Privacy Policy

This policy covers Canvas Designer, a tool for authoring Canvas LMS pages, available at learnsmith.eu/designer/. Last updated: 17 April 2026.

Data controller

Canvas Designer is run as an independent project by Kaspar Bredahl Rasmussen. Contact: kasparbredahl@proton.me

What data we process

When you use Canvas Designer, we process the following information about you:

At login

• Your email address — stored permanently to identify your account and to send you login links.
• The time of your first and most recent login.
• A temporary single-use code ("magic link") sent to your email, valid for 15 minutes. We store only a SHA-256 cryptographic hash of the code — never the code itself — so that a database breach would not grant access to links still sitting in inboxes.
• A signed session cookie in your browser, valid for up to 30 days on a rolling basis. The cookie is HMAC-SHA256-signed with the server's secret key, marked HttpOnly, Secure and SameSite=Lax. The session itself is not stored in the database — it lives only inside the cookie.

When you save a design

• The HTML content of your design, as you have built it in the tool.
• A unique design ID and the title you give the design.
• Timestamps for when the design was created and last modified.
• Metadata about your design choices: page style, brand colours, icon mode, page frame, element counter. These are purely your settings in the tool.
• The link between the design and your account (ownership). Your designs are private — only you can see them.

When you organise designs into spaces and tags

• The names and optional colours of spaces you create.
• An optional link between a space and a Canvas course (course ID and course name) if you choose to link them.
• The tags you attach to your designs (lowercase letters, numbers, hyphens, underscores).

When you connect to Canvas LMS

To publish or import pages to/from a Canvas instance, you enter a Personal Access Token from your own Canvas account.

• The token is stored locally in your browser (localStorage), not in our database. You can clear it at any time from the "Canvas LMS" menu in the toolbar.
• When you request data from Canvas (e.g. list courses, publish a page), the request goes through our proxy service. The proxy forwards the token to Canvas and never stores it.
• We do not store Canvas course lists, page titles or page content from Canvas unless you explicitly save them as a design with us.

What we do NOT collect

We do not store IP addresses, browser or device information in the application database. We use no third-party tracking tools — no Google Analytics, Matomo, Hotjar or advertising pixels. We do not profile you.

The web server hosting the service (Hetzner, Finland) keeps standard nginx access logs which include IP and timestamp — used only for troubleshooting and security, and rotated out after a short retention window.

Purpose of processing

We use your data exclusively to:

• authenticate you and keep you logged in,
• save, load, modify and delete your designs,
• let you organise your designs into spaces and tags,
• let you publish designs to your Canvas instance when you choose to,
• fulfil your GDPR rights (export and deletion).

We do not use your data for marketing, profiling, advertising, resale or any other purpose.

Legal basis

Processing is based on your consent under GDPR Article 6(1)(a). You consent when you log in and when you save a design. You can withdraw consent at any time by requesting deletion (see Your rights below).

Storage and security

Data is stored in a PostgreSQL database on Hetzner in Helsinki, Finland (EU). The database is configured to accept connections only over a local Unix socket — it is not exposed on any TCP port. Our service authenticates to the database via operating-system "peer auth" without a password.

All communication between your browser and the server is encrypted with HTTPS/TLS.

Login codes are randomly generated 256-bit values stored only as a SHA-256 hash. Session cookies are HMAC-SHA256-signed with a server secret so they cannot be forged by the client. The number of login attempts is rate-limited per email address.

The database is backed up every night with 14 days of local retention and mirrored to a Hetzner Storage Box in Helsinki (Finland, EU) over SSH. All backups remain within the EU/EEA. Full-database restore from backup has been tested end-to-end.

Third parties and data processors

Canvas Designer is built to minimise the number of external services involved. All fonts, icons, images and JavaScript libraries the service uses are loaded from our own server (Hetzner Helsinki) — not from public content-delivery networks (CDNs) such as Fastly or Cloudflare. That means your browser does not contact US companies when you use the tool.

The only third parties involved are:

• Mailpace (UK-registered company, EU hosting) — sends login emails from no-reply@learnsmith.eu. Mailpace sees your email address and the content of the login email.
• Hetzner Online GmbH (Germany; servers operated in Helsinki, Finland) — provides the server and off-site backup storage. All data remains in the EU.
• Canvas LMS (Instructure) — only when you choose to connect Canvas Designer to your Canvas instance and explicitly publish or import a page. Instructure is not a processor on our behalf — you have a direct link to your own Canvas instance and must rely on your institution's privacy regime for that relationship.

Retention

• Your user account and designs are stored until you delete them.
• Login codes have a maximum lifetime of 15 minutes and are marked used as soon as they are consumed.
• The session cookie is valid for up to 30 days (rolling) or until you log out.
• Backups are kept for 14 days (locally and off-site) before being rotated out. Account deletion is therefore reflected in backups within 14 days.
• We currently have no automatic deletion of inactive accounts — you can delete your account at any time via "Account settings".

Your rights

Under GDPR, you have the right to:

• Access the data we hold about you (art. 15) — use "Download all my data (JSON)" under "Account settings" to retrieve everything we have stored on you.
• Rectification of inaccurate data (art. 16) — edit your designs directly in the tool, or contact us to correct account details.
• Erasure (art. 17) — delete individual designs via the delete button, or delete your entire account via "Delete my account" in Account settings. Account deletion removes all your designs and login codes from the database immediately, and from backups within 14 days.
• Data portability (art. 20) — the export above is a machine-readable JSON file.
• Withdraw consent (art. 7(3)) — delete your account or stop using the service.
• Lodge a complaint with a supervisory authority (art. 77) — for Norway: www.datatilsynet.no.

Cookies

Canvas Designer uses one strictly-necessary cookie: cdSession, which keeps you logged in for up to 30 days (rolling). It is marked HttpOnly, SameSite=Lax and is set with the Secure flag on HTTPS connections.

We use no tracking, analytics or marketing cookies. Because of this we do not ask for cookie consent — the technical cookie is exempt because it is strictly necessary for you to stay logged in.

In addition, Canvas Designer stores some non-identifying settings locally in your browser (localStorage), such as language preference, your autosaved draft, and any Canvas access token you have entered yourself. These stay on your device and are not sent to our server unless you choose to (e.g. logging in or publishing to Canvas).

Changes to this policy

If we change how we process personal data, we will update this page and change the date at the top. Material changes are communicated by email to registered users.

Contact

For questions about this policy or to exercise your rights, contact: kasparbredahl@proton.me