Privacy Policy

This policy applies to your use of hackit.one, HackIt forms, HackIt Discord spaces, HackIt-hosted or co-hosted events, and other services that are clearly operated, managed, or represented by HackIt. If a service links out to a third-party platform, that platform’s privacy practices are not governed by this policy.

For the services covered by this page, the HackIt team decides how relevant information is collected and used. HackIt currently operates as a youth-led community launched from Taiwan. If the operating entity, structure, or primary service owner changes in the future, we will update this page.

If HackIt later goes through a reorganization, merger, transfer of program operations, or another material operational change, relevant information may be transferred to the entity that continues the service, so long as the transfer is lawful and remains consistent with this notice.

When you browse the site, fill out forms, register for an event, join a waitlist, enter a Discord space, contact us, or submit content in a HackIt-related flow, we may collect information you provide directly as well as basic technical information created through normal service operation.

• Basic identifiers such as name, nickname, email address, phone number, social handle, school, age, or grade level when those details are relevant to eligibility or operations
• Event and application data such as signup responses, waitlist status, attendance records, project titles, travel or lodging logistics, dietary needs, emergency contacts, and parent or guardian consent information
• Community and communication records such as emails, form responses, feedback, incident reports, moderation records, and other information needed to handle safety or support issues
• Content you choose to submit or make public, such as project descriptions, photos, videos, audio, bios, avatars, and profile details shared in public-facing spaces
• Technical information such as IP address, device and browser type, referral source, usage logs, and cookies used to remember language and theme preferences

We mainly get information in three ways: from you directly, automatically through system operation, and from third parties when needed for safety, eligibility, or service delivery.

• When you fill out a registration form, waitlist form, contact form, report form, or reach out by email, Discord, or another channel
• When you visit the website and normal server, browser, and cookie behavior creates technical information needed to run the site
• When you interact with HackIt through Discord, GitHub, Notion, map services, public data sources, or other third-party tools
• When co-hosts, guardians, schools, or venues provide information needed to confirm eligibility, keep participants safe, or run an event

Parts of HackIt are intentionally social or public. If you post, submit, or speak in Discord, on a public signup page, in a showcase, on a roster, during a demo, or in another space designed to be seen by others, that information may be visible to other participants, speakers, partners, or visitors according to the settings of that space.

HackIt events, workshops, meetups, and public sharing sessions may be photographed, filmed, live streamed, or otherwise documented. Those materials may be used for recap posts, community records, public showcases, partner reporting, educational outreach, and future program promotion. If a specific event offers extra restrictions, badges, or opt-out handling, that event’s local rules will add to this policy.

• Please do not share someone else’s personal information, private messages, school details, photos, or contact information without consent
• If you submit a public project, title, bio, or post, we may reuse or reformat that material across HackIt pages, community channels, and event decks where operationally relevant

We collect and use information mainly to operate the HackIt website, events, and community responsibly, and to complete related communication, review, safety, and support workflows.

• Running, maintaining, improving, and protecting the HackIt website, Discord spaces, data tables, forms, and operational workflows
• Processing event applications, waitlists, admissions, notifications, on-site logistics, follow-up communications, and parent or guardian coordination where needed
• Responding to contact requests, partnership outreach, media questions, community concerns, and support requests
• Understanding aggregate participation patterns, operational bottlenecks, and community needs so future programs can be planned better
• Protecting community safety, investigating misconduct, handling harassment or complaints, preventing abuse, and protecting participants and staff
• Complying with law, responding to courts or government authorities, and protecting HackIt or other people when there is a serious legal or safety issue

HackIt does not sell personal data. We only share information when it is needed to provide the service, run an event, protect the community, or comply with law.

• With service providers that support hosting, CDN delivery, email, forms, databases, maps, registrations, or other operational tools
• With co-hosts, venues, speakers, mentors, volunteers, insurance providers, or safety partners when the minimum required details are needed to run an event
• When you choose to join Discord, follow a third-party link, use an external workflow, or ask us to coordinate with another service on your behalf
• With authorities, lawyers, or other relevant parties when disclosure is legally required or reasonably necessary for fraud prevention, safety, rights protection, or legal defense

HackIt services may link to or rely on third-party platforms such as Discord, GitHub, Notion, map providers, external registration pages, or partner sites. Those services have their own privacy policies and operating rules, and they are not controlled by this policy.

If you arrive at a third-party service from a HackIt page, or if you ask us to help you connect with that service, the third party may know that your visit originated from HackIt and may collect limited technical or usage data under its own policy.

We keep information only for as long as needed for the purpose it was collected for, or for a reasonable period required or allowed for legal, accounting, event record, safety, audit, dispute, and backup purposes. After that, we delete it, de-identify it, archive it, or stop using it actively in normal workflows.

HackIt uses safeguards that fit the organization’s size, such as access controls, least-privilege permissions, role separation, backups, secret handling, and limits on who can reach sensitive information. No online system can promise zero risk, but we aim to reduce unnecessary exposure.

If an incident may cause personal data to be stolen, leaked, altered, damaged, or otherwise compromised, we will take remedial action and provide notice when required by applicable law.

Where applicable law allows, you may ask us to provide access to your personal data, let you review it, give you a copy, correct or update it, stop collecting it, stop processing or using it, or delete it. We may need to verify your identity first so information is not disclosed to the wrong person.

If a specific activity is based on your consent, you may also withdraw that consent. Withdrawal usually does not affect processing that already happened before the withdrawal, and some services may no longer be available afterward.

• Ask what categories of data we hold about you and where that data came from
• Correct inaccurate, outdated, or incomplete information
• Request deletion or restricted use of data that is no longer necessary or that you no longer want us to keep where the law allows it
• Request a copy of information you provided directly to us, or ask which necessary partners received relevant information

The HackIt website currently uses cookies mainly to remember language and interface theme preferences, and it may rely on third-party embeds or technical services to keep the site working. If we later introduce additional analytics or operational tools, we will update this policy to reflect that.

You can manage cookies through your browser settings. If you disable certain cookies, language memory, theme settings, or some embedded features may stop working properly.

Some browsers send Do Not Track (DNT) signals. Because there is no consistent industry standard for handling DNT, HackIt does not promise a fixed response to every DNT signal, but we do try to reduce unnecessary tracking.

HackIt’s core community and most programs are designed mainly for people aged 13 to 23. Children under 13 should not use HackIt services to start participation flows that require personal data, and should not submit personal data unless a specific program explicitly allows it with required parent or guardian involvement.

For minors, we may request parent or guardian contact information, emergency details, signed consent forms, or other information needed to run an event safely. If we learn that a child under 13 submitted personal data to HackIt outside those conditions, we will take reasonable steps to stop processing it and delete it.

Information collected by HackIt may be stored in Taiwan or in other countries and regions where our service providers operate. That is because parts of our stack, such as website infrastructure, Discord, GitHub, email, databases, maps, or other operational tools, may be run by international vendors.

When information is transferred across borders, we try to ensure that providers only process it for necessary purposes and that reasonable safeguards are in place. Still, data protection rules and enforcement environments may differ across jurisdictions.

HackIt may update this policy when services change, laws change, event formats change, or third-party tools are added, removed, or updated. If the change is material, we will update the date on this page and, where appropriate, give extra notice through the website, forms, Discord, or email.

If you keep using the relevant services after a policy update, the new version will apply to future use. We will not repurpose older data for a newly invented use without an appropriate legal basis.