From 3eec68f96f004c5dc9631786cb099f40955c2c53 Mon Sep 17 00:00:00 2001
From: Karl <61626414+snaeker58@users.noreply.github.com>
Date: Sat, 7 Sep 2024 18:12:24 +0200
Subject: [PATCH 1/9] feat: privacy policy/gdpr/code of conduct template

open: Actual code of conduct, making the br element thicc.
---
 src/lib/Page.svelte                  |  42 ++++-----
 src/routes/+layout.svelte            |   5 +-
 src/routes/+page.svelte              |   2 +-
 src/routes/privacy/+page.svelte      | 129 ++++++++++++++++-----------
 src/routes/privacy/gdpr/+page.svelte |  92 +++++++++++++++++++
 5 files changed, 196 insertions(+), 74 deletions(-)
 create mode 100644 src/routes/privacy/gdpr/+page.svelte

diff --git a/src/lib/Page.svelte b/src/lib/Page.svelte
index 258f1fd..9ba5516 100644
--- a/src/lib/Page.svelte
+++ b/src/lib/Page.svelte
@@ -11,27 +11,27 @@
 </div>
 
 <style>
-  div {
-    width: 1024px;
-    margin: auto;
-    padding: 8em 2em;
-    max-width: 100%;
-  }
+    div {
+        width: 1024px;
+        margin: auto;
+        padding: 8em 2em;
+        max-width: 100%;
+    }
 
-  div :global(p),
-  div :global(ul),
-  div :global(ol) {
-    margin: 1em 0;
-  }
+    div :global(p),
+    div :global(ul),
+    div :global(ol) {
+        margin: 1em 0;
+    }
 
-  div :global(h1),
-  div :global(h2),
-  div :global(h3),
-  div :global(h4) {
-    margin-top: 2em;
-  }
+    div :global(h1),
+    div :global(h2),
+    div :global(h3),
+    div :global(h4) {
+        margin-top: 2em;
+    }
 
-  div :global(a:hover) {
-    text-decoration: underline;
-  }
-</style>
+    div :global(a:hover) {
+        text-decoration: underline;
+    }
+</style>
\ No newline at end of file
diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
index af8e8ed..1eb4d78 100644
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -46,7 +46,7 @@
         <p>
           Hack Zenith 2025 is fiscally sponsored by The Hack Foundation (d.b.a. Hack Club), a 501(c)(3) nonprofit (EIN:
           81-2908499). Hack Zenith 2025 is not an official Hack Club event. Use of Hack Club branding does not
-          constitute an endorsement, implied or otherwise, of Hack Zenith 2025 by Hack Club.
+          constitute an endorsement, implied or otherwise.
         </p>
       </div>
       <div class="links">
@@ -59,7 +59,10 @@
       <div class="links">
         <p class="title">Legal</p>
         <ul>
+          <!-- TODO: Add link to Code of Conduct (which does not exist yet) -->
+          <li><a href="/404">Code of Conduct</a></li>
           <li><a href="/privacy">Privacy policy</a></li>
+          <li><a href="/privacy/gdpr">GDPR Compliance</a></li>
         </ul>
       </div>
     </div>
diff --git a/src/routes/+page.svelte b/src/routes/+page.svelte
index d68f895..e397367 100644
--- a/src/routes/+page.svelte
+++ b/src/routes/+page.svelte
@@ -53,7 +53,7 @@
           id="email"
           type="email"
           name="email"
-          placeholder="sarah@example.com"
+          placeholder="you@zenith2025.org"
           required
           data-lp-igore
           data-lpignore="true"
diff --git a/src/routes/privacy/+page.svelte b/src/routes/privacy/+page.svelte
index 43ea341..dc9c326 100644
--- a/src/routes/privacy/+page.svelte
+++ b/src/routes/privacy/+page.svelte
@@ -3,88 +3,115 @@
 </script>
 
 <Page title="Privacy">
-  <h1>Privacy</h1>
+  <h1>Privacy Policy</h1>
 
-  <p>This privacy notice tells you what to expect us to do with your personal information.</p>
+  <p>This privacy policy explains how the Zenith Hacks Team (referred to as "we" or "us") handles your personal
+    information. For residents of the European Union (EU) and California, please also refer to our <a
+      href="/privacy/gdpr">GDPR</a> and <a
+      href="/privacy/ccpa">CCPA</a> Compliance
+    Statement for specific regulations that apply to you.</p>
 
-  <h2>Table of contents</h2>
+  <h2>Table of Contents</h2>
   <ul>
-    <li><a href="#contact">Contact details</a></li>
-    <li><a href="#information-collected">Information collected</a></li>
-    <li><a href="#lawful-bases">Our lawful bases for the collection and use of your data</a></li>
-    <li><a href="#retention">How long do we keep your data?</a></li>
-    <li><a href="#sharing">Who do we share your information with?</a></li>
-    <li><a href="#complaints">Complaining about our use of your personal data</a></li>
-    <li><a href="#last-updated">Last updated</a></li>
+    <li><a href="#contact">Contact Details</a></li>
+    <li><a href="#information-collected">Information We Collect</a></li>
+    <li><a href="#why-collect">Why We Collect Your Information</a></li>
+    <li><a href="#lawful-bases">Our Lawful Bases for Processing Your Data</a></li>
+    <li><a href="#retention">Data Retention Period</a></li>
+    <li><a href="#sharing">Data Sharing and Disclosure</a></li>
+    <li><a href="#last-updated">Last Updated</a></li>
+    <br>
+    <li><a href="#rights">Your Rights</a></li>
+    <li><a href="#complaints">File a Complaint About Our Use of Your Data</a></li>
+
   </ul>
 
-  <h2 id="contact">Contact details</h2>
+  <h2 id="contact">Contact Details</h2>
   <p>
-    If you have data protection concerns, please send an email to <a href="mailto:data@zenithhacks.org"
-      >data@zenithhacks.org</a
-    > and we'll get back to you shortly.
+    If you have any concerns or questions regarding data protection, please reach out to us at <a
+    href="mailto:data@zenithhacks.org">data@zenithhacks.org</a>. We will respond to your inquiries as soon as possible.
+    Please ensure that all emails adhere to our Code of Conduct.
   </p>
 
-  <h2 id="information-collected">What information do we collect and why?</h2>
+  <h2 id="information-collected">Information We Collect</h2>
+  <p>
+    When you opt in to receive notifications via email using the form on our website, we collect, store, and process the
+    following information:
+  </p>
+  <ul>
+    <li><b>Email address:</b> Used to notify you when sign-ups open.</li>
+    <li><b>IP address:</b> For security purposes and spam prevention.</li>
+    <li><b>Approximate location:</b> The city and country inferred from your IP address.</li>
+    <li><b>Time of request:</b> To track and manage your request.</li>
+  </ul>
+
+  <h2 id="why-collect">Why We Collect Your Information</h2>
   <p>
-    When you ask to be notified when sign-ups open by using the form on our website, we collect and store your email so
-    we can notify you when sign-ups open.<br />
-    We also store the following information:
+    We collect this information to:
   </p>
   <ul>
-    <li>your IP address</li>
-    <li>your approximate location (the city and country we think you live in)</li>
-    <li>the time of day you sent the request</li>
+    <li>Notify you about the opening of sign-ups.</li>
+    <li>Ensure the security of our systems and prevent abuse or spam.</li>
+    <li>Improve the quality of our services based on user patterns and preferences.</li>
   </ul>
-  <p>We store this information for security purposes, and to prevent spam.</p>
 
-  <h2 id="lawful-bases">Our lawful bases for the collection and use of your data</h2>
+  <h2 id="lawful-bases">Our Lawful Bases for Processing Your Data</h2>
   <p>
-    We're allowed to collect your data because by submitting your data (for example, your email) you're consenting to
-    your information being collected. We do not collect information about you from third parties. We only collect the
-    data that you or your device gives us.
+    We process your data based on the consent you provide when submitting the sign-up notification form. We do not
+    collect information from third parties, and all data is obtained directly from you or your device. If you do not opt
+    in to receive email notifications, this policy does not apply to you. No data is sent, stored, or processed
+    otherwise.
   </p>
 
-  <h2 id="retention">How long do we keep your data?</h2>
+  <h2 id="retention">Data Retention Period</h2>
   <p>
-    When you ask to be notified when sign-ups open using the form on our website, we keep the information that you give
-    us until we send you that email and for no longer than 12 months.<br />
-    After then, we delete the information.
+    We retain your personal information in Google Cloud servers for up to 12 months, as outlined in the <a
+    href="#information-collected">Information
+    We Collect</a>
+    section. After this period, your data will be permanently deleted. In most cases, your data is deleted shortly after
+    the notification email has been sent, but this is not guaranteed.
   </p>
 
-  <h2 id="sharing">Who do we share your information with?</h2>
-  <p>Your information is processed by:</p>
+  <h2 id="sharing">Data Sharing and Disclosure</h2>
+  <p>
+    We may share your information with the following entities. Note that these external organizations have their own
+    privacy policies, and we are not responsible for their actions:
+  </p>
   <ul>
-    <li>
-      Cloudflare, which hosts our website and processes your information. Their DPA is <a
-        href="https://www.cloudflare.com/en-gb/cloudflare-customer-dpa/">here</a
-      >, and by using our services you agree to it.
+    <li><b>Google:</b> We store your data on Google Cloud servers. By accepting our privacy policy you also consent to
+      <a href="https://cloud.google.com/terms/cloud-privacy-notice">Google Clouds privacy policy</a>.
     </li>
-    <li>
-      Google, which securely stores your information for us to use when we need to. Their DPA <a
-        href="https://cloud.google.com/terms/data-processing-addendum/?hl=en">here</a
-      >, and by using our services you agree to it.
+    <li><b>Safeguarding and Legal Obligations:</b> We may share your data with government agencies or legal
+      authorities when required by law or for safeguarding reasons. This does not include private entities.
+    </li>
+    <li><b>With Your Consent:</b> Your data may be shared publicly on our website, social media, or other
+      marketing channels if you have explicitly given us consent.
     </li>
   </ul>
+
+  <h2 id="rights">Your Rights</h2>
   <p>
-    They are only allowed to use that information for the purposes of providing their services to us. They cannot use it
-    to, for example, sell you something.<br />
-    We may also share personal information with:
+    You generally have the following rights under applicable data protection laws:
   </p>
   <ul>
-    <li>Organisations we need to share information with for safeguarding reasons</li>
-    <li>Organisations we're legally obliged to share personal information with</li>
-    <li>With your consent, publicly on our website, social media or other marketing and information media</li>
+    <li><b>Access:</b> Request a copy of your data.</li>
+    <li><b>Rectification:</b> Request corrections to your data.</li>
+    <li><b>Erasure:</b> Request the deletion of your data.</li>
+    <li><b>Restriction:</b> Request limitations on the processing of your data.</li>
+    <li><b>Objection:</b> Object to certain types of data processing.</li>
   </ul>
 
-  <h2 id="complaints">Complaining about our use of your personal data</h2>
+  <h2 id="complaints">File a Complaint About Our Use of Your Data</h2>
   <p>
-    If you have any concerns about our use of your personal data, you can make a complaint to us using the contact
-    details at the top of this privacy notice.
+    If you have any concerns about how we handle your personal data or wish to have your data deleted, you can file a
+    complaint by contacting us at the email provided at the top of this privacy policy. To verify the request, please
+    contact us using the registered email address associated with the data, or provide proof that the data belongs to
+    you. Any additional information provided for the purpose of data deletion will not be saved, shared, or processed by
+    us.
   </p>
 
-  <h2 id="last-updated">Last updated</h2>
+  <h2 id="last-updated">Last Updated</h2>
   <p>
-    This privacy notice was last updated on the 5th of September, 2024. We may update this privacy notice at any time.
+    This privacy notice was last updated on the 7th of September, 2024. We may update this privacy notice at any time.
   </p>
 </Page>
diff --git a/src/routes/privacy/gdpr/+page.svelte b/src/routes/privacy/gdpr/+page.svelte
new file mode 100644
index 0000000..028dfd0
--- /dev/null
+++ b/src/routes/privacy/gdpr/+page.svelte
@@ -0,0 +1,92 @@
+<script>
+  import Page from '$lib/Page.svelte';
+</script>
+
+<Page title="GDPR Compliance">
+  <h1>GDPR Compliance Statement</h1>
+
+  <p>
+    Zenith Hacks and the Zenith Hacks Team (we, us) is committed to ensuring the privacy and protection of your personal
+    data in compliance with the
+    General Data Protection Regulation (GDPR).
+    This statement explains your additional rights as a data subject under the GDPR.
+    Please read our <a href="/privacy">Privacy Policy</a> for more information on how we collect,
+    store, and process personal data.
+  </p>
+
+  <h2>Data Controller</h2>
+  <p>
+    The Zenith Hacks Team is the data controller responsible for the processing of your personal data. If you have any
+    questions or concerns regarding the handling of your data, you may contact us at <a
+    href="mailto:gdpr@zenithhacks.org">gdpr@zenithhacks.org</a>. We will respond to your inquiries as soon as possible.
+    Please ensure that all emails adhere to our Code of Conduct.
+  </p>
+
+  <h2>Legal Basis for Processing Your Data</h2>
+  <p>
+    Under the GDPR, we process your personal data based on your <strong>explicit consent</strong>, which you provide
+    when you submit your email address via our sign-up notification form. We only process data that you have actively
+    submitted and do not collect any data from third parties or by you visiting the website. Not submitting your email
+    thus does not allow us to process any of your data.
+  </p>
+  <p>
+    You have the right to withdraw your consent at any time. If you withdraw your consent, we will stop processing your
+    personal data and ensure that it is fully deleted as soon as possible and within compliance of the GDPR.
+  </p>
+
+  <h2>Data Security</h2>
+  <p>
+    We take data security seriously and employ industry-standard measures to protect your personal information from
+    unauthorized access, misuse, or disclosure. Your data is stored on secure Google servers, <a
+    href="https://cloud.google.com/privacy/gdpr">which comply with GDPR
+    regulations </a>. We do not share your personal data with third parties unless required by law or with your explicit
+    consent.
+  </p>
+
+  <h2>Your Rights Under GDPR</h2>
+  <p>
+    As a data subject under the GDPR, you have the following rights regarding your personal data:
+  </p>
+  <ul>
+    <li><strong>Right of Access:</strong> You may request access to the personal data we hold about you.</li>
+    <li><strong>Right to Rectification:</strong> You may request corrections to any inaccurate or incomplete data.</li>
+    <li><strong>Right to Erasure ("Right to be Forgotten"):</strong> You may request the deletion of your personal data,
+      subject to certain conditions.
+    </li>
+    <li><strong>Right to Restriction of Processing:</strong> You may request that we restrict the processing of your
+      personal data in certain circumstances.
+    </li>
+    <li><strong>Right to Data Portability:</strong> You may request that we provide your data in a structured, commonly
+      used, and machine-readable format, or that we transfer it to another data controller.
+    </li>
+    <li><strong>Right to Object:</strong> You may object to the processing of your personal data in certain
+      circumstances, such as for direct marketing purposes.
+    </li>
+  </ul>
+
+  <h2>Exercising Your Rights</h2>
+  <p>
+    To exercise any of your rights under the GDPR, please contact us at <a href="mailto:data@zenithhacks.org">data@zenithhacks.org</a>.
+    We may require proof of identity to process your request and will respond within 30 days.
+  </p>
+
+  <h2>International Transfers</h2>
+  <p>
+    If we transfer your personal data outside of the European Economic Area (EEA), we ensure that the data is protected
+    to GDPR standards through appropriate safeguards, such as standard contractual clauses or by working with
+    GDPR-compliant service providers like Google.
+  </p>
+
+  <h2>Filing a Complaint</h2>
+  <p>
+    If you believe that we are not processing your personal data in accordance with the GDPR, you have the right to file
+    a complaint with your local data protection authority or supervisory authority in the European Union.
+    You may find their contact info <a href="https://www.edpb.europa.eu/about-edpb/about-edpb/members_en">here</a>.
+  </p>
+
+  <h2>Updates to This GDPR Compliance Statement</h2>
+  <p>
+    This GDPR Compliance Statement was last updated on the 7th of September 2024.
+    We may update this statement from time to time to reflect changes in our processing activities or legal obligations.
+  </p>
+</Page>

From e0d5e2bca818645d2750b5164d4e72bb963b94d6 Mon Sep 17 00:00:00 2001
From: Karl <61626414+snaeker58@users.noreply.github.com>
Date: Sat, 7 Sep 2024 18:12:24 +0200
Subject: [PATCH 2/9] modified to fulfill Sarah's wishes!

---
 src/lib/Page.svelte                  |   2 +-
 src/routes/+layout.svelte            |   5 +-
 src/routes/+page.svelte              |   2 +-
 src/routes/privacy/+page.svelte      | 126 ++++++++++++++++-----------
 src/routes/privacy/gdpr/+page.svelte |  92 +++++++++++++++++++
 5 files changed, 173 insertions(+), 54 deletions(-)
 create mode 100644 src/routes/privacy/gdpr/+page.svelte

diff --git a/src/lib/Page.svelte b/src/lib/Page.svelte
index 258f1fd..5aa3274 100644
--- a/src/lib/Page.svelte
+++ b/src/lib/Page.svelte
@@ -34,4 +34,4 @@
   div :global(a:hover) {
     text-decoration: underline;
   }
-</style>
+</style>
\ No newline at end of file
diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
index af8e8ed..8ff58d4 100644
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -46,7 +46,7 @@
         <p>
           Hack Zenith 2025 is fiscally sponsored by The Hack Foundation (d.b.a. Hack Club), a 501(c)(3) nonprofit (EIN:
           81-2908499). Hack Zenith 2025 is not an official Hack Club event. Use of Hack Club branding does not
-          constitute an endorsement, implied or otherwise, of Hack Zenith 2025 by Hack Club.
+          constitute an endorsement, implied or otherwise.
         </p>
       </div>
       <div class="links">
@@ -59,7 +59,10 @@
       <div class="links">
         <p class="title">Legal</p>
         <ul>
+          <!-- TODO: Add link to Code of Conduct (which does not exist yet) -->
+          <li><a href="/404">Code of Conduct</a></li>
           <li><a href="/privacy">Privacy policy</a></li>
+          <li><a href="/privacy/gdpr">GDPR compliance</a></li>
         </ul>
       </div>
     </div>
diff --git a/src/routes/+page.svelte b/src/routes/+page.svelte
index d68f895..e397367 100644
--- a/src/routes/+page.svelte
+++ b/src/routes/+page.svelte
@@ -53,7 +53,7 @@
           id="email"
           type="email"
           name="email"
-          placeholder="sarah@example.com"
+          placeholder="you@zenith2025.org"
           required
           data-lp-igore
           data-lpignore="true"
diff --git a/src/routes/privacy/+page.svelte b/src/routes/privacy/+page.svelte
index 43ea341..6b2d916 100644
--- a/src/routes/privacy/+page.svelte
+++ b/src/routes/privacy/+page.svelte
@@ -3,88 +3,112 @@
 </script>
 
 <Page title="Privacy">
-  <h1>Privacy</h1>
+  <h1>Privacy Policy</h1>
 
-  <p>This privacy notice tells you what to expect us to do with your personal information.</p>
+  <p>This privacy policy explains how the Zenith Hacks Team (referred to as "we" or "us") handles your personal
+    information. For residents of the European Union (EU) please also refer to our <a
+      href="/privacy/gdpr">GDPR</a> Statement for specific regulations that apply to you.</p>
 
-  <h2>Table of contents</h2>
+  <h2>Table of Contents</h2>
   <ul>
-    <li><a href="#contact">Contact details</a></li>
-    <li><a href="#information-collected">Information collected</a></li>
-    <li><a href="#lawful-bases">Our lawful bases for the collection and use of your data</a></li>
-    <li><a href="#retention">How long do we keep your data?</a></li>
-    <li><a href="#sharing">Who do we share your information with?</a></li>
-    <li><a href="#complaints">Complaining about our use of your personal data</a></li>
-    <li><a href="#last-updated">Last updated</a></li>
+    <li><a href="#contact">Contact Details</a></li>
+    <li><a href="#information-collected">Information We Collect</a></li>
+    <li><a href="#why-collect">Why We Collect Your Information</a></li>
+    <li><a href="#lawful-bases">Our Lawful Bases for Processing Your Data</a></li>
+    <li><a href="#retention">Data Retention Period</a></li>
+    <li><a href="#sharing">Data Sharing and Disclosure</a></li>
+    <li><a href="#last-updated">Last Updated</a></li>
+    <br>
+    <li><a href="#rights">Your Rights</a></li>
+    <li><a href="#complaints">File a Complaint About Our Use of Your Data</a></li>
+
   </ul>
 
-  <h2 id="contact">Contact details</h2>
+  <h2 id="contact">Contact Details</h2>
   <p>
-    If you have data protection concerns, please send an email to <a href="mailto:data@zenithhacks.org"
-      >data@zenithhacks.org</a
-    > and we'll get back to you shortly.
+    If you have any concerns or questions regarding data protection, please reach out to us at <a
+    href="mailto:data@zenithhacks.org">data@zenithhacks.org</a>. We will respond to your inquiries as soon as possible.
+    Please ensure that all emails adhere to our Code of Conduct.
   </p>
 
-  <h2 id="information-collected">What information do we collect and why?</h2>
+  <h2 id="information-collected">Information We Collect</h2>
+  <p>
+    When you opt in to receive notifications via email using the form on our website, we collect, store, and process the
+    following information:
+  </p>
+  <ul>
+    <li><b>Email address:</b> Used to notify you when sign-ups open.</li>
+    <li><b>IP address:</b> For security purposes and spam prevention.</li>
+    <li><b>Approximate location:</b> The city and country inferred from your IP address.</li>
+    <li><b>Time of request:</b> To track and manage your request.</li>
+  </ul>
+
+  <h2 id="why-collect">Why We Collect Your Information</h2>
   <p>
-    When you ask to be notified when sign-ups open by using the form on our website, we collect and store your email so
-    we can notify you when sign-ups open.<br />
-    We also store the following information:
+    We collect this information to:
   </p>
   <ul>
-    <li>your IP address</li>
-    <li>your approximate location (the city and country we think you live in)</li>
-    <li>the time of day you sent the request</li>
+    <li>Notify you about the opening of sign-ups.</li>
+    <li>Ensure the security of our systems and prevent abuse or spam.</li>
+    <li>Improve the quality of our services based on user patterns and preferences.</li>
   </ul>
-  <p>We store this information for security purposes, and to prevent spam.</p>
 
-  <h2 id="lawful-bases">Our lawful bases for the collection and use of your data</h2>
+  <h2 id="lawful-bases">Our Lawful Bases for Processing Your Data</h2>
   <p>
-    We're allowed to collect your data because by submitting your data (for example, your email) you're consenting to
-    your information being collected. We do not collect information about you from third parties. We only collect the
-    data that you or your device gives us.
+    We process your data based on the consent you provide when submitting the sign-up notification form. We do not
+    collect information from third parties, and all data is obtained directly from you or your device. If you do not opt
+    in to receive email notifications, this policy does not apply to you. No data is sent, stored, or processed
+    otherwise.
   </p>
 
-  <h2 id="retention">How long do we keep your data?</h2>
+  <h2 id="retention">Data Retention Period</h2>
   <p>
-    When you ask to be notified when sign-ups open using the form on our website, we keep the information that you give
-    us until we send you that email and for no longer than 12 months.<br />
-    After then, we delete the information.
+    We retain your personal information in Google Cloud servers for up to 12 months, as outlined in the <a
+    href="#information-collected">Information We Collect</a> section. After this period,
+    your data will be permanently deleted. In most cases, your data is deleted shortly after
+    the notification email has been sent, but this is not guaranteed.
   </p>
 
-  <h2 id="sharing">Who do we share your information with?</h2>
-  <p>Your information is processed by:</p>
+  <h2 id="sharing">Data Sharing and Disclosure</h2>
+  <p>
+    We may share your information with the following entities. Note that these external organizations have their own
+    privacy policies, and we are not responsible for their actions:
+  </p>
   <ul>
-    <li>
-      Cloudflare, which hosts our website and processes your information. Their DPA is <a
-        href="https://www.cloudflare.com/en-gb/cloudflare-customer-dpa/">here</a
-      >, and by using our services you agree to it.
+    <li><b>Google:</b> We store your data on Google Cloud servers. By accepting our privacy policy you also consent to
+      <a href="https://cloud.google.com/terms/data-processing-addendum?hl=en">Google Clouds privacy policy</a>.
     </li>
-    <li>
-      Google, which securely stores your information for us to use when we need to. Their DPA <a
-        href="https://cloud.google.com/terms/data-processing-addendum/?hl=en">here</a
-      >, and by using our services you agree to it.
+    <li><b>Safeguarding and Legal Obligations:</b> We may share your data with government agencies or legal
+      authorities when required by law or for safeguarding reasons. This does not include private entities.
+    </li>
+    <li><b>With Your Consent:</b> Your data may be shared publicly on our website, social media, or other
+      marketing channels if you have explicitly given us consent.
     </li>
   </ul>
+
+  <h2 id="rights">Your Rights</h2>
   <p>
-    They are only allowed to use that information for the purposes of providing their services to us. They cannot use it
-    to, for example, sell you something.<br />
-    We may also share personal information with:
+    You generally have the following rights under applicable data protection laws:
   </p>
   <ul>
-    <li>Organisations we need to share information with for safeguarding reasons</li>
-    <li>Organisations we're legally obliged to share personal information with</li>
-    <li>With your consent, publicly on our website, social media or other marketing and information media</li>
+    <li><b>Access:</b> Request a copy of your data.</li>
+    <li><b>Rectification:</b> Request corrections to your data.</li>
+    <li><b>Erasure:</b> Request the deletion of your data.</li>
+    <li><b>Restriction:</b> Request limitations on the processing of your data.</li>
+    <li><b>Objection:</b> Object to certain types of data processing.</li>
   </ul>
 
-  <h2 id="complaints">Complaining about our use of your personal data</h2>
+  <h2 id="complaints">File a Complaint About Our Use of Your Data</h2>
   <p>
-    If you have any concerns about our use of your personal data, you can make a complaint to us using the contact
-    details at the top of this privacy notice.
+    If you have any concerns about how we handle your personal data or wish to have your data deleted, you can file a
+    complaint by contacting us at the email provided at the top of this privacy policy. To verify the request, please
+    contact us using the registered email address associated with the data, or provide proof that the data belongs to
+    you. Any additional information provided for the purpose of data deletion will not be saved, shared, or processed by
+    us.
   </p>
 
-  <h2 id="last-updated">Last updated</h2>
+  <h2 id="last-updated">Last Updated</h2>
   <p>
-    This privacy notice was last updated on the 5th of September, 2024. We may update this privacy notice at any time.
+    This privacy notice was last updated on the 7th of September, 2024. We may update this privacy notice at any time.
   </p>
 </Page>
diff --git a/src/routes/privacy/gdpr/+page.svelte b/src/routes/privacy/gdpr/+page.svelte
new file mode 100644
index 0000000..028dfd0
--- /dev/null
+++ b/src/routes/privacy/gdpr/+page.svelte
@@ -0,0 +1,92 @@
+<script>
+  import Page from '$lib/Page.svelte';
+</script>
+
+<Page title="GDPR Compliance">
+  <h1>GDPR Compliance Statement</h1>
+
+  <p>
+    Zenith Hacks and the Zenith Hacks Team (we, us) is committed to ensuring the privacy and protection of your personal
+    data in compliance with the
+    General Data Protection Regulation (GDPR).
+    This statement explains your additional rights as a data subject under the GDPR.
+    Please read our <a href="/privacy">Privacy Policy</a> for more information on how we collect,
+    store, and process personal data.
+  </p>
+
+  <h2>Data Controller</h2>
+  <p>
+    The Zenith Hacks Team is the data controller responsible for the processing of your personal data. If you have any
+    questions or concerns regarding the handling of your data, you may contact us at <a
+    href="mailto:gdpr@zenithhacks.org">gdpr@zenithhacks.org</a>. We will respond to your inquiries as soon as possible.
+    Please ensure that all emails adhere to our Code of Conduct.
+  </p>
+
+  <h2>Legal Basis for Processing Your Data</h2>
+  <p>
+    Under the GDPR, we process your personal data based on your <strong>explicit consent</strong>, which you provide
+    when you submit your email address via our sign-up notification form. We only process data that you have actively
+    submitted and do not collect any data from third parties or by you visiting the website. Not submitting your email
+    thus does not allow us to process any of your data.
+  </p>
+  <p>
+    You have the right to withdraw your consent at any time. If you withdraw your consent, we will stop processing your
+    personal data and ensure that it is fully deleted as soon as possible and within compliance of the GDPR.
+  </p>
+
+  <h2>Data Security</h2>
+  <p>
+    We take data security seriously and employ industry-standard measures to protect your personal information from
+    unauthorized access, misuse, or disclosure. Your data is stored on secure Google servers, <a
+    href="https://cloud.google.com/privacy/gdpr">which comply with GDPR
+    regulations </a>. We do not share your personal data with third parties unless required by law or with your explicit
+    consent.
+  </p>
+
+  <h2>Your Rights Under GDPR</h2>
+  <p>
+    As a data subject under the GDPR, you have the following rights regarding your personal data:
+  </p>
+  <ul>
+    <li><strong>Right of Access:</strong> You may request access to the personal data we hold about you.</li>
+    <li><strong>Right to Rectification:</strong> You may request corrections to any inaccurate or incomplete data.</li>
+    <li><strong>Right to Erasure ("Right to be Forgotten"):</strong> You may request the deletion of your personal data,
+      subject to certain conditions.
+    </li>
+    <li><strong>Right to Restriction of Processing:</strong> You may request that we restrict the processing of your
+      personal data in certain circumstances.
+    </li>
+    <li><strong>Right to Data Portability:</strong> You may request that we provide your data in a structured, commonly
+      used, and machine-readable format, or that we transfer it to another data controller.
+    </li>
+    <li><strong>Right to Object:</strong> You may object to the processing of your personal data in certain
+      circumstances, such as for direct marketing purposes.
+    </li>
+  </ul>
+
+  <h2>Exercising Your Rights</h2>
+  <p>
+    To exercise any of your rights under the GDPR, please contact us at <a href="mailto:data@zenithhacks.org">data@zenithhacks.org</a>.
+    We may require proof of identity to process your request and will respond within 30 days.
+  </p>
+
+  <h2>International Transfers</h2>
+  <p>
+    If we transfer your personal data outside of the European Economic Area (EEA), we ensure that the data is protected
+    to GDPR standards through appropriate safeguards, such as standard contractual clauses or by working with
+    GDPR-compliant service providers like Google.
+  </p>
+
+  <h2>Filing a Complaint</h2>
+  <p>
+    If you believe that we are not processing your personal data in accordance with the GDPR, you have the right to file
+    a complaint with your local data protection authority or supervisory authority in the European Union.
+    You may find their contact info <a href="https://www.edpb.europa.eu/about-edpb/about-edpb/members_en">here</a>.
+  </p>
+
+  <h2>Updates to This GDPR Compliance Statement</h2>
+  <p>
+    This GDPR Compliance Statement was last updated on the 7th of September 2024.
+    We may update this statement from time to time to reflect changes in our processing activities or legal obligations.
+  </p>
+</Page>

From 6e8890058405e3d1eb9e738bdec2915ed06055fd Mon Sep 17 00:00:00 2001
From: Sarah C <144068104+iamawatermelo@users.noreply.github.com>
Date: Sat, 7 Sep 2024 19:53:36 +0100
Subject: [PATCH 3/9] tone

---
 src/routes/privacy/+page.svelte      | 101 +++++++++++++++------------
 src/routes/privacy/gdpr/+page.svelte |  18 ++---
 2 files changed, 64 insertions(+), 55 deletions(-)

diff --git a/src/routes/privacy/+page.svelte b/src/routes/privacy/+page.svelte
index 6b2d916..054d006 100644
--- a/src/routes/privacy/+page.svelte
+++ b/src/routes/privacy/+page.svelte
@@ -5,55 +5,55 @@
 <Page title="Privacy">
   <h1>Privacy Policy</h1>
 
-  <p>This privacy policy explains how the Zenith Hacks Team (referred to as "we" or "us") handles your personal
-    information. For residents of the European Union (EU) please also refer to our <a
-      href="/privacy/gdpr">GDPR</a> Statement for specific regulations that apply to you.</p>
+  <p>This privacy policy explains how Zenith and the Zenith team (referred to as "we" or "us") handles your personal
+    information. For residents of the European Economic Area (EEA) or the United Kingdom (UK) please also refer to our <a
+      href="/privacy/gdpr">GDPR statement</a> for regulations that apply to you.</p>
 
-  <h2>Table of Contents</h2>
+  <h2>Table of contents</h2>
   <ul>
-    <li><a href="#contact">Contact Details</a></li>
-    <li><a href="#information-collected">Information We Collect</a></li>
-    <li><a href="#why-collect">Why We Collect Your Information</a></li>
-    <li><a href="#lawful-bases">Our Lawful Bases for Processing Your Data</a></li>
-    <li><a href="#retention">Data Retention Period</a></li>
-    <li><a href="#sharing">Data Sharing and Disclosure</a></li>
-    <li><a href="#last-updated">Last Updated</a></li>
-    <br>
-    <li><a href="#rights">Your Rights</a></li>
-    <li><a href="#complaints">File a Complaint About Our Use of Your Data</a></li>
-
+    <li><a href="#contact">Contact details</a></li>
+    <li><a href="#information-collected">Information we collect</a></li>
+    <li><a href="#why-collect">Why we collect your information</a></li>
+    <li><a href="#lawful-bases">Our lawful bases for processing your data</a></li>
+    <li><a href="#sharing">Who we share your data with and why</a></li>
+    <li><a href="#retention">How long we keep your data for</a></li>
+    <li><a href="#last-updated">Last updated</a></li>
+    <li><a href="#rights">Your rights</a></li>
+    <li><a href="#accessibility">Accessibility</a></li
+    <li><a href="#complaints">Complain about our use of your data</a></li>
   </ul>
 
-  <h2 id="contact">Contact Details</h2>
+  <h2 id="contact">Contact details</h2>
   <p>
     If you have any concerns or questions regarding data protection, please reach out to us at <a
-    href="mailto:data@zenithhacks.org">data@zenithhacks.org</a>. We will respond to your inquiries as soon as possible.
+    href="mailto:data@zenithhacks.org">data@zenithhacks.org</a>. We'll respond to you as soon as possible.
     Please ensure that all emails adhere to our Code of Conduct.
   </p>
 
-  <h2 id="information-collected">Information We Collect</h2>
+  <h2 id="information-collected">Information we collect</h2>
   <p>
-    When you opt in to receive notifications via email using the form on our website, we collect, store, and process the
+    When you opt in to receive a notification via email using the form on our website, we collect, store, and process the
     following information:
   </p>
   <ul>
     <li><b>Email address:</b> Used to notify you when sign-ups open.</li>
-    <li><b>IP address:</b> For security purposes and spam prevention.</li>
-    <li><b>Approximate location:</b> The city and country inferred from your IP address.</li>
-    <li><b>Time of request:</b> To track and manage your request.</li>
+    <li><b>IP address, approximate location and time of request:</b> For security purposes and spam prevention.</li>
   </ul>
+  <p>
+    We'll delete all of your data securely shortly after we have sent the email you signed up for, and no later than 12 months since you gave us the data, as outlined in the <a href="#retention">how long we keep your data for</a> section.
+  </p>
 
-  <h2 id="why-collect">Why We Collect Your Information</h2>
+  <h2 id="why-collect">Why we collect your information</h2>
   <p>
-    We collect this information to:
+    We collect the information you give us to:
   </p>
   <ul>
-    <li>Notify you about the opening of sign-ups.</li>
+    <li>Provide the service you signed up for&mdash;for example, to send you an email when our sign up form opens.</li>
     <li>Ensure the security of our systems and prevent abuse or spam.</li>
     <li>Improve the quality of our services based on user patterns and preferences.</li>
   </ul>
 
-  <h2 id="lawful-bases">Our Lawful Bases for Processing Your Data</h2>
+  <h2 id="lawful-bases">Our lawful bases for processing your data</h2>
   <p>
     We process your data based on the consent you provide when submitting the sign-up notification form. We do not
     collect information from third parties, and all data is obtained directly from you or your device. If you do not opt
@@ -61,34 +61,35 @@
     otherwise.
   </p>
 
-  <h2 id="retention">Data Retention Period</h2>
-  <p>
-    We retain your personal information in Google Cloud servers for up to 12 months, as outlined in the <a
-    href="#information-collected">Information We Collect</a> section. After this period,
-    your data will be permanently deleted. In most cases, your data is deleted shortly after
-    the notification email has been sent, but this is not guaranteed.
-  </p>
-
-  <h2 id="sharing">Data Sharing and Disclosure</h2>
+  <h2 id="sharing">Who we share your data with and why</h2>
   <p>
-    We may share your information with the following entities. Note that these external organizations have their own
-    privacy policies, and we are not responsible for their actions:
+    We may share your information with the following entities:
   </p>
   <ul>
-    <li><b>Google:</b> We store your data on Google Cloud servers. By accepting our privacy policy you also consent to
-      <a href="https://cloud.google.com/terms/data-processing-addendum?hl=en">Google Clouds privacy policy</a>.
+    <li><b>Google:</b> We store your data on Google Cloud's servers. See
+      <a href="https://cloud.google.com/terms/data-processing-addendum?hl=en">Google Cloud's data processing addendum</a>.
     </li>
     <li><b>Safeguarding and Legal Obligations:</b> We may share your data with government agencies or legal
-      authorities when required by law or for safeguarding reasons. This does not include private entities.
+      authorities when required by law or for safeguarding reasons.
     </li>
     <li><b>With Your Consent:</b> Your data may be shared publicly on our website, social media, or other
-      marketing channels if you have explicitly given us consent.
+      marketing channels if you have told us you consent to this.
     </li>
   </ul>
+  <p>
+    We may add or remove subprocessors at any time. They are under the same obligation as us to keep your data secure and to delete it when you or we request them to.
+  </p>
+  
+  <h2 id="retention">How long we keep your data for</h2>
+  <p>
+    We keep your personal information with our subprocesses for up to 12 months, as outlined in the <a
+    href="#information-collected">information we collect</a> section. However, we may delete your data sooner than this. After this period,
+    your data will be permanently deleted.
+  </p>
 
-  <h2 id="rights">Your Rights</h2>
+  <h2 id="rights">Your rights</h2>
   <p>
-    You generally have the following rights under applicable data protection laws:
+    Your country may have data protection rights that apply to you. In most countries, you have the right to:
   </p>
   <ul>
     <li><b>Access:</b> Request a copy of your data.</li>
@@ -97,14 +98,22 @@
     <li><b>Restriction:</b> Request limitations on the processing of your data.</li>
     <li><b>Objection:</b> Object to certain types of data processing.</li>
   </ul>
+  <p>
+    If you would like to exercise any of your rights, see the <a href="contact">contact details</a> section of this page.
+  </p>
 
-  <h2 id="complaints">File a Complaint About Our Use of Your Data</h2>
+  <h2 id="complaints">Complain about our use of your data</h2>
   <p>
     If you have any concerns about how we handle your personal data or wish to have your data deleted, you can file a
     complaint by contacting us at the email provided at the top of this privacy policy. To verify the request, please
     contact us using the registered email address associated with the data, or provide proof that the data belongs to
-    you. Any additional information provided for the purpose of data deletion will not be saved, shared, or processed by
-    us.
+    you. Any additional information provided for the purpose of data deletion will be deleted after the request has been dealt with.
+  </p>
+  
+  <h2 id="accessibility">Accessibility</h2>
+  <p>
+    If you require an accessible version of this website, please email <a href="mailto:accessibility@zenithhacks.org">accessibility@zenithhacks.org</a> and we'll get back to you shortly.
+    Please ensure that all emails adhere to our Code of Conduct.
   </p>
 
   <h2 id="last-updated">Last Updated</h2>
diff --git a/src/routes/privacy/gdpr/+page.svelte b/src/routes/privacy/gdpr/+page.svelte
index 028dfd0..7afdeb3 100644
--- a/src/routes/privacy/gdpr/+page.svelte
+++ b/src/routes/privacy/gdpr/+page.svelte
@@ -2,11 +2,11 @@
   import Page from '$lib/Page.svelte';
 </script>
 
-<Page title="GDPR Compliance">
-  <h1>GDPR Compliance Statement</h1>
+<Page title="GDPR compliance">
+  <h1>GDPR compliance statement</h1>
 
   <p>
-    Zenith Hacks and the Zenith Hacks Team (we, us) is committed to ensuring the privacy and protection of your personal
+    Zenith and the Zenith team (we, us) is committed to ensuring the privacy and protection of your personal
     data in compliance with the
     General Data Protection Regulation (GDPR).
     This statement explains your additional rights as a data subject under the GDPR.
@@ -18,7 +18,7 @@
   <p>
     The Zenith Hacks Team is the data controller responsible for the processing of your personal data. If you have any
     questions or concerns regarding the handling of your data, you may contact us at <a
-    href="mailto:gdpr@zenithhacks.org">gdpr@zenithhacks.org</a>. We will respond to your inquiries as soon as possible.
+    href="mailto:data@zenithhacks.org">data@zenithhacks.org</a>. We will respond to your inquiries as soon as possible.
     Please ensure that all emails adhere to our Code of Conduct.
   </p>
 
@@ -37,7 +37,7 @@
   <h2>Data Security</h2>
   <p>
     We take data security seriously and employ industry-standard measures to protect your personal information from
-    unauthorized access, misuse, or disclosure. Your data is stored on secure Google servers, <a
+    unauthorized access, misuse, or disclosure. Your data is stored on Google's servers, <a
     href="https://cloud.google.com/privacy/gdpr">which comply with GDPR
     regulations </a>. We do not share your personal data with third parties unless required by law or with your explicit
     consent.
@@ -67,7 +67,7 @@
   <h2>Exercising Your Rights</h2>
   <p>
     To exercise any of your rights under the GDPR, please contact us at <a href="mailto:data@zenithhacks.org">data@zenithhacks.org</a>.
-    We may require proof of identity to process your request and will respond within 30 days.
+    We may require proof that the data belongs to you before we can process your request. We will respond as soon as possible and no later than 30 days after we have recieved your request.
   </p>
 
   <h2>International Transfers</h2>
@@ -80,13 +80,13 @@
   <h2>Filing a Complaint</h2>
   <p>
     If you believe that we are not processing your personal data in accordance with the GDPR, you have the right to file
-    a complaint with your local data protection authority or supervisory authority in the European Union.
-    You may find their contact info <a href="https://www.edpb.europa.eu/about-edpb/about-edpb/members_en">here</a>.
+    a complaint with your <a href="https://www.edpb.europa.eu/about-edpb/about-edpb/members_en">local data protection authority or supervisory authority in the EEA</a>.
+    In the UK, this is the <a href="https://ico.org.uk/">ICO</a>.
   </p>
 
   <h2>Updates to This GDPR Compliance Statement</h2>
   <p>
     This GDPR Compliance Statement was last updated on the 7th of September 2024.
-    We may update this statement from time to time to reflect changes in our processing activities or legal obligations.
+    We may update this statement at any time to reflect changes in our processing activities or legal obligations.
   </p>
 </Page>

From 3083b884d479e6d2d5c35e58c70d1a8002c35b9c Mon Sep 17 00:00:00 2001
From: Sarah C <144068104+iamawatermelo@users.noreply.github.com>
Date: Sat, 7 Sep 2024 19:55:45 +0100
Subject: [PATCH 4/9] forgot to format before push

---
 .lighthouserc.json                   |  8 ++--
 src/lib/Page.svelte                  |  2 +-
 src/routes/privacy/+page.svelte      | 67 +++++++++++++++-------------
 src/routes/privacy/gdpr/+page.svelte | 58 +++++++++++++-----------
 4 files changed, 72 insertions(+), 63 deletions(-)

diff --git a/.lighthouserc.json b/.lighthouserc.json
index 217730c..d84e99e 100644
--- a/.lighthouserc.json
+++ b/.lighthouserc.json
@@ -9,10 +9,10 @@
     },
     "assert": {
       "assertions": {
-        "categories:performance": ["warn", {"minScore": 0.95}],
-        "categories:accessibility": ["error", {"minScore": 1}],
-        "categories:best-practices": ["error", {"minScore": 1}],
-        "categories:seo": ["error", {"minScore": 1}]
+        "categories:performance": ["warn", { "minScore": 0.95 }],
+        "categories:accessibility": ["error", { "minScore": 1 }],
+        "categories:best-practices": ["error", { "minScore": 1 }],
+        "categories:seo": ["error", { "minScore": 1 }]
       }
     }
   }
diff --git a/src/lib/Page.svelte b/src/lib/Page.svelte
index 5aa3274..258f1fd 100644
--- a/src/lib/Page.svelte
+++ b/src/lib/Page.svelte
@@ -34,4 +34,4 @@
   div :global(a:hover) {
     text-decoration: underline;
   }
-</style>
\ No newline at end of file
+</style>
diff --git a/src/routes/privacy/+page.svelte b/src/routes/privacy/+page.svelte
index 054d006..521083e 100644
--- a/src/routes/privacy/+page.svelte
+++ b/src/routes/privacy/+page.svelte
@@ -5,9 +5,12 @@
 <Page title="Privacy">
   <h1>Privacy Policy</h1>
 
-  <p>This privacy policy explains how Zenith and the Zenith team (referred to as "we" or "us") handles your personal
+  <p>
+    This privacy policy explains how Zenith and the Zenith team (referred to as "we" or "us") handles your personal
     information. For residents of the European Economic Area (EEA) or the United Kingdom (UK) please also refer to our <a
-      href="/privacy/gdpr">GDPR statement</a> for regulations that apply to you.</p>
+      href="/privacy/gdpr">GDPR statement</a
+    > for regulations that apply to you.
+  </p>
 
   <h2>Table of contents</h2>
   <ul>
@@ -19,34 +22,33 @@
     <li><a href="#retention">How long we keep your data for</a></li>
     <li><a href="#last-updated">Last updated</a></li>
     <li><a href="#rights">Your rights</a></li>
-    <li><a href="#accessibility">Accessibility</a></li
+    <li><a href="#accessibility">Accessibility</a></li>
     <li><a href="#complaints">Complain about our use of your data</a></li>
   </ul>
 
   <h2 id="contact">Contact details</h2>
   <p>
     If you have any concerns or questions regarding data protection, please reach out to us at <a
-    href="mailto:data@zenithhacks.org">data@zenithhacks.org</a>. We'll respond to you as soon as possible.
-    Please ensure that all emails adhere to our Code of Conduct.
+      href="mailto:data@zenithhacks.org">data@zenithhacks.org</a
+    >. We'll respond to you as soon as possible. Please ensure that all emails adhere to our Code of Conduct.
   </p>
 
   <h2 id="information-collected">Information we collect</h2>
   <p>
-    When you opt in to receive a notification via email using the form on our website, we collect, store, and process the
-    following information:
+    When you opt in to receive a notification via email using the form on our website, we collect, store, and process
+    the following information:
   </p>
   <ul>
     <li><b>Email address:</b> Used to notify you when sign-ups open.</li>
     <li><b>IP address, approximate location and time of request:</b> For security purposes and spam prevention.</li>
   </ul>
   <p>
-    We'll delete all of your data securely shortly after we have sent the email you signed up for, and no later than 12 months since you gave us the data, as outlined in the <a href="#retention">how long we keep your data for</a> section.
+    We'll delete all of your data securely shortly after we have sent the email you signed up for, and no later than 12
+    months since you gave us the data, as outlined in the <a href="#retention">how long we keep your data for</a> section.
   </p>
 
   <h2 id="why-collect">Why we collect your information</h2>
-  <p>
-    We collect the information you give us to:
-  </p>
+  <p>We collect the information you give us to:</p>
   <ul>
     <li>Provide the service you signed up for&mdash;for example, to send you an email when our sign up form opens.</li>
     <li>Ensure the security of our systems and prevent abuse or spam.</li>
@@ -62,35 +64,36 @@
   </p>
 
   <h2 id="sharing">Who we share your data with and why</h2>
-  <p>
-    We may share your information with the following entities:
-  </p>
+  <p>We may share your information with the following entities:</p>
   <ul>
-    <li><b>Google:</b> We store your data on Google Cloud's servers. See
-      <a href="https://cloud.google.com/terms/data-processing-addendum?hl=en">Google Cloud's data processing addendum</a>.
+    <li>
+      <b>Google:</b> We store your data on Google Cloud's servers. See
+      <a href="https://cloud.google.com/terms/data-processing-addendum?hl=en">Google Cloud's data processing addendum</a
+      >.
     </li>
-    <li><b>Safeguarding and Legal Obligations:</b> We may share your data with government agencies or legal
-      authorities when required by law or for safeguarding reasons.
+    <li>
+      <b>Safeguarding and Legal Obligations:</b> We may share your data with government agencies or legal authorities when
+      required by law or for safeguarding reasons.
     </li>
-    <li><b>With Your Consent:</b> Your data may be shared publicly on our website, social media, or other
-      marketing channels if you have told us you consent to this.
+    <li>
+      <b>With Your Consent:</b> Your data may be shared publicly on our website, social media, or other marketing channels
+      if you have told us you consent to this.
     </li>
   </ul>
   <p>
-    We may add or remove subprocessors at any time. They are under the same obligation as us to keep your data secure and to delete it when you or we request them to.
+    We may add or remove subprocessors at any time. They are under the same obligation as us to keep your data secure
+    and to delete it when you or we request them to.
   </p>
-  
+
   <h2 id="retention">How long we keep your data for</h2>
   <p>
     We keep your personal information with our subprocesses for up to 12 months, as outlined in the <a
-    href="#information-collected">information we collect</a> section. However, we may delete your data sooner than this. After this period,
-    your data will be permanently deleted.
+      href="#information-collected">information we collect</a
+    > section. However, we may delete your data sooner than this. After this period, your data will be permanently deleted.
   </p>
 
   <h2 id="rights">Your rights</h2>
-  <p>
-    Your country may have data protection rights that apply to you. In most countries, you have the right to:
-  </p>
+  <p>Your country may have data protection rights that apply to you. In most countries, you have the right to:</p>
   <ul>
     <li><b>Access:</b> Request a copy of your data.</li>
     <li><b>Rectification:</b> Request corrections to your data.</li>
@@ -107,13 +110,15 @@
     If you have any concerns about how we handle your personal data or wish to have your data deleted, you can file a
     complaint by contacting us at the email provided at the top of this privacy policy. To verify the request, please
     contact us using the registered email address associated with the data, or provide proof that the data belongs to
-    you. Any additional information provided for the purpose of data deletion will be deleted after the request has been dealt with.
+    you. Any additional information provided for the purpose of data deletion will be deleted after the request has been
+    dealt with.
   </p>
-  
+
   <h2 id="accessibility">Accessibility</h2>
   <p>
-    If you require an accessible version of this website, please email <a href="mailto:accessibility@zenithhacks.org">accessibility@zenithhacks.org</a> and we'll get back to you shortly.
-    Please ensure that all emails adhere to our Code of Conduct.
+    If you require an accessible version of this website, please email <a href="mailto:accessibility@zenithhacks.org"
+      >accessibility@zenithhacks.org</a
+    > and we'll get back to you shortly. Please ensure that all emails adhere to our Code of Conduct.
   </p>
 
   <h2 id="last-updated">Last Updated</h2>
diff --git a/src/routes/privacy/gdpr/+page.svelte b/src/routes/privacy/gdpr/+page.svelte
index 7afdeb3..ead9d40 100644
--- a/src/routes/privacy/gdpr/+page.svelte
+++ b/src/routes/privacy/gdpr/+page.svelte
@@ -6,11 +6,9 @@
   <h1>GDPR compliance statement</h1>
 
   <p>
-    Zenith and the Zenith team (we, us) is committed to ensuring the privacy and protection of your personal
-    data in compliance with the
-    General Data Protection Regulation (GDPR).
-    This statement explains your additional rights as a data subject under the GDPR.
-    Please read our <a href="/privacy">Privacy Policy</a> for more information on how we collect,
+    Zenith and the Zenith team (we, us) is committed to ensuring the privacy and protection of your personal data in
+    compliance with the General Data Protection Regulation (GDPR). This statement explains your additional rights as a
+    data subject under the GDPR. Please read our <a href="/privacy">Privacy Policy</a> for more information on how we collect,
     store, and process personal data.
   </p>
 
@@ -18,8 +16,9 @@
   <p>
     The Zenith Hacks Team is the data controller responsible for the processing of your personal data. If you have any
     questions or concerns regarding the handling of your data, you may contact us at <a
-    href="mailto:data@zenithhacks.org">data@zenithhacks.org</a>. We will respond to your inquiries as soon as possible.
-    Please ensure that all emails adhere to our Code of Conduct.
+      href="mailto:data@zenithhacks.org">data@zenithhacks.org</a
+    >. We will respond to your inquiries as soon as possible. Please ensure that all emails adhere to our Code of
+    Conduct.
   </p>
 
   <h2>Legal Basis for Processing Your Data</h2>
@@ -38,36 +37,40 @@
   <p>
     We take data security seriously and employ industry-standard measures to protect your personal information from
     unauthorized access, misuse, or disclosure. Your data is stored on Google's servers, <a
-    href="https://cloud.google.com/privacy/gdpr">which comply with GDPR
-    regulations </a>. We do not share your personal data with third parties unless required by law or with your explicit
-    consent.
+      href="https://cloud.google.com/privacy/gdpr"
+      >which comply with GDPR regulations
+    </a>. We do not share your personal data with third parties unless required by law or with your explicit consent.
   </p>
 
   <h2>Your Rights Under GDPR</h2>
-  <p>
-    As a data subject under the GDPR, you have the following rights regarding your personal data:
-  </p>
+  <p>As a data subject under the GDPR, you have the following rights regarding your personal data:</p>
   <ul>
     <li><strong>Right of Access:</strong> You may request access to the personal data we hold about you.</li>
     <li><strong>Right to Rectification:</strong> You may request corrections to any inaccurate or incomplete data.</li>
-    <li><strong>Right to Erasure ("Right to be Forgotten"):</strong> You may request the deletion of your personal data,
-      subject to certain conditions.
+    <li>
+      <strong>Right to Erasure ("Right to be Forgotten"):</strong> You may request the deletion of your personal data, subject
+      to certain conditions.
     </li>
-    <li><strong>Right to Restriction of Processing:</strong> You may request that we restrict the processing of your
-      personal data in certain circumstances.
+    <li>
+      <strong>Right to Restriction of Processing:</strong> You may request that we restrict the processing of your personal
+      data in certain circumstances.
     </li>
-    <li><strong>Right to Data Portability:</strong> You may request that we provide your data in a structured, commonly
-      used, and machine-readable format, or that we transfer it to another data controller.
+    <li>
+      <strong>Right to Data Portability:</strong> You may request that we provide your data in a structured, commonly used,
+      and machine-readable format, or that we transfer it to another data controller.
     </li>
-    <li><strong>Right to Object:</strong> You may object to the processing of your personal data in certain
-      circumstances, such as for direct marketing purposes.
+    <li>
+      <strong>Right to Object:</strong> You may object to the processing of your personal data in certain circumstances,
+      such as for direct marketing purposes.
     </li>
   </ul>
 
   <h2>Exercising Your Rights</h2>
   <p>
-    To exercise any of your rights under the GDPR, please contact us at <a href="mailto:data@zenithhacks.org">data@zenithhacks.org</a>.
-    We may require proof that the data belongs to you before we can process your request. We will respond as soon as possible and no later than 30 days after we have recieved your request.
+    To exercise any of your rights under the GDPR, please contact us at <a href="mailto:data@zenithhacks.org"
+      >data@zenithhacks.org</a
+    >. We may require proof that the data belongs to you before we can process your request. We will respond as soon as
+    possible and no later than 30 days after we have recieved your request.
   </p>
 
   <h2>International Transfers</h2>
@@ -80,13 +83,14 @@
   <h2>Filing a Complaint</h2>
   <p>
     If you believe that we are not processing your personal data in accordance with the GDPR, you have the right to file
-    a complaint with your <a href="https://www.edpb.europa.eu/about-edpb/about-edpb/members_en">local data protection authority or supervisory authority in the EEA</a>.
-    In the UK, this is the <a href="https://ico.org.uk/">ICO</a>.
+    a complaint with your <a href="https://www.edpb.europa.eu/about-edpb/about-edpb/members_en"
+      >local data protection authority or supervisory authority in the EEA</a
+    >. In the UK, this is the <a href="https://ico.org.uk/">ICO</a>.
   </p>
 
   <h2>Updates to This GDPR Compliance Statement</h2>
   <p>
-    This GDPR Compliance Statement was last updated on the 7th of September 2024.
-    We may update this statement at any time to reflect changes in our processing activities or legal obligations.
+    This GDPR Compliance Statement was last updated on the 7th of September 2024. We may update this statement at any
+    time to reflect changes in our processing activities or legal obligations.
   </p>
 </Page>

From e68519acf2f24f8a69c24b8eb5ea0fc1b5071357 Mon Sep 17 00:00:00 2001
From: Sarah C <144068104+iamawatermelo@users.noreply.github.com>
Date: Sat, 7 Sep 2024 20:05:32 +0100
Subject: [PATCH 5/9] break up the page for readability

---
 src/lib/Page.svelte             |  6 ++++++
 src/routes/privacy/+page.svelte | 23 +++++++++++++++++++++--
 2 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/src/lib/Page.svelte b/src/lib/Page.svelte
index 258f1fd..8118299 100644
--- a/src/lib/Page.svelte
+++ b/src/lib/Page.svelte
@@ -34,4 +34,10 @@
   div :global(a:hover) {
     text-decoration: underline;
   }
+
+  div :global(hr) {
+    border-top: 1px solid rgb(var(--fg));
+    opacity: 50%;
+    margin-top: 2em;
+  }
 </style>
diff --git a/src/routes/privacy/+page.svelte b/src/routes/privacy/+page.svelte
index 521083e..39c782f 100644
--- a/src/routes/privacy/+page.svelte
+++ b/src/routes/privacy/+page.svelte
@@ -12,20 +12,27 @@
     > for regulations that apply to you.
   </p>
 
+  <hr />
+
   <h2>Table of contents</h2>
   <ul>
     <li><a href="#contact">Contact details</a></li>
+    <div class="gap"></div>
     <li><a href="#information-collected">Information we collect</a></li>
     <li><a href="#why-collect">Why we collect your information</a></li>
     <li><a href="#lawful-bases">Our lawful bases for processing your data</a></li>
     <li><a href="#sharing">Who we share your data with and why</a></li>
     <li><a href="#retention">How long we keep your data for</a></li>
-    <li><a href="#last-updated">Last updated</a></li>
+    <div class="gap"></div>
     <li><a href="#rights">Your rights</a></li>
-    <li><a href="#accessibility">Accessibility</a></li>
     <li><a href="#complaints">Complain about our use of your data</a></li>
+    <div class="gap"></div>
+    <li><a href="#accessibility">Accessibility</a></li>
+    <li><a href="#last-updated">Last updated</a></li>
   </ul>
 
+  <hr />
+
   <h2 id="contact">Contact details</h2>
   <p>
     If you have any concerns or questions regarding data protection, please reach out to us at <a
@@ -33,6 +40,8 @@
     >. We'll respond to you as soon as possible. Please ensure that all emails adhere to our Code of Conduct.
   </p>
 
+  <hr />
+
   <h2 id="information-collected">Information we collect</h2>
   <p>
     When you opt in to receive a notification via email using the form on our website, we collect, store, and process
@@ -92,6 +101,8 @@
     > section. However, we may delete your data sooner than this. After this period, your data will be permanently deleted.
   </p>
 
+  <hr />
+
   <h2 id="rights">Your rights</h2>
   <p>Your country may have data protection rights that apply to you. In most countries, you have the right to:</p>
   <ul>
@@ -114,6 +125,8 @@
     dealt with.
   </p>
 
+  <hr />
+
   <h2 id="accessibility">Accessibility</h2>
   <p>
     If you require an accessible version of this website, please email <a href="mailto:accessibility@zenithhacks.org"
@@ -126,3 +139,9 @@
     This privacy notice was last updated on the 7th of September, 2024. We may update this privacy notice at any time.
   </p>
 </Page>
+
+<style>
+  .gap {
+    padding-top: 0.5em;
+  }
+</style>

From cadb566f07844d6e52dc384257b09078c7a3fabc Mon Sep 17 00:00:00 2001
From: Sarah C <144068104+iamawatermelo@users.noreply.github.com>
Date: Mon, 9 Sep 2024 01:12:00 +0100
Subject: [PATCH 6/9] fmt + this is just how it was before lol

---
 .lighthouserc.json              | 8 ++++----
 src/routes/+page.svelte         | 9 ++++-----
 src/routes/privacy/+page.svelte | 8 +++++---
 3 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/.lighthouserc.json b/.lighthouserc.json
index 553ee06..cd5831a 100644
--- a/.lighthouserc.json
+++ b/.lighthouserc.json
@@ -9,10 +9,10 @@
     },
     "assert": {
       "assertions": {
-        "categories:performance": ["error", {"minScore": 0.98}],
-        "categories:accessibility": ["error", {"minScore": 1}],
-        "categories:best-practices": ["error", {"minScore": 1}],
-        "categories:seo": ["error", {"minScore": 1}]
+        "categories:performance": ["error", { "minScore": 0.98 }],
+        "categories:accessibility": ["error", { "minScore": 1 }],
+        "categories:best-practices": ["error", { "minScore": 1 }],
+        "categories:seo": ["error", { "minScore": 1 }]
       }
     }
   }
diff --git a/src/routes/+page.svelte b/src/routes/+page.svelte
index 883a639..40e5b88 100644
--- a/src/routes/+page.svelte
+++ b/src/routes/+page.svelte
@@ -88,7 +88,7 @@
     <div class="scenery-hill-wrapper" style="z-index: 3; --fill: var(--bg-10); --last-fill: var(--bg-20)">
       <Hill2></Hill2>
     </div>
-    
+
     <RotatingSphere style="z-index: 3" />
 
     <div class="scenery-hill-wrapper" style="z-index: 5; --fill: var(--bg); --last-fill: var(--bg-10)">
@@ -166,14 +166,13 @@
   <div class="sponsors">
     <p>John Tan-Aristy</p>
   </div>
-  
+
   <div class="info">
     <p>
       If you'd like to help out, you can
       <a href="https://hcb.hackclub.com/donations/start/zenithhacks">donate to us as an individual</a>
       or get in touch at
-      <a href="mailto:team@zenithhacks.org">team@zenithhacks.org</a>.
-      Thank you!
+      <a href="mailto:team@zenithhacks.org">team@zenithhacks.org</a>. Thank you!
     </p>
   </div>
 </article>
@@ -259,7 +258,7 @@
     .zenith-header {
       padding: 4em;
     }
-    
+
     .scenery > :global(svg) {
       display: block;
     }
diff --git a/src/routes/privacy/+page.svelte b/src/routes/privacy/+page.svelte
index 39c782f..b50dba6 100644
--- a/src/routes/privacy/+page.svelte
+++ b/src/routes/privacy/+page.svelte
@@ -45,11 +45,13 @@
   <h2 id="information-collected">Information we collect</h2>
   <p>
     When you opt in to receive a notification via email using the form on our website, we collect, store, and process
-    the following information:
+    your email address to notify you when sign-ups open. We also collect, store and process the following information
+    for security purposes and to prevent spam:
   </p>
   <ul>
-    <li><b>Email address:</b> Used to notify you when sign-ups open.</li>
-    <li><b>IP address, approximate location and time of request:</b> For security purposes and spam prevention.</li>
+    <li>Your IP address</li>
+    <li>Your approximate location</li>
+    <li>When you sent the request</li>
   </ul>
   <p>
     We'll delete all of your data securely shortly after we have sent the email you signed up for, and no later than 12

From 911d3d7d8b8ccbcfa4eaa6988356d0894d34d208 Mon Sep 17 00:00:00 2001
From: Sarah C <144068104+iamawatermelo@users.noreply.github.com>
Date: Mon, 9 Sep 2024 01:13:57 +0100
Subject: [PATCH 7/9] we're not responsible for subprocessors' actions

---
 src/routes/privacy/+page.svelte | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/routes/privacy/+page.svelte b/src/routes/privacy/+page.svelte
index b50dba6..b8df2c0 100644
--- a/src/routes/privacy/+page.svelte
+++ b/src/routes/privacy/+page.svelte
@@ -92,8 +92,9 @@
     </li>
   </ul>
   <p>
-    We may add or remove subprocessors at any time. They are under the same obligation as us to keep your data secure
-    and to delete it when you or we request them to.
+    We may add or remove subprocessors at any time. While they are under the same obligation as us to keep your data
+    secure and to delete it when you or we request them to, we're not responsible for their actions, omissions or
+    conduct of our subprocessors to the fullest extent applicable by law.
   </p>
 
   <h2 id="retention">How long we keep your data for</h2>

From b41ce138bbde3c7799f423b43b2ad4cb78666fb5 Mon Sep 17 00:00:00 2001
From: Karl <61626414+snaeker58@users.noreply.github.com>
Date: Mon, 9 Sep 2024 21:12:20 +0200
Subject: [PATCH 8/9] feat: Code of Conduct

---
 src/routes/+layout.svelte       |   3 +-
 src/routes/conduct/+page.svelte | 163 ++++++++++++++++++++++++++++++++
 2 files changed, 164 insertions(+), 2 deletions(-)
 create mode 100644 src/routes/conduct/+page.svelte

diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
index 1703fa6..ca1095b 100644
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -60,8 +60,7 @@
       <div class="links">
         <p class="title">Legal</p>
         <ul>
-          <!-- TODO: Add link to Code of Conduct (which does not exist yet) -->
-          <li><a href="/404">Code of Conduct</a></li>
+          <li><a href="/conduct">Code of Conduct</a></li>
           <li><a href="/privacy">Privacy policy</a></li>
           <li><a href="/privacy/gdpr">GDPR compliance</a></li>
         </ul>
diff --git a/src/routes/conduct/+page.svelte b/src/routes/conduct/+page.svelte
new file mode 100644
index 0000000..201ecc6
--- /dev/null
+++ b/src/routes/conduct/+page.svelte
@@ -0,0 +1,163 @@
+<script>
+  import Page from '$lib/Page.svelte';
+</script>
+
+<Page title="Code of Conduct">
+  <h1>Code of Conduct</h1>
+  <h2>Our Pledge</h2>
+
+  <p>
+    We as members, contributors, and leaders pledge to make participation in our hackathon a harassment-free experience
+    for everyone,
+    regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and
+    expression,
+    level of experience, education, socio-economic status, nationality, personal appearance, race, caste, color,
+    religion, or sexual
+    identity and orientation. We pledge to act and interact in ways that contribute to an open, welcoming, diverse,
+    inclusive, and
+    healthy community.
+  </p>
+
+  <h2>Table of contents</h2>
+  <ul>
+    <li><a href="#standards">Our Standards</a></li>
+    <div class="gap"></div>
+    <li><a href="#responsibilities">Enforcement Responsibilities</a></li>
+    <li><a href="#scope">Scope</a></li>
+    <li><a href="#enforcement">Enforcement</a></li>
+    <div class="gap"></div>
+    <li><a href="#sharing">Enforcement Guidelines</a></li>
+    <li><a href="#correction">1. Correction</a></li>
+    <li><a href="#warning">2. Warning</a></li>
+    <li><a href="#temporary-ban">3. Temporary Ban</a></li>
+    <li><a href="#permanent-ban">4. Permanent Ban</a></li>
+    <div class="gap"></div>
+    <li><a href="#attribution">Attribution</a></li>
+    <li><a href="#last-updated">Last updated</a></li>
+  </ul>
+
+  <h2 id="standards">Our Standards</h2>
+  <p>Examples of behavior that contributes to a positive environment for our community include:</p>
+  <ol>
+    <li>Demonstrating empathy and kindness toward other people</li>
+    <li>Being respectful of differing opinions, viewpoints, and experiences</li>
+    <li>Giving and gracefully accepting constructive feedback</li>
+    <li>Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience
+    </li>
+    <li>Focusing on what is best not just for us as individuals, but for the overall community</li>
+  </ol>
+
+  <p>Examples of unacceptable behavior include:</p>
+  <ul>
+    <li>The use of sexualized language or imagery, and sexual attention or advances of any kind</li>
+    <li>Trolling, insulting or derogatory comments, and personal or political attacks</li>
+    <li>Public or private harassment</li>
+    <li>Publishing others' private information, such as a physical or email address, without their explicit permission
+    </li>
+    <li>Other conduct which could reasonably be considered inappropriate in a professional setting</li>
+  </ul>
+
+  <h2 id="responsibilities">Enforcement Responsibilities</h2>
+  <p>
+    Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take
+    appropriate and
+    fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
+    Community
+    leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues,
+    and other
+    contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions
+    when
+    appropriate.
+  </p>
+
+
+  <h2 id="scope">Scope</h2>
+  <p>
+    This Code of Conduct applies within all community spaces, and also applies when an individual is officially
+    representing the
+    community in public spaces. Examples of representing our community include using an official email address, posting
+    via an
+    official social media account, or acting as an appointed representative at an online or offline event.
+  </p>
+
+  <h2 id="enforcement">Enforcement</h2>
+  <p>
+    Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders
+    responsible for
+    enforcement at <b>report@zenithhacks.org</b>. All complaints will be reviewed and investigated promptly and fairly.
+    All community
+    leaders are obligated to respect the privacy and security of the reporter of any incident.
+  </p>
+
+  <h2 id="guidelines">Enforcement Guidelines</h2>
+  <p>
+    Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they
+    deem in
+    violation of this Code of Conduct:
+  </p>
+
+  <h3 id="correction">1. Correction</h3>
+  <p>
+    <strong>Community Impact:</strong> Use of inappropriate language or other behavior deemed unprofessional or
+    unwelcome in the community.
+  </p>
+  <p>
+    <strong>Consequence:</strong> A private, written warning from community leaders, providing clarity around the nature
+    of the violation
+    and an explanation of why the behavior was inappropriate. A public apology may be requested.
+  </p>
+
+  <h3 id="warning">2. Warning</h3>
+  <p>
+    <strong>Community Impact:</strong> A violation through a single incident or series of actions.
+  </p>
+  <p>
+    <strong>Consequence:</strong> A warning with consequences for continued behavior. No interaction with the people
+    involved, including
+    unsolicited interaction with those enforcing the Code of Conduct, for a specified period of time. This includes
+    avoiding interactions
+    in community spaces as well as external channels like social media. Violating these terms may lead to a temporary or
+    permanent ban.
+  </p>
+
+  <h3 id="temporary-ban">3. Temporary Ban</h3>
+  <p>
+    <strong>Community Impact:</strong> A serious violation of community standards, including sustained inappropriate
+    behavior.
+  </p>
+  <p>
+    <strong>Consequence:</strong>
+    A temporary ban from any sort of interaction or public communication with the community for a specified period of
+    time. No public or
+    private interaction with the people involved, including unsolicited interaction with those enforcing the Code of
+    Conduct, is allowed
+    during this period. Violating these terms may lead to a permanent ban.
+  </p>
+
+  <h3 id="permanent-ban">4. Permanent Ban</h3>
+  <p>
+    <strong>Community Impact:</strong> Demonstrating a pattern of violation of community standards, including sustained
+    inappropriate behavior,
+    harassment of an individual, or aggression toward or disparagement of classes of individuals.
+  </p>
+  <p><strong>Consequence:</strong> A permanent ban from any sort of public interaction within the community.</p>
+
+
+  <h2 id="attribution">Attribution</h2>
+  <p>
+    This Code of Conduct is adapted from the Contributor Covenant (version 2.1), available at <a
+    href='https://www.contributor-covenant.org/version/2/1/code_of_conduct.html'>their website.</a
+  >
+  </p>
+
+  <h2 id="last-updated">Last Updated</h2>
+  <p>
+    This Code of Conduct was last updated on the 9th of September, 2024. We may update this Code of Conduct at any time.
+  </p>
+</Page>
+
+<style>
+  .gap {
+    padding-top: 0.5em;
+  }
+</style>

From 575b3b47330a152df79daabcd3e8b3b77a37e09b Mon Sep 17 00:00:00 2001
From: Karl <61626414+snaeker58@users.noreply.github.com>
Date: Mon, 9 Sep 2024 21:12:20 +0200
Subject: [PATCH 9/9] feat: Code of Conduct

---
 src/routes/+layout.svelte       |   3 +-
 src/routes/conduct/+page.svelte | 163 ++++++++++++++++++++++++++++++++
 2 files changed, 164 insertions(+), 2 deletions(-)
 create mode 100644 src/routes/conduct/+page.svelte

diff --git a/src/routes/+layout.svelte b/src/routes/+layout.svelte
index 1703fa6..ca1095b 100644
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -60,8 +60,7 @@
       <div class="links">
         <p class="title">Legal</p>
         <ul>
-          <!-- TODO: Add link to Code of Conduct (which does not exist yet) -->
-          <li><a href="/404">Code of Conduct</a></li>
+          <li><a href="/conduct">Code of Conduct</a></li>
           <li><a href="/privacy">Privacy policy</a></li>
           <li><a href="/privacy/gdpr">GDPR compliance</a></li>
         </ul>
diff --git a/src/routes/conduct/+page.svelte b/src/routes/conduct/+page.svelte
new file mode 100644
index 0000000..201ecc6
--- /dev/null
+++ b/src/routes/conduct/+page.svelte
@@ -0,0 +1,163 @@
+<script>
+  import Page from '$lib/Page.svelte';
+</script>
+
+<Page title="Code of Conduct">
+  <h1>Code of Conduct</h1>
+  <h2>Our Pledge</h2>
+
+  <p>
+    We as members, contributors, and leaders pledge to make participation in our hackathon a harassment-free experience
+    for everyone,
+    regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and
+    expression,
+    level of experience, education, socio-economic status, nationality, personal appearance, race, caste, color,
+    religion, or sexual
+    identity and orientation. We pledge to act and interact in ways that contribute to an open, welcoming, diverse,
+    inclusive, and
+    healthy community.
+  </p>
+
+  <h2>Table of contents</h2>
+  <ul>
+    <li><a href="#standards">Our Standards</a></li>
+    <div class="gap"></div>
+    <li><a href="#responsibilities">Enforcement Responsibilities</a></li>
+    <li><a href="#scope">Scope</a></li>
+    <li><a href="#enforcement">Enforcement</a></li>
+    <div class="gap"></div>
+    <li><a href="#sharing">Enforcement Guidelines</a></li>
+    <li><a href="#correction">1. Correction</a></li>
+    <li><a href="#warning">2. Warning</a></li>
+    <li><a href="#temporary-ban">3. Temporary Ban</a></li>
+    <li><a href="#permanent-ban">4. Permanent Ban</a></li>
+    <div class="gap"></div>
+    <li><a href="#attribution">Attribution</a></li>
+    <li><a href="#last-updated">Last updated</a></li>
+  </ul>
+
+  <h2 id="standards">Our Standards</h2>
+  <p>Examples of behavior that contributes to a positive environment for our community include:</p>
+  <ol>
+    <li>Demonstrating empathy and kindness toward other people</li>
+    <li>Being respectful of differing opinions, viewpoints, and experiences</li>
+    <li>Giving and gracefully accepting constructive feedback</li>
+    <li>Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience
+    </li>
+    <li>Focusing on what is best not just for us as individuals, but for the overall community</li>
+  </ol>
+
+  <p>Examples of unacceptable behavior include:</p>
+  <ul>
+    <li>The use of sexualized language or imagery, and sexual attention or advances of any kind</li>
+    <li>Trolling, insulting or derogatory comments, and personal or political attacks</li>
+    <li>Public or private harassment</li>
+    <li>Publishing others' private information, such as a physical or email address, without their explicit permission
+    </li>
+    <li>Other conduct which could reasonably be considered inappropriate in a professional setting</li>
+  </ul>
+
+  <h2 id="responsibilities">Enforcement Responsibilities</h2>
+  <p>
+    Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take
+    appropriate and
+    fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
+    Community
+    leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues,
+    and other
+    contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions
+    when
+    appropriate.
+  </p>
+
+
+  <h2 id="scope">Scope</h2>
+  <p>
+    This Code of Conduct applies within all community spaces, and also applies when an individual is officially
+    representing the
+    community in public spaces. Examples of representing our community include using an official email address, posting
+    via an
+    official social media account, or acting as an appointed representative at an online or offline event.
+  </p>
+
+  <h2 id="enforcement">Enforcement</h2>
+  <p>
+    Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders
+    responsible for
+    enforcement at <b>report@zenithhacks.org</b>. All complaints will be reviewed and investigated promptly and fairly.
+    All community
+    leaders are obligated to respect the privacy and security of the reporter of any incident.
+  </p>
+
+  <h2 id="guidelines">Enforcement Guidelines</h2>
+  <p>
+    Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they
+    deem in
+    violation of this Code of Conduct:
+  </p>
+
+  <h3 id="correction">1. Correction</h3>
+  <p>
+    <strong>Community Impact:</strong> Use of inappropriate language or other behavior deemed unprofessional or
+    unwelcome in the community.
+  </p>
+  <p>
+    <strong>Consequence:</strong> A private, written warning from community leaders, providing clarity around the nature
+    of the violation
+    and an explanation of why the behavior was inappropriate. A public apology may be requested.
+  </p>
+
+  <h3 id="warning">2. Warning</h3>
+  <p>
+    <strong>Community Impact:</strong> A violation through a single incident or series of actions.
+  </p>
+  <p>
+    <strong>Consequence:</strong> A warning with consequences for continued behavior. No interaction with the people
+    involved, including
+    unsolicited interaction with those enforcing the Code of Conduct, for a specified period of time. This includes
+    avoiding interactions
+    in community spaces as well as external channels like social media. Violating these terms may lead to a temporary or
+    permanent ban.
+  </p>
+
+  <h3 id="temporary-ban">3. Temporary Ban</h3>
+  <p>
+    <strong>Community Impact:</strong> A serious violation of community standards, including sustained inappropriate
+    behavior.
+  </p>
+  <p>
+    <strong>Consequence:</strong>
+    A temporary ban from any sort of interaction or public communication with the community for a specified period of
+    time. No public or
+    private interaction with the people involved, including unsolicited interaction with those enforcing the Code of
+    Conduct, is allowed
+    during this period. Violating these terms may lead to a permanent ban.
+  </p>
+
+  <h3 id="permanent-ban">4. Permanent Ban</h3>
+  <p>
+    <strong>Community Impact:</strong> Demonstrating a pattern of violation of community standards, including sustained
+    inappropriate behavior,
+    harassment of an individual, or aggression toward or disparagement of classes of individuals.
+  </p>
+  <p><strong>Consequence:</strong> A permanent ban from any sort of public interaction within the community.</p>
+
+
+  <h2 id="attribution">Attribution</h2>
+  <p>
+    This Code of Conduct is adapted from the Contributor Covenant (version 2.1), available at <a
+    href='https://www.contributor-covenant.org/version/2/1/code_of_conduct.html'>their website.</a
+  >
+  </p>
+
+  <h2 id="last-updated">Last Updated</h2>
+  <p>
+    This Code of Conduct was last updated on the 9th of September, 2024. We may update this Code of Conduct at any time.
+  </p>
+</Page>
+
+<style>
+  .gap {
+    padding-top: 0.5em;
+  }
+</style>