Last updated: June 30, 2025
SaveTheHives (savethehives.org) is a citizen science project dedicated to mapping feral honeybee colonies worldwide. We take your privacy seriously and collect only what is necessary to run the service.
SaveTheHives is operated as a volunteer, zero-budget citizen science project. Questions about this policy can be directed to [email protected].
Email address — Collected when you sign in using our magic link authentication. Used solely to send you a one-time sign-in link. We do not use your email for marketing, and we do not share it with third parties except as described below.
Hive records you submit — When you log a hive, we store the coordinates (latitude/longitude), hive type, description, approximate location (city/state/zip if provided), observer name (optional), and year first observed (optional). This data is published publicly on the SaveTheHives map — do not submit coordinates for hives where public disclosure could cause harm.
Check-in records — Status updates you log against existing hives are stored and associated with your account.
Device signals via Cloudflare Turnstile — When you sign in, our bot-protection layer (Cloudflare Turnstile) processes minimal technical signals including your IP address, browser fingerprint, and user-agent. See Section 6 for full details.
We do not run ads, use tracking pixels, or build behavioral profiles of any kind.
All hive and account data is stored in Supabase (a PostgreSQL database hosted on AWS infrastructure in the United States). Supabase is our data processor and operates under its own Privacy Policy.
Authentication emails (magic links) are delivered by Resend, which processes your email address to send the sign-in link. Resend operates under its own Privacy Policy.
The SaveTheHives website is served through Cloudflare Pages. Cloudflare may process connection-level data as part of delivering the site. Cloudflare operates under its own Privacy Policy.
We do not sell, rent, or trade any personal data.
You may request access to, correction of, or deletion of your personal data at any time by emailing [email protected]. We will respond within 30 days. Deletion of your account will remove your email and authentication record; hive records you submitted will remain on the public map unless you specifically request their removal.
When you use the sign-in form, Cloudflare Turnstile processes the following signals to distinguish human users from bots: IP address, TLS fingerprint, User-Agent header, and the Turnstile site key. Cloudflare states it cannot directly identify individuals from these signals.
Cloudflare uses this data for two purposes: (1) as a data processor on our behalf to protect our sign-in endpoint, and (2) as a data controller in its own right to improve Turnstile's bot-detection capabilities.
For EU and UK residents: when Cloudflare processes Turnstile data as our processor, we (SaveTheHives) are the data controller and the lawful basis is our legitimate interest in securing our service. When Cloudflare processes data as its own controller, it relies on its legitimate interest in improving bot-detection.
Turnstile may use strictly necessary cookies. Full details are in Cloudflare's Turnstile Privacy Addendum and Cookie Policy.
For questions about Cloudflare's processing of your data, contact Cloudflare's Data Protection Officer at [email protected].
Account and authentication data is retained until you request deletion. Hive records are retained indefinitely as part of the scientific record, unless you request removal of records you submitted.
SaveTheHives is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has submitted data, please contact us for removal.
We may update this policy as the service evolves. The "Last updated" date at the top reflects the most recent revision. Continued use of SaveTheHives after a policy change constitutes acceptance of the updated policy.