evan.jarrett.net / at-container-registry
A container registry that uses the AT Protocol for manifest storage and S3 for blob storage. atcr.io
docker container atproto go
fork atom

add tos and privacy policy

evan.jarrett.net e5e59fdc af815fbc

verified
1/1
tests.yml
options
unified split
Changed files
+670 -19
cmd
appview
serve.go
pkg
appview
handlers
legal.go
routes
routes.go
static
css
style.css
templates
pages
privacy.html
terms.html
+10 -19
cmd/appview/serve.go
··· 380 380 // OAuth client metadata endpoint 381 381 mainRouter.Get("/oauth-client-metadata.json", func(w http.ResponseWriter, r *http.Request) { 382 382 config := oauthClientApp.Config 383 + logoURI := cfg.Server.BaseURL + "/web-app-manifest-192x192.png" 384 + policyURI := cfg.Server.BaseURL + "/privacy" 385 + tosURI := cfg.Server.BaseURL + "/terms" 386 + 383 387 metadata := config.ClientMetadata() 388 + metadata.ClientName = &cfg.Server.ClientName 389 + metadata.ClientURI = &cfg.Server.BaseURL 390 + metadata.LogoURI = &logoURI 391 + metadata.PolicyURI = &policyURI 392 + metadata.TosURI = &tosURI 384 393 385 394 // For confidential clients, ensure JWKS is included 386 395 // The indigo library should populate this automatically, but we explicitly set it here ··· 390 399 metadata.JWKS = &jwks 391 400 } 392 401 393 - // Convert indigo's metadata to map so we can add custom fields 394 - metadataBytes, err := json.Marshal(metadata) 395 - if err != nil { 396 - http.Error(w, "Failed to marshal metadata", http.StatusInternalServerError) 397 - return 398 - } 399 - 400 - var metadataMap map[string]any 401 - if err := json.Unmarshal(metadataBytes, &metadataMap); err != nil { 402 - http.Error(w, "Failed to unmarshal metadata", http.StatusInternalServerError) 403 - return 404 - } 405 - 406 - // Add custom fields 407 - metadataMap["client_name"] = cfg.Server.ClientName 408 - metadataMap["client_uri"] = cfg.Server.BaseURL 409 - metadataMap["logo_uri"] = cfg.Server.BaseURL + "/web-app-manifest-192x192.png" 410 - 411 402 w.Header().Set("Content-Type", "application/json") 412 403 w.Header().Set("Access-Control-Allow-Origin", "*") 413 404 // Limit caching to allow scope changes to propagate quickly 414 405 // PDS servers cache client metadata, so short max-age helps with updates 415 406 w.Header().Set("Cache-Control", "public, max-age=300") 416 - if err := json.NewEncoder(w).Encode(metadataMap); err != nil { 407 + if err := json.NewEncoder(w).Encode(metadata); err != nil { 417 408 http.Error(w, "Failed to encode metadata", http.StatusInternalServerError) 418 409 } 419 410 })
+44
pkg/appview/handlers/legal.go
··· 1 + package handlers 2 + 3 + import ( 4 + "html/template" 5 + "net/http" 6 + ) 7 + 8 + // PrivacyPolicyHandler handles the /privacy page 9 + type PrivacyPolicyHandler struct { 10 + Templates *template.Template 11 + RegistryURL string 12 + } 13 + 14 + func (h *PrivacyPolicyHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { 15 + data := struct { 16 + PageData 17 + }{ 18 + PageData: NewPageData(r, h.RegistryURL), 19 + } 20 + 21 + if err := h.Templates.ExecuteTemplate(w, "privacy", data); err != nil { 22 + http.Error(w, err.Error(), http.StatusInternalServerError) 23 + return 24 + } 25 + } 26 + 27 + // TermsOfServiceHandler handles the /terms page 28 + type TermsOfServiceHandler struct { 29 + Templates *template.Template 30 + RegistryURL string 31 + } 32 + 33 + func (h *TermsOfServiceHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { 34 + data := struct { 35 + PageData 36 + }{ 37 + PageData: NewPageData(r, h.RegistryURL), 38 + } 39 + 40 + if err := h.Templates.ExecuteTemplate(w, "terms", data); err != nil { 41 + http.Error(w, err.Error(), http.StatusInternalServerError) 42 + return 43 + } 44 + }
+15
pkg/appview/routes/routes.go
··· 87 87 }, 88 88 ).ServeHTTP) 89 89 90 + // Legal pages (public) 91 + router.Get("/privacy", middleware.OptionalAuth(deps.SessionStore, deps.Database)( 92 + &uihandlers.PrivacyPolicyHandler{ 93 + Templates: deps.Templates, 94 + RegistryURL: registryURL, 95 + }, 96 + ).ServeHTTP) 97 + 98 + router.Get("/terms", middleware.OptionalAuth(deps.SessionStore, deps.Database)( 99 + &uihandlers.TermsOfServiceHandler{ 100 + Templates: deps.Templates, 101 + RegistryURL: registryURL, 102 + }, 103 + ).ServeHTTP) 104 + 90 105 // API route for repository stats (public, read-only) 91 106 router.Get("/api/stats/{handle}/{repository}", middleware.OptionalAuth(deps.SessionStore, deps.Database)( 92 107 &uihandlers.GetStatsHandler{
+131
pkg/appview/static/css/style.css
··· 2477 2477 background-color: rgba(13, 108, 191, 0.15); 2478 2478 color: #0d6cbf; 2479 2479 } 2480 + 2481 + /* Legal Pages (Privacy Policy, Terms of Service) */ 2482 + .legal-page { 2483 + max-width: 800px; 2484 + margin: 0 auto; 2485 + padding: 2rem 1rem; 2486 + } 2487 + 2488 + .legal-page h1 { 2489 + font-size: 2rem; 2490 + margin-bottom: 0.5rem; 2491 + color: var(--fg); 2492 + } 2493 + 2494 + .legal-updated { 2495 + color: var(--secondary); 2496 + margin-bottom: 2rem; 2497 + } 2498 + 2499 + .legal-section { 2500 + margin: 2rem 0; 2501 + padding-bottom: 1.5rem; 2502 + border-bottom: 1px solid var(--border); 2503 + } 2504 + 2505 + .legal-section:last-child { 2506 + border-bottom: none; 2507 + } 2508 + 2509 + .legal-section h2 { 2510 + font-size: 1.5rem; 2511 + margin-bottom: 1rem; 2512 + color: var(--fg); 2513 + } 2514 + 2515 + .legal-section h3 { 2516 + font-size: 1.15rem; 2517 + margin: 1.5rem 0 0.75rem; 2518 + color: var(--fg); 2519 + } 2520 + 2521 + .legal-section p { 2522 + margin-bottom: 1rem; 2523 + line-height: 1.7; 2524 + } 2525 + 2526 + .legal-section ul, 2527 + .legal-section ol { 2528 + margin-bottom: 1rem; 2529 + padding-left: 2rem; 2530 + } 2531 + 2532 + .legal-section li { 2533 + margin-bottom: 0.5rem; 2534 + line-height: 1.6; 2535 + } 2536 + 2537 + .legal-section ul ul { 2538 + margin-top: 0.5rem; 2539 + margin-bottom: 0.5rem; 2540 + } 2541 + 2542 + .legal-section code { 2543 + background: var(--code-bg); 2544 + padding: 0.2rem 0.4rem; 2545 + border-radius: 3px; 2546 + font-family: "Monaco", "Menlo", monospace; 2547 + font-size: 0.9em; 2548 + } 2549 + 2550 + .legal-section a { 2551 + color: var(--primary); 2552 + text-decoration: underline; 2553 + } 2554 + 2555 + .legal-section a:hover { 2556 + color: var(--primary-dark); 2557 + } 2558 + 2559 + .legal-section table { 2560 + width: 100%; 2561 + border-collapse: collapse; 2562 + margin: 1rem 0; 2563 + } 2564 + 2565 + .legal-section table th, 2566 + .legal-section table td { 2567 + padding: 0.75rem 1rem; 2568 + border: 1px solid var(--border); 2569 + text-align: left; 2570 + } 2571 + 2572 + .legal-section table th { 2573 + background: var(--code-bg); 2574 + font-weight: 600; 2575 + } 2576 + 2577 + .legal-section table tr:nth-child(even) { 2578 + background: var(--hover-bg); 2579 + } 2580 + 2581 + .legal-disclaimer { 2582 + background: var(--code-bg); 2583 + padding: 1rem; 2584 + border-radius: 4px; 2585 + font-size: 0.95rem; 2586 + margin: 1rem 0; 2587 + } 2588 + 2589 + @media (max-width: 768px) { 2590 + .legal-page { 2591 + padding: 1rem 0.5rem; 2592 + } 2593 + 2594 + .legal-page h1 { 2595 + font-size: 1.5rem; 2596 + } 2597 + 2598 + .legal-section h2 { 2599 + font-size: 1.25rem; 2600 + } 2601 + 2602 + .legal-section table { 2603 + font-size: 0.85rem; 2604 + } 2605 + 2606 + .legal-section table th, 2607 + .legal-section table td { 2608 + padding: 0.5rem; 2609 + } 2610 + }
+266
pkg/appview/templates/pages/privacy.html
··· 1 + {{ define "privacy" }} 2 + <!DOCTYPE html> 3 + <html lang="en"> 4 + <head> 5 + <title>Privacy Policy - ATCR</title> 6 + {{ template "head" . }} 7 + </head> 8 + <body> 9 + {{ template "nav" . }} 10 + 11 + <main class="container"> 12 + <div class="legal-page"> 13 + <h1>Privacy Policy - AT Container Registry (atcr.io)</h1> 14 + <p class="legal-updated"><em>Last updated: January 2025</em></p> 15 + 16 + <div class="legal-section"> 17 + <h2>Data We Collect and Store</h2> 18 + 19 + <h3>Data Stored on Your PDS (Controlled by You)</h3> 20 + <p>When you use AT Container Registry, records are written to your Personal Data Server (PDS) under the <code>io.atcr.*</code> namespace. This data is stored on infrastructure you or your PDS hosting provider controls. We do not control this data, and its retention and deletion is governed by your PDS provider's policies.</p> 21 + 22 + <h3>Data Stored on Our Infrastructure</h3> 23 + 24 + <p><strong>Layer Records:</strong> We maintain records on our own PDS that reference container image layers you publish. These records are public and link your AT Protocol identity (DID) to content-addressed SHA identifiers.</p> 25 + 26 + <p><strong>OCI Blobs:</strong> Container image layers are stored in our object storage (S3). These blobs are content-addressed and deduplicated—meaning identical layers uploaded by different users are stored only once.</p> 27 + 28 + <p><strong>Authentication Data:</strong></p> 29 + <ul> 30 + <li>OAuth tokens obtained during sign-in</li> 31 + <li>Web UI session tokens</li> 32 + <li>Docker credential helper device tokens, including: 33 + <ul> 34 + <li>IP address</li> 35 + <li>Device name</li> 36 + <li>Token creation and last-used timestamps</li> 37 + </ul> 38 + </li> 39 + </ul> 40 + 41 + <p><strong>Cached PDS Data:</strong> We may cache data from your PDS in our database to improve performance and reduce load on your PDS. This cached data mirrors public information already stored on your PDS.</p> 42 + 43 + <p><strong>Server Logs:</strong> Our logs may include your handle, DID, IP address, timestamps, and actions performed. Logs are currently ephemeral but may be retained in the future for security and debugging purposes.</p> 44 + </div> 45 + 46 + <div class="legal-section"> 47 + <h2>Data Sharing and Deduplication</h2> 48 + 49 + <p>OCI container images use content-addressable storage. When you push an image layer, it is identified by its cryptographic hash (SHA256). If another user pushes an identical layer, both users reference the same underlying blob. This is standard practice for container registries and enables efficient storage and distribution.</p> 50 + 51 + <p><strong>What this means for your data:</strong></p> 52 + <ul> 53 + <li>Layer content is not uniquely "yours" if other users have pushed identical content</li> 54 + <li>Public SHA references may be associated with your AT Protocol identity</li> 55 + <li>Deleting your records does not delete blob data that other users also reference</li> 56 + </ul> 57 + </div> 58 + 59 + <div class="legal-section"> 60 + <h2>Your Rights Under GDPR</h2> 61 + 62 + <p>If you are located in the European Economic Area (EEA), you have the following rights:</p> 63 + 64 + <h3>Right to Access</h3> 65 + <p>You may request a copy of all personal data we store about you. This includes:</p> 66 + <ul> 67 + <li>Layer records associated with your DID on our PDS</li> 68 + <li>Server logs containing your handle, DID, IP address, or actions (if retained)</li> 69 + <li>OAuth tokens, web UI sessions, and device tokens</li> 70 + <li>Cached PDS data</li> 71 + <li>List of registered devices (credential helper)</li> 72 + </ul> 73 + <p class="note">Note: Data stored on your own PDS is already under your control and accessible to you directly.</p> 74 + 75 + <h3>Right to Erasure ("Right to be Forgotten")</h3> 76 + <p>You may request deletion of your data via the account settings page. Due to our technical architecture, deletion works as follows:</p> 77 + 78 + <p><strong>Immediately deleted:</strong></p> 79 + <ul> 80 + <li>Layer records on our PDS that reference your DID</li> 81 + <li>OAuth tokens, web UI sessions, and device tokens</li> 82 + <li>Cached PDS data</li> 83 + <li>Server logs containing your identifiers (deleted or anonymized, if retained)</li> 84 + </ul> 85 + 86 + <p><strong>Deleted within 30 days:</strong></p> 87 + <ul> 88 + <li>OCI blobs in our object storage that are no longer referenced by any user after your records are removed (via our orphan blob pruning process)</li> 89 + </ul> 90 + 91 + <p><strong>Cannot be deleted by us:</strong></p> 92 + <ul> 93 + <li>Records stored on your own PDS (you control these, or your PDS provider does)</li> 94 + <li>Blob data that is also referenced by other users (deduplicated content)</li> 95 + </ul> 96 + 97 + <p><strong>Optional: Delete AT Protocol Records</strong></p> 98 + <p>When deleting your account, you may optionally authorize us to delete <code>io.atcr.*</code> records from your PDS. This requires an active OAuth session and is optional because:</p> 99 + <ul> 100 + <li>Your PDS is controlled by you or your hosting provider, not us</li> 101 + <li>You may delete these records yourself at any time</li> 102 + <li>We have no ongoing obligation to manage data on infrastructure we do not control</li> 103 + </ul> 104 + 105 + <h3>Right to Rectification</h3> 106 + <p>You may update your data through normal use of the service. Data stored on your PDS is under your direct control.</p> 107 + 108 + <h3>Right to Data Portability</h3> 109 + <p>AT Protocol is designed for data portability. Your records are stored in an open, documented format on your PDS and can be exported or migrated at any time.</p> 110 + 111 + <h3>Right to Object / Restrict Processing</h3> 112 + <p>You may revoke our OAuth access at any time through your PDS provider's settings. This will prevent us from reading or writing records to your PDS.</p> 113 + </div> 114 + 115 + <div class="legal-section"> 116 + <h2>Your Rights Under CCPA</h2> 117 + 118 + <p>If you are a California resident, you have the following rights under the California Consumer Privacy Act:</p> 119 + 120 + <h3>Right to Know</h3> 121 + <p>You may request disclosure of:</p> 122 + <ul> 123 + <li>The categories of personal information we collect</li> 124 + <li>The purposes for which we use your personal information</li> 125 + <li>The categories of third parties with whom we share your personal information</li> 126 + </ul> 127 + 128 + <h3>Right to Delete</h3> 129 + <p>You may delete your personal information via the account settings page, subject to the same technical limitations described in the GDPR section above. For data not accessible through self-service, we will respond to requests within 45 days, except where retention is necessary for:</p> 130 + <ul> 131 + <li>Completing the transaction for which the data was collected</li> 132 + <li>Security and fraud prevention</li> 133 + <li>Legal compliance</li> 134 + </ul> 135 + 136 + <h3>Right to Non-Discrimination</h3> 137 + <p>We will not discriminate against you for exercising your CCPA rights.</p> 138 + 139 + <h3>Categories of Personal Information Collected</h3> 140 + <table> 141 + <thead> 142 + <tr> 143 + <th>Category</th> 144 + <th>Examples</th> 145 + <th>Collected</th> 146 + </tr> 147 + </thead> 148 + <tbody> 149 + <tr> 150 + <td>Identifiers</td> 151 + <td>DID, handle, IP address, device name</td> 152 + <td>Yes</td> 153 + </tr> 154 + <tr> 155 + <td>Internet activity</td> 156 + <td>Access logs, usage data, actions performed</td> 157 + <td>Yes</td> 158 + </tr> 159 + <tr> 160 + <td>Geolocation</td> 161 + <td>Approximate location via IP</td> 162 + <td>Yes</td> 163 + </tr> 164 + </tbody> 165 + </table> 166 + 167 + <p>We do not sell or share your personal information for cross-context behavioral advertising.</p> 168 + </div> 169 + 170 + <div class="legal-section"> 171 + <h2>Data Retention</h2> 172 + 173 + <table> 174 + <thead> 175 + <tr> 176 + <th>Data Type</th> 177 + <th>Retention Period</th> 178 + </tr> 179 + </thead> 180 + <tbody> 181 + <tr> 182 + <td>OAuth tokens</td> 183 + <td>Until revoked or logout</td> 184 + </tr> 185 + <tr> 186 + <td>Web UI session tokens</td> 187 + <td>Until logout or expiration</td> 188 + </tr> 189 + <tr> 190 + <td>Device tokens (credential helper)</td> 191 + <td>Until revoked by user</td> 192 + </tr> 193 + <tr> 194 + <td>Cached PDS data</td> 195 + <td>Refreshed periodically; deleted on account deletion</td> 196 + </tr> 197 + <tr> 198 + <td>Server logs</td> 199 + <td>Currently ephemeral; this policy will be updated if log retention is implemented</td> 200 + </tr> 201 + <tr> 202 + <td>Layer records (our PDS)</td> 203 + <td>Until you request deletion</td> 204 + </tr> 205 + <tr> 206 + <td>OCI blobs</td> 207 + <td>Until no longer referenced (pruned monthly)</td> 208 + </tr> 209 + </tbody> 210 + </table> 211 + </div> 212 + 213 + <div class="legal-section"> 214 + <h2>Important Notes on AT Protocol Architecture</h2> 215 + 216 + <p>AT Container Registry is built on the AT Protocol, which has a unique data architecture:</p> 217 + 218 + <ol> 219 + <li><strong>You control your data.</strong> Most data associated with your use of AT Container Registry is stored on your Personal Data Server (PDS), which you or your chosen provider controls.</li> 220 + <li><strong>Public by design.</strong> AT Protocol data is designed to be public and distributed. Records you create, including container image references, are publicly visible and may be replicated across the network.</li> 221 + <li><strong>Content-addressed storage.</strong> OCI blobs are identified by their cryptographic hash. This means blob data is inherently pseudonymous—it cannot be attributed to you without the corresponding records that reference it.</li> 222 + <li><strong>Deletion limitations.</strong> Because AT Protocol is distributed, we cannot guarantee that copies of public records have not been made by other participants in the network. We can only delete data on infrastructure we control.</li> 223 + </ol> 224 + </div> 225 + 226 + <div class="legal-section"> 227 + <h2>How to Exercise Your Rights</h2> 228 + 229 + <h3>Self-Service (via Settings)</h3> 230 + <p>Most data management can be done directly through your account settings at atcr.io:</p> 231 + <ul> 232 + <li><strong>Delete your data:</strong> Use the "Delete Account" button in settings. This will remove your layer records, cached data, and authentication tokens. You may also choose to have us delete <code>io.atcr.*</code> records from your PDS (requires active OAuth session).</li> 233 + <li><strong>Revoke device tokens:</strong> Manage and revoke credential helper devices in settings.</li> 234 + <li><strong>Update your data:</strong> Corrections happen through normal use of the service.</li> 235 + </ul> 236 + 237 + <h3>Contact Us</h3> 238 + <p>For requests we cannot fulfill through self-service, such as:</p> 239 + <ul> 240 + <li>Copies of server logs containing your data</li> 241 + <li>Database records not exposed in the UI</li> 242 + <li>Questions about this policy</li> 243 + </ul> 244 + 245 + <p><strong>Email:</strong> <a href="mailto:privacy@atcr.io">privacy@atcr.io</a></p> 246 + 247 + <p>Please include your AT Protocol DID or handle so we can verify your identity.</p> 248 + 249 + <p>We will respond to requests within 30 days (GDPR) or 45 days (CCPA).</p> 250 + </div> 251 + 252 + <div class="legal-section"> 253 + <h2>Contact</h2> 254 + 255 + <p>For questions about this privacy policy or to exercise your data rights, contact:</p> 256 + 257 + <p><strong>Email:</strong> <a href="mailto:privacy@atcr.io">privacy@atcr.io</a></p> 258 + <p><strong>Website:</strong> <a href="https://atcr.io">https://atcr.io</a></p> 259 + </div> 260 + </div> 261 + </main> 262 + 263 + <div id="modal"></div> 264 + </body> 265 + </html> 266 + {{ end }}
+204
pkg/appview/templates/pages/terms.html
··· 1 + {{ define "terms" }} 2 + <!DOCTYPE html> 3 + <html lang="en"> 4 + <head> 5 + <title>Terms of Service - ATCR</title> 6 + {{ template "head" . }} 7 + </head> 8 + <body> 9 + {{ template "nav" . }} 10 + 11 + <main class="container"> 12 + <div class="legal-page"> 13 + <h1>Terms of Service - AT Container Registry (atcr.io)</h1> 14 + <p class="legal-updated"><em>Last updated: January 2025</em></p> 15 + 16 + <p>These Terms of Service ("Terms") govern your use of AT Container Registry ("atcr.io", "the Service", "we", "us", "our"). By using the Service, you agree to these Terms. If you do not agree, do not use the Service.</p> 17 + 18 + <div class="legal-section"> 19 + <h2>1. Description of Service</h2> 20 + <p>AT Container Registry is an OCI-compatible container registry built on the AT Protocol. The Service allows you to store, distribute, and manage container images using your AT Protocol identity.</p> 21 + </div> 22 + 23 + <div class="legal-section"> 24 + <h2>2. Accounts and Access</h2> 25 + 26 + <h3>2.1 AT Protocol Identity</h3> 27 + <p>Access to the Service requires an AT Protocol identity (DID). You are responsible for maintaining the security of your PDS credentials and any device tokens issued by the Service.</p> 28 + 29 + <h3>2.2 Account Responsibility</h3> 30 + <p>You are responsible for all activity under your account, whether authorized by you or not. Notify us immediately if you suspect unauthorized access.</p> 31 + 32 + <h3>2.3 Age Requirement</h3> 33 + <p>You must be at least 13 years old to use the Service. If you are under 18, you must have permission from a parent or legal guardian.</p> 34 + </div> 35 + 36 + <div class="legal-section"> 37 + <h2>3. Acceptable Use</h2> 38 + 39 + <p>You agree NOT to use the Service to:</p> 40 + <ul> 41 + <li>Store or distribute malware, viruses, or malicious code</li> 42 + <li>Store or distribute illegal content under applicable law</li> 43 + <li>Infringe on intellectual property rights of others</li> 44 + <li>Store content you do not have the right to distribute</li> 45 + <li>Circumvent or abuse usage quotas or rate limits</li> 46 + <li>Interfere with or disrupt the Service or its infrastructure</li> 47 + <li>Use the Service for cryptocurrency mining or similarly resource-intensive activities unrelated to container distribution</li> 48 + <li>Impersonate others or misrepresent your affiliation with any person or entity</li> 49 + </ul> 50 + 51 + <p>We reserve the right to determine what constitutes a violation of these terms.</p> 52 + </div> 53 + 54 + <div class="legal-section"> 55 + <h2>4. Content and Intellectual Property</h2> 56 + 57 + <h3>4.1 Your Content</h3> 58 + <p>You retain ownership of container images and other content you upload to the Service. By uploading content, you grant us a license to store, cache, and distribute that content as necessary to operate the Service.</p> 59 + 60 + <h3>4.2 Content-Addressed Storage</h3> 61 + <p>The Service uses content-addressed, deduplicated storage. Identical image layers uploaded by different users are stored once and shared. This means:</p> 62 + <ul> 63 + <li>You cannot delete blob data that is also referenced by other users</li> 64 + <li>Blob data alone cannot identify you; only the associated records link content to your identity</li> 65 + </ul> 66 + 67 + <h3>4.3 Public Data</h3> 68 + <p>AT Protocol records are public by design. Container image references, tags, and metadata associated with your identity are publicly visible. Do not store sensitive information in image tags, labels, or other public metadata.</p> 69 + 70 + <h3>4.4 Content Removal</h3> 71 + <p>We may remove content that violates these Terms or applicable law. We may also remove content in response to valid legal requests.</p> 72 + </div> 73 + 74 + <div class="legal-section"> 75 + <h2>5. Usage Quotas and Limits</h2> 76 + 77 + <h3>5.1 Free Tier</h3> 78 + <p>The Service offers a free tier subject to usage quotas. These quotas may include limits on storage, bandwidth, or number of repositories. Current quotas are published in your account settings.</p> 79 + 80 + <h3>5.2 Quota Changes</h3> 81 + <p>We may adjust free tier quotas at any time. We will make reasonable efforts to notify users of significant changes, but continued use after changes constitutes acceptance.</p> 82 + 83 + <h3>5.3 Paid Tiers</h3> 84 + <p>Paid tiers with higher quotas may be offered in the future. Paid tier terms will be provided at the time of purchase.</p> 85 + </div> 86 + 87 + <div class="legal-section"> 88 + <h2>6. Service Availability</h2> 89 + 90 + <h3>6.1 No SLA for Free Tier</h3> 91 + <p>The free tier is provided on a best-effort basis. We make no guarantees regarding uptime, availability, or performance. The Service may be unavailable due to maintenance, infrastructure issues, or resource constraints.</p> 92 + 93 + <h3>6.2 Service Changes</h3> 94 + <p>We may modify, suspend, or discontinue the Service (or any part of it) at any time, with or without notice. We are not liable to you or any third party for any modification, suspension, or discontinuation.</p> 95 + 96 + <h3>6.3 Data Durability</h3> 97 + <p>While we take reasonable measures to protect your data, we do not guarantee data durability. You are responsible for maintaining backups of your container images.</p> 98 + </div> 99 + 100 + <div class="legal-section"> 101 + <h2>7. AT Protocol Considerations</h2> 102 + 103 + <h3>7.1 Distributed Architecture</h3> 104 + <p>The Service operates on the AT Protocol, a distributed network. Data written to your PDS is controlled by you or your PDS hosting provider, not by us.</p> 105 + 106 + <h3>7.2 Records on Your PDS</h3> 107 + <p>When you use the Service, records are written to your PDS under the <code>io.atcr.*</code> namespace. We can create, update, and delete these records only while you have granted us OAuth access. Revoking access does not automatically delete existing records.</p> 108 + 109 + <h3>7.3 No Control Over Your PDS</h3> 110 + <p>We do not control your PDS. If your PDS is offline or your PDS provider terminates your account, we cannot restore your AT Protocol records.</p> 111 + </div> 112 + 113 + <div class="legal-section"> 114 + <h2>8. Termination</h2> 115 + 116 + <h3>8.1 By You</h3> 117 + <p>You may stop using the Service at any time. To delete your data, use the account deletion option in settings or contact us.</p> 118 + 119 + <h3>8.2 By Us</h3> 120 + <p>We may suspend or terminate your access to the Service at any time, for any reason, including but not limited to:</p> 121 + <ul> 122 + <li>Violation of these Terms</li> 123 + <li>Abuse of the Service or its infrastructure</li> 124 + <li>Extended inactivity</li> 125 + <li>Legal requirements</li> 126 + </ul> 127 + 128 + <h3>8.3 Effect of Termination</h3> 129 + <p>Upon termination, we will delete your data in accordance with our Privacy Policy. Deduplicated blob data referenced by other users will not be deleted.</p> 130 + </div> 131 + 132 + <div class="legal-section"> 133 + <h2>9. Disclaimer of Warranties</h2> 134 + 135 + <p class="legal-disclaimer">THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.</p> 136 + 137 + <p class="legal-disclaimer">WE DO NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR SECURE. WE DO NOT WARRANT THAT ANY DEFECTS WILL BE CORRECTED.</p> 138 + </div> 139 + 140 + <div class="legal-section"> 141 + <h2>10. Limitation of Liability</h2> 142 + 143 + <p class="legal-disclaimer">TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, DATA, OR GOODWILL, ARISING OUT OF OR RELATED TO YOUR USE OF THE SERVICE.</p> 144 + 145 + <p class="legal-disclaimer">OUR TOTAL LIABILITY FOR ANY CLAIM ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICE SHALL NOT EXCEED THE AMOUNT YOU PAID US IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM, OR $50 USD, WHICHEVER IS GREATER.</p> 146 + </div> 147 + 148 + <div class="legal-section"> 149 + <h2>11. Indemnification</h2> 150 + 151 + <p>You agree to indemnify and hold harmless AT Container Registry, its operators, and affiliates from any claims, damages, losses, or expenses (including reasonable legal fees) arising out of:</p> 152 + <ul> 153 + <li>Your use of the Service</li> 154 + <li>Your violation of these Terms</li> 155 + <li>Your violation of any third-party rights</li> 156 + <li>Content you upload to the Service</li> 157 + </ul> 158 + </div> 159 + 160 + <div class="legal-section"> 161 + <h2>12. Changes to Terms</h2> 162 + 163 + <p>We may update these Terms from time to time. If we make material changes, we will notify you by posting the updated Terms and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the new Terms.</p> 164 + </div> 165 + 166 + <div class="legal-section"> 167 + <h2>13. Governing Law</h2> 168 + 169 + <p>These Terms shall be governed by and construed in accordance with the laws of the State of Texas, United States, without regard to conflict of law principles.</p> 170 + </div> 171 + 172 + <div class="legal-section"> 173 + <h2>14. Dispute Resolution</h2> 174 + 175 + <p>Any disputes arising out of or relating to these Terms or the Service shall first be attempted to be resolved through good-faith negotiation. If negotiation fails, disputes shall be resolved through binding arbitration or in the courts of Texas, at our discretion.</p> 176 + </div> 177 + 178 + <div class="legal-section"> 179 + <h2>15. Severability</h2> 180 + 181 + <p>If any provision of these Terms is found to be unenforceable, the remaining provisions shall remain in full force and effect.</p> 182 + </div> 183 + 184 + <div class="legal-section"> 185 + <h2>16. Entire Agreement</h2> 186 + 187 + <p>These Terms, together with our <a href="/privacy">Privacy Policy</a>, constitute the entire agreement between you and AT Container Registry regarding your use of the Service.</p> 188 + </div> 189 + 190 + <div class="legal-section"> 191 + <h2>Contact</h2> 192 + 193 + <p>For questions about these Terms, contact us at:</p> 194 + 195 + <p><strong>Email:</strong> <a href="mailto:legal@atcr.io">legal@atcr.io</a></p> 196 + <p><strong>Website:</strong> <a href="https://atcr.io">https://atcr.io</a></p> 197 + </div> 198 + </div> 199 + </main> 200 + 201 + <div id="modal"></div> 202 + </body> 203 + </html> 204 + {{ end }}