Skip to content
AHalihusain.me
Legal

Privacy policy.

Last updated May 9, 2026.

Overview

alihusain.me (“the site”) is a personal portal for a small collection of Python tools owned and operated by Ali Husain. This policy explains what information is collected when you visit the site or sign in to a private app, how it is used, and the choices you have.

Information collected

The public pages of the site do not require an account. When you sign in to access private apps, the following may be collected and stored:

  • Account identifiers: the email address you sign in with and a hashed password.
  • Session data: an authentication cookie issued by NextAuth that keeps you signed in. The cookie is HTTP-only, secure in production, and expires automatically.
  • Application input: any data you enter into a private app (for example, financial figures inside a Streamlit tool). This data is processed for the purpose of running that app.
  • Server logs: standard request metadata such as IP address, user agent, timestamp, and requested path, used for security and reliability.

How information is used

  • To authenticate you and keep you signed in.
  • To run the private apps you choose to open and return their results to your browser.
  • To diagnose errors and protect the site from abuse.
  • To comply with legal obligations where applicable.

Your information is not sold. It is not shared with advertisers and is not used for marketing.

Cookies

The site uses a single category of cookies: a strictly-necessary authentication cookie set when you sign in. No analytics, advertising, or tracking cookies are used. You may clear cookies in your browser at any time; doing so will sign you out.

Third-party services

Private apps are embedded as Streamlit applications hosted by Streamlit (Snowflake, Inc.). When you open a private app, your browser loads content from that third-party origin and is subject to the provider’s terms and privacy policy. The site itself does not transmit your authentication data to those providers.

Data retention

Account records are retained for as long as your account is active. Server logs are retained for a limited period for operational and security purposes and then discarded.

Your choices

You can request deletion of your account and any associated data, or a copy of the data the site holds about you, by contacting us at the address below. Where applicable law gives you additional rights (access, rectification, erasure, restriction, portability, objection), the site will honor them.

Security

Passwords are stored as one-way hashes. Sessions are issued as signed tokens. Traffic is served over HTTPS in production. No system is perfectly secure; you are responsible for keeping your credentials confidential.

Changes to this policy

This policy may be updated from time to time. The “last updated” date at the top reflects the most recent revision. Continued use of the site after a change constitutes acceptance of the updated policy.

Contact

Questions about this policy can be sent to ali@theapecgroup.com.