Programming.Dev/p.d-legal
Programming.Dev/p.d-legal
6
2
Fork 1
Code Issues1 Pull requests Projects Activity

Update PRIVACY-POLICY.md

Browse source 
Revisions made to sections:
[What information do we collect?](#what-do-we-use-your-information-for)

---
Formatting Updates:
Reorganized bulleted layout of section [What information do we collect?](#what-do-we-use-your-information-for) to be easier to read (for both us and any reviewers)

---

Content Updates:
- updated header: [**Basic account information**] to -> [**Account/Profile Information**]
- updated header: [**Posts, comments, subscribing, voting, reactions, and other public information**] to -> [**Service Provided User Actions**]
	- compiled and revised the contents contained in [Service Provided User Actions]
This commit is contained in:
recursive_recursion 2024-02-10 17:24:36 -07:00 committed by GitHub
parent bb96da49b5
commit b8c62a3e35
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 21 additions and 18 deletions

39
PRIVACY-POLICY.md
View file

@ -5,22 +5,19 @@ By: recursive_recursion
All Authors: Ategon, recursive_recursion
# Privacy Policy
This privacy policy describes how Programming.dev ("programming.dev", "we", "us", "our") collects, protects and uses information provided to us when you use our services including:
- Our websites such as programming.dev or bytes.programming.dev
- APIs for our websites
- Any other place we collect information from you and link this Privacy Policy
- Our websites such as programming.dev or bytes.programming.dev.
- APIs for our websites.
- Any other place we collect information from you and link this Privacy Policy.
By joining and contributing to our services, you acknowledge that it is running on early release software. Although we take reasonable precautions to maintain the security of personal data provided to us we cannot guarantee that the software is free from defect that will expose any or all of that personal data.
If you do not agree with all of our policies and practices, do not use our services. If you have any questions or concerns, contact us at info@programming.dev.
# Site Usage by Children
# Site Usage by Children:
All of our services are directed towards people who are at least 16 years old. We do not knowingly collect personal information from people under the age of 16. If you are under the age of 16, please do not use our services. If we learn that personal information from people who are less than 16 years old has been collected, we will deactivate the account and take reasonable measures to delete the data from our records.
# What do we use your information for?
Any information we collect from you may be used in the following ways:
- To provide the core functionality of our services such as being able to comment on other people's posts or subscribing to communities when you are logged in.
@ -28,17 +25,26 @@ Any information we collect from you may be used in the following ways:
- To send you information, notifications about other people interacting with your content or sending you messages, or notifications for new posts created, if you opt in to any of these options in the settings. We may also use it to respond to you about inquiries, and/or other requests or questions.
# What information do we collect?
**Account/Profile Information:**
- When creating an account on one of our services you may be asked to enter in a username and password. You may also enter additional information into optional fields such as: email, display name, profile picture, banner image, matrix ID, location, birthday, language, and biography.
- Currently (as of February 10, 2024), all of the optional fields are always listed publicly; your password and email is kept private.
- **Basic account information:** When creating an account on one of our services you may be asked to enter in a username and password. You may also enter additional information into optional fields such as: email, display name, profile picture, banner image, matrix ID, location, birthday, language, and biography.
- Currently [as of February 10, 2024], all of the additional custom fields are always listed publicly; your password and email is kept private.
- **Posts, comments, subscribing, voting, reactions, and other public information:** When you perform an action on one of our services such as create or edit a post, comment, or vote, the date and time the action is taken at is stored as well as the content and any media attachments on them such as pictures and videos. All of this is publicly available information due to the nature of federation as they are delivered to the communities they are posted on and any instance federated with that community using the activitypub protocol. This means they are delivered to many different servers and copies of them are stored there.
- **Direct messages:** All direct messages sent are unencrypted and may be delivered to other servers if the user you are sending a message to is on a service other than one provided by us. We make a good faith effort to limit the access to direct messages to only authorized persons butother servers may fail to do so so it is important to review who and what service you are sending messages to. Keep in mind that operators of our services and any receiving services may view direct messages and that recipients may screenshot, copy, or otherwise re-share them so it is recommended to not share any sensitive information.
- **IPs and other metadata:** When you log in, we may record the IP address you logged in from, the time and date you logged in at, as well as the name of your browser application. We also have server logs which include the IP address of every request to our server.
**Service Provided User Actions:**
- On any of our services, when performing an action such as commenting the date and time (during when the action is taken) is recorded in addition to saving the content and any media attachments (pictures and/or videos) alongside the performed action. All of this information is publicly available due to the nature of federation which uses the [ActivityPub protocol](https://en.wikipedia.org/wiki/ActivityPub). <font color= "orange">The actions made by users of our services is duplicated and stored on externel communities/instances that are federated with our services. (this sentence can probably be revised)</font>
- Actions in the context of our provided services and Privacy Policy may include:
1. Creating/editing a post or comment.
2. Voting/reacting on a post or comment.
3. Subscribing to a community or magazine.
Your IP address and email remains private to our services. However, due to the nature of federated services, all of your engagement (profile, posts, comments, messages, votes, etc.) on our services should be considered public and you are responsible for taking appropriate precautions in how you interact with our services. It is highly recommended that you do not share any publicly identifying information on our sites, products, or services.
**Direct Messages:**
- All direct messages sent are unencrypted and may be delivered to other servers if the user you are sending a message to is on a service other than one provided by us. We make a good faith effort to limit the access to direct messages to only authorized persons but other servers may fail to do so, so it is important to review who and what service you are sending messages to. Please keep in mind that operators of our services and any receiving services may view direct messages and that recipients may screenshot, copy, or otherwise re-share them so it is recommended to not share any sensitive information.
**IPs and Other Metadata:**
- When you log in, we may record the IP address you logged in from, the time and date you logged in at, as well as the name of your browser application. We also have server logs which include the IP address of every request to our server.
- Iamge embeded metadata [(Exif data)](https://en.wikipedia.org/wiki/Exif), on images hosted on our services are scrubbed/erased by default due to the use of [pict-rs as our image hosting service](https://git.asonix.dog/asonix/pict-rs/src/branch/main).
- Your IP address and email remains private to our services. However, due to the nature of federated services, all of your engagement (profile, posts, comments, messages, votes, etc.) on our services should be considered public and you are responsible for taking appropriate precautions in how you interact with our services. It is highly recommended that you do not share any publicly identifying information on our sites, products, or services.
# How do we protect your information?
We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. Among other things, your browser session, as well as the traffic between your applications and the API, are secured with SSL, and your password is hashed using a strong one-way algorithm. You may also enable two factor authentication to further protect your account.
# What is our data retention policy?
@ -49,9 +55,7 @@ We will make a good faith effort to:
You may irreversibly delete your account at any time. However, this does not guarantee all instances will be notified or respect the deletion of your public data.
# Do we use cookies?
We use cookies for specific functionalities, which includes cloudflare clearance and JWT (JSON Web Token) authentication purposes.
- Cloudflare clearance: Cookies provided by cloudflare to store the proof of passing a cloudflare challenge.
- JWT: A token to allow you to access and interact with our services after logging in.
@ -60,12 +64,11 @@ These cookies do not store personally identifiable information and are necessary
Please note that you can manage or disable cookies through your browser settings. However, disabling these essential cookies may impact the functionality and security of services.
# Do we disclose any information to outside parties?
We do not sell, trade, or transfer your personal information to outside parties. This does not include trusted third parties who assist us in operating our services, so long as those parties agree to keep this information confidential.
Your public content may be downloaded by other servers using the activitypub protocol, as well as direct messages to the servers of the receipients.
When you log in to your account on a service not provided by us, it may access your public information as well as password when logging in.
# Do we Make Updates to this Privacy Policy?
# Do we make updates to this Privacy Policy?
We may update this privacy policy from time to time. When we do, we will change the "Last Updated" date and author at the top of the page to indicate the date and author of the most recent changes. If we make changes we may notify you by posting a notice of such changes or by sending you a notification. We encourage you to review this Privacy Policy periodically for any modifications.