file. The private key is stored encrypted within your personal database. API calls to Google Calendar are made from the server using this service account. You are responsible for ensuring that the service account has appropriate permissions and that your use complies with Google's Terms of Service and API usage policies.

5.3 Liability for third-party services

We are not responsible for the availability, accuracy, or performance of third-party services (GitHub, Google Calendar, Google OAuth). Changes to third-party APIs, rate limits, or terms of service may affect the functionality of related widgets. We do not guarantee uninterrupted access to third-party data.

6. Intellectual Property

6.1 Open-source license

Dashboard is open-source software. The source code is made available under its respective open-source license. You are free to inspect, modify, fork, and self-host the application in accordance with the license terms. The open-source license governs your rights to the source code and does not extend to the specific instance of the Service operated at dashboard.ws.stinsky.dev.

6.2 Your data

You retain all ownership rights to the data you store within the Service. We do not claim any intellectual property rights over your dashboard configurations, widget data, or any content you create or store within the Service.

7. Data Deletion and Account Termination

7.1 Voluntary deletion

You may delete your account at any time through the Delete Account page. Deletion is immediate and permanent. All data associated with your account — including your encrypted database file, user profile, session records, linked accounts, and passkey credentials — is destroyed upon deletion. No backups are retained and no grace period applies.

7.2 Verification

After deleting your account, you may verify that no data remains by visiting the My Data page and looking up your email address. The system will confirm that no records exist.

7.3 Termination by us

We reserve the right to suspend or terminate your access to the Service if you violate these Terms. In the event of termination, we may delete your data in accordance with our data retention practices. We will make reasonable efforts to notify you prior to termination unless immediate action is necessary to protect the Service or other users.

8. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

We do not warrant that the Service will be uninterrupted, error-free, or secure. While we implement industry-standard encryption practices, no system is completely immune to security vulnerabilities. You acknowledge that you use the Service at your own risk.

We do not warrant the accuracy or completeness of data retrieved from third-party APIs (GitHub, Google Calendar). Widget data reflects what is returned by the respective APIs at the time of the request.

9. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL WE BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF DATA, LOSS OF PROFITS, OR LOSS OF BUSINESS OPPORTUNITIES, ARISING OUT OF OR IN CONNECTION WITH YOUR USE OF THE SERVICE.

Specifically and without limitation, we shall not be liable for:

• Data loss resulting from a forgotten encryption password
• Data loss resulting from hardware failure of the hosting server
• Service interruptions caused by third-party service outages
• Unauthorized access to data caused by compromise of your Google account or encryption password
• Any damages arising from your reliance on data displayed by third-party API widgets

Our total aggregate liability for all claims arising out of or relating to these Terms or the Service shall not exceed the amount you paid to use the Service (which, as the Service is free, is zero).

10. Indemnification

You agree to indemnify, defend, and hold harmless the operator of this Dashboard instance from and against any and all claims, liabilities, damages, losses, costs, and expenses (including reasonable attorneys' fees) arising out of or in connection with your use of the Service, your violation of these Terms, or your violation of any rights of any third party.

11. Governing Law and Dispute Resolution

These Terms shall be governed by and construed in accordance with the laws of the jurisdiction in which the Dashboard instance is hosted, without regard to its conflict of law provisions. Any disputes arising out of or relating to these Terms or the Service shall be resolved through good-faith negotiation. If negotiation fails, disputes shall be submitted to the competent courts of the hosting jurisdiction.

12. Severability

If any provision of these Terms is found to be invalid, illegal, or unenforceable by a court of competent jurisdiction, the remaining provisions shall continue in full force and effect. The invalid provision shall be modified to the minimum extent necessary to make it valid and enforceable while preserving its original intent.

13. Entire Agreement

These Terms, together with the Privacy Policy, constitute the entire agreement between you and us regarding the use of the Service. These Terms supersede any prior agreements or understandings, whether written or oral.

14. Changes to These Terms

We reserve the right to modify these Terms at any time. If we make material changes, we will update the "Last updated" date at the top of this page. Your continued use of the Service after any modification constitutes your acceptance of the revised Terms. We encourage you to review these Terms periodically.

15. Contact

If you have any questions about these Terms, please contact us by opening an issue on the project's GitHub repository or by emailing the instance administrator.