This page describes the treatment of your data and privacy-related aspects of this website.
We reserve the right to update this page in the future. Here at {{PrettyTitle}} we are committed to respecting user privacy and are morally opposed to all of the shady tracking and selling of user data that goes on with other websites. We will not sell your information (including your e-mail address) and any kind of analytics software that may be added in the future will be "self-hosted" with your data never leaving our servers.
This page was last updated on May 26, 2024.
Any use of the word "we" on this page refers to the royal we; as this website is actually run by just one very passionate software engineer.
Website Privacy Features
Members of this website have the following features available in their settings to control their privacy from other members of the site:
- By default, your profile page on {{PrettyTitle}} may only be seen by logged-in members of the website.
-
You may mark your entire profile as "Private" which limits some of the contact you
may receive:
- Only users you have approved as a friend can see your profile and your photo gallery.
- Your photos will never appear on the Site Gallery - not even to your friends. They will only see your photos by visiting your profile page directly.
- Optionally, you may mark your Public profile to allow a limited "logged out" view which shows only your square profile picture and display name. This may be useful to link to your profile from external sites (like Twitter) so the visitor isn't just redirected to a "login required" page.
-
Profile photos have visibility settings including Public, Friends-only or Private:
- Public photos will appear on your profile page to any logged-in member of the website, except for members who you have blocked.
- Friends-only photos will only appear to members who you have accepted a friend request from, or members who have accepted a friend request that was sent by you ("friends").
- Private photos are visible only to yourself and any members for whom you have unlocked your private photos. You may also revoke access to your private photos after you had granted a member access.
- Notice: the square default profile picture that appears on your page will always be visible to all logged-in users. The full size version on your Gallery page may be restricted to friends or private, but the square cropped version that appears next to your username on many parts of the website is always seen by logged-in users.
Site-Wide Photo Gallery
One of the features of the website is the "Site Gallery" which features public photos of all members who have opted those photos to appear in the Gallery.
When you are uploading or editing a photo, there is a checkbox labeled "Gallery" where you can opt your photo in (or out) of the Site Gallery. Only your public photos will appear on the Site Gallery by default; your friends-only photos may appear there for people you approved as a friend, or your private photos to people for whom you have granted access. You are also able to exclude a photo from the Site Gallery by unchecking the "Gallery" box on that photo -- then it will only be viewable on your own profile page, given its other permissions (friends/private).
Deletion of User Data
When you delete your data (including photos) from this website, it will really be deleted. This website is currently run as a "passion project" on the owner's own budget and web hosting costs can get expensive when a website grows popular! So your deleted photos are actually removed from the server hard drive. You can verify this for yourself by right-clicking and "Open image in a new tab" in your browser, delete it, and refresh the other tab and see that the image URL no longer exists!
Members are free to delete their accounts and your data will be scrubbed from the server: your photos deleted and all database records about your account (including your profile data, direct messages, forum posts, comments, and so on) are removed. This is for full compliance with privacy regulations such as GDPR and CCPA.
Moderators
To help enforce community standards, website administrators are able to access ANY user photo. Specifically, this will include the following photos:
- All photos uploaded to your Profile Page, including private and friends-only photos.
- Any photo uploaded onto the Forums.
The contents of your Direct Messages are NOT regularly reviewed by site administrators. Your privacy is respected in one-on-one chats with others. However, if a user reports your message for violating the Terms of Use the messages may be reviewed by an administrator to verify the report and take action as needed.
Third Parties
Updated: May 26 2024
{{PrettyTitle}} strives to minimize any sharing of user data with third party companies, to the furthest extent as is possible. The website and chat room (both custom applications built specifically for {{PrettyTitle}}) run on a single web server. There are NO third-party analytics, advertisements, or any data sharing agreement with any third-party company -- all user data is stored in-house on the {{PrettyTitle}} web server.
The features on {{PrettyTitle}} are designed in a privacy-first manner in order to avoid relying on any third-party services to the furthest extent possible. For example:
- Collecting coarse location data by IP address is done via the Maxmind GeoIP database -- using a local copy of the database that sits on the {{PrettyTitle}} server, so that these location lookups can happen "offline" and your IP address is not sent to any third party.
- On the "Who's Nearby" settings page you have the option to drop a pin on a map as a way to set your location for other members to search for you. The map widget provides tiles loaded anonymously from the Open Streetmap public API.
Here are the exhaustive list of touch points that {{PrettyTitle}} has with any third-party company:
- Digital Ocean provides the web hosting for the {{PrettyTitle}} web server. The server itself is a manually operated Virtual Private Server. No user data is shared with Digital Ocean, however they would be technically capable of accessing the server hard drive and database if they needed to.
- Mailersend provides our outgoing e-mail service, for sending you the "new account verification e-mail" and other transactional e-mail messages. Mailersend may see the e-mail address and content of e-mails that are sent from the website, as is necessary for them to relay the message to you.
- OpenStreetMap: the "Who's Nearby?" location feature will load map tiles from OpenStreetMap to draw the map widget on your Location Settings page. No user data is shared with OpenStreetMap, but they might see your IP address when your web page loads the map tiles.
- Cloudflare: the new account signup page uses a CAPTCHA widget provided by Cloudflare in order to combat spam and fraud. No user data is shared with Cloudflare.
{{PrettyTitle}} is philosophically opposed to the data sharing that is so very common with most other websites on the Internet. We take our members' privacy very seriously, and are committed to never adding intrusive advertisements, tracking cookies or analytics which can compromise your privacy. All website features are designed to maximize your privacy and minimize any use of third-party services where possible.
Data Collection and Use
Added: Oct 24 2023
This section will enumerate all of the kinds of data that {{PrettyTitle}} collects and stores about user accounts and how it is used.
Required Account Information
The following information is the bare minimum required for all {{PrettyTitle}} user accounts, why we require it and how it is used.
-
E-mail Address
- Why it's required: We need a way to get in touch with you if needed. You can log in to your account using your e-mail address, and if you forget your password, you may send a password reset request via e-mail to your inbox to allow you to regain access to your account.
- What it's used for: We will rarely send transactional e-mail notifications to the address on file: on account signup, to verify you control the e-mail address; when your certification photo is approved or rejected; or when you request a reset for your forgotten password.
- Who we share it with: Nobody. The author of this website is philosophically opposed to the sharing of e-mail addresses with third party companies. Your e-mail address will NOT be shared or used for marketing e-mails, but used only for the aforementioned minimally required website functionality.
- See also: the Email Addresses section of this page, below, for more in-depth information.
-
Username
- Why it's required: Your username is your unique handle on the website and makes for a better identifier than an ID number.
- What it's used for: Your username will appear in the URL address bar when visiting your profile page or gallery, and is displayed on most pages where your account is mentioned, such as in comment threads, the Member Directory, or on the chat room.
-
Account Password
- Why it's required: To protect your account from an unauthorized login by somebody else.
- Security details: Passwords are hashed using the Bcrypt secure hashing algorithm with a cost factor tuned to take several milliseconds to compute the hash. Each user password has a distinct salt, which is randomized on each password reset. Bcrypt is designed to slow down efforts to brute force guess passwords in the event that a hacker obtained a list of Bcrypt password.
-
Date of Birth
- Why it's required: We want to know that all of our members are legal adults 18 years or older. You birthdate can derive your age and help to remove ambiguity especially for younger members (into their 20's) in case of any uncertainty.
- How you can protect it: From the first time the website asks you for your birthdate, there is a checkbox to NOT display your computed age on your profile page. Checking this box will remove the ability for other members to search for your profile by age or see how old you are, or by extension, guess when your birthdate may be if they happened to see your age update on the site.
Optional Profile Information
The following information is all optional for members to fill in, and may be displayed on your profile page or allow members to search for you by these fields (for example, the Member Directory allows to browse members by gender, relationship status, age range, or sexual orientation).
-
Display Name:
- What it is: Your display name is a free-form text box where you can write anything you want to go by, other than your username. You can use your first name, nickname, or write your username in the capitalization and style you prefer. If you don't fill out a Display Name, your username is shown in its place.
- How it's used: On the chat room, your display name can appear next to your username. Your display name also appears on your profile page and the Member Directory.
-
Gender:
- How it's used: It is displayed on your profile page; members may find you in search when filtering by gender; when you enter the chat room your profile button may display in a color-coded blue, pink or purple color based on your category of chosen gender (male-presenting, female-presenting, or non-binary).
-
Pronouns:
- How it's used: It is displayed on your profile page and search result card on the Member Directory.
-
City:
- What this is: The "City" field is a free-form text box and you can write as little or as much as you want. It is not tied or validated to be location data and is not used to derive your location at all.
- How it's used: It is displayed on your profile page and search result card on the Member Directory.
-
Job:
- How it's used: It is displayed on your profile page only.
-
(Sexual) Orientation:
- How it's used: It is displayed on your profile page and search result card on the Member Directory. Members may find you in search when filtering by orientation.
-
Relationship Status:
- How it's used: It is displayed on your profile page and search result card on the Member Directory. Members may find you in search when filtering by relationship status.
-
Relationship Type:
- What this is: This is an optional qualifying field that describes your type of relationship: monogamous, open.
- How it's used: It is displayed on your profile page and search result card on the Member Directory.
-
About Me:
- What this is: This is a free-form essay-style field where you can write a few sentences or paragraphs about yourself.
- How it's used: It is displayed on your profile page only.
-
Interests, Music/Movies:
- What this is: These are free-form essay-style fields where you can write a few sentences or paragraphs about yourself.
- How it's used: It is displayed on your profile page only.
Other User Information
This section covers other information that the website may store in relation to your user account.
-
Government Issued Photo IDs Added May 26, 2024
- In our Certification Photo workflow, users who appear under age MAY be asked to provide a secondary form of photo ID to verify their age. This will take the form of a government-issued passport or ID card that shows their photo and date of birth.
- If this happens, we will instruct you to black out all other personal information from your ID card except the photo and date of birth. We do not want to know your name, address, ID number, or any personal information about you.
- The website will delete your photo ID as soon as possible: after an admin has reviewed it and approved or rejected it, the image is deleted from the server. You may also delete it yourself before an admin looks at it.
- We do not want to store photo IDs at all, so that we aren't liable in case of a data breach or hack. Only members who appear questionably young will be prompted to share photo ID.
-
Messages (website)
- If you send or receive Direct Messages with other members on the website, these are stored in the database. See Direct Messages for in-depth information.
- The chat room does not have any database storage at all and Direct Messages on chat are not retained or stored.
-
Likes
- As you click on "Like" buttons around the website, these are stored in the database as sets of "user ID, table name, table ID" triplets (for example, to store an entry about which photo ID or comment ID has been liked).
- Comments you have posted on forum threads or photos.
-
Friends, Blocks, & Private Photo Grants
- Friend lists, blocked users, and private photo grants are stored in relationship tables that associate a "source user ID" and "target user ID" to link the connection between accounts with an implied direction (e.g.: private photos are granted to somebody, or shared by somebody).
-
Notifications & Subscriptions
- Notifications are generated by user activity on the website, for example clicking the "Like" button on a photo will notify the owner of that photo about the like. Each user account has their own feed of notifications, shown only to themselves.
- Subscriptions are comment threads that will notify other parties (other than the owner of the thing being commented on) when further comments are added. Commenting on a photo or forum thread will subscribe you to be notified about future comments (by other people) on that same thread. You can opt-out of subscriptions using a link at the top of each comment thread, and the opt-out will be remembered. Alternatively, you may also opt-in to comment threads that you did not comment on by using the same link at the top of the thread.
-
Forum Threads
- If you start a topic in the Forum, a Thread is created that holds some basic metadata about your topic (such as its title or 'explicit' setting). Threads have an associated "first comment" which is the message you wrote to start the thread.
-
Polls & Poll Votes
- Forum threads may support an attached poll. If you vote on a poll, your vote is recorded in terms of your user ID to the poll ID and the choice you picked. Information about votes is not displayed on the website front-end, and is only used to tally up the count of votes for each of the presented options.
-
User Notes
- Users may write private notes to themselves about one another, for example to remember a topic that was discussed on the chat room. This data may be revealed to the subject of the note as part of a Data Access Request.
-
Feedback & Reports
- {{PrettyTitle}} provides a feedback and reporting system so users may notify the site admin about objectionable content or behavior they witness on the site. Feedback items often record the user ID who posted the feedback, and a pointer to a user ID, photo ID, comment ID, or so on depending on what the subject of the report was about. Feedback generated by or about a user will be made available to that user as part of a Data Access Request.
-
User Location
- {{PrettyTitle}} has one database table that stores up to a single geolocation for user accounts. It is for the "Who's Nearby?" feature, which is opt-in and users are given a choice of how they want to share their location: automatically based on your IP address, via the Web Location API, or by dropping a pin on a map yourself to set your location to anywhere you want.
- The user location table stores up to one latitude/longitude coordinate for a user account, with the precision truncated to 2 (two) decimal places to defend against triangulation attacks.
- User locations are NOT revealed to other members on the site, only the rough distance away (to a resolution of miles and kilometers).
- No historical location data is collected: if a user refreshes their location, we update the stored latitude/longitude to the new values.
- Users may turn off the "Who's Nearby?" feature at any time, and their stored location data is immediately erased from the database.
- See more location-related details under "Device Information," below.
-
Two Factor Authentication
- What it is: Two-Factor Authentication (2FA) is an opt-in feature to help better protect user accounts, by requiring an authentication device as part of the sign-in process in addition to your account password. It uses the industry standard Time-based One-Time Password (TOTP) algorithm.
- How it's secured: The TOTP secret key (encoded in the QR code when you set up two-factor auth) is stored encrypted at rest in the database to protect the secret in case of a database compromise. Your one-time backup recovery codes are also stored, encrypted at rest in the database.
Device Information
This section covers how we use information about your device, such as your IP address.
-
IP Address
- Your IP address may appear as part of standard web server logs as you access and browse the website - for example in HTTP access logs captured by our NGINX reverse proxy server. These logs are NOT associated with any specific user account, and rotate on a regular basis.
- Your IP address is logged to your account during certain crucial account lifecycle events, such as when your account is first created and when you upload your certification photo, for the purpose of detecting abuse and fraud prevention.
- While logged in to your account, a list of the distinct IP addresses you have logged in from is recorded (date/time of first and last visit, count of visits). This is expressly for record keeping purposes in case it can assist with law enforcement, and is not displayed on the website (even to admin users). As of: Apr 25 2024
-
IP Address-based Geolocation
- What this is: Some features of {{PrettyTitle}} will use your coarse (city-level) location that is obtained via an offline copy of the Maxmind GeoIP database which resides on the server. Maxmind publishes the GeoIP database that contains lookup information for all ranges of IP addresses on the Internet. {{PrettyTitle}} has an offline copy of this database so that location lookups can happen locally, without your IP address being shared with any third party.
-
How it is used:
Within the context of certain specific web requests to the site, your IP address is used
to look up coarse location information by using an offline copy of the Maxmind GeoIP database
which resides on the web server:
- When entering the chat room: the website will send you into the chat room with a country flag emoji and your coarse location (to two levels of subdivision) to display next to your username on chat. For example: "United States, Oregon" or "Canada, British Columbia."
- If you opt-in to share your location for the "Who's Nearby?" feature to allow other members to search for you by distance, one of the available options to provide your location is by using the GeoIP database which is based on your IP address. Your location would then be updated when you visit the Member Search Directory or your dashboard (home) page on the site.
-
Web Location API Geolocation
- What this is: If you opt-in to share your location for the "Who's Nearby?" feature, one of your choices how to share your location is to use the Web Location API, where nonshy.com will ask your web browser for permission to access its location. This will often be backed by a GPS device or WiFi-based location source on your device.
- How it is used: If you opt-in and choose to use this location source, the {{PrettyTitle}} website will ask for your location only on your Location Settings page, when you want to update or refresh your location. It is used for the "Who's Nearby?" feature to allow you to locate other members by distance to yourself.
- How you can control it: You can visit your Location Settings at any time and opt-out of the "Who's Nearby?" feature, or change your location source (e.g. to GeoIP based or drop a pin on a map yourself). If you turn off "Who's Nearby?" your stored location data is immediately erased from the server.
Direct Messages
Please behave honorably in your use of Direct Messages, whether on the main website or inside the chat room. The global website rules apply. {{PrettyTitle}} admins do NOT regularly review the contents of your Direct Messages (your right to privacy is respected), however if your conversation partner reports your message to the moderators we MAY look at your message history to verify the report and take action if needed.
Especially important: do not break the law as it pertains to the United States or California, where the web server resides, with your conduct in direct messages. Please do not put the entire website at risk. Your photo WILL be included in the report to law enforcement if it comes down to that.
We deploy software algorithms on the main website and chat room which will automatically scan the contents of Direct Messages and collect URL links to websites shared or flag messages based on keywords to detect egregious violations of the website's Terms of Service.
DMs on the Website
Direct Messages on the main website are stored, not encrypted, in the database and it is within the technical capabilities of site admins to review them if needed. We have safeguards in place to deter admins from snooping without being detected: it triggers an e-mail alert to other admins and the access is logged. Do NOT expect any guarantee of security or privacy in your Direct Message conversations.
Website DMs allow plain text messages only. Picture sharing is NOT supported in DMs for (what should be) very obvious reasons. We do not want users to store images on our web server that would be out of view of site admins' ability to moderate the website. See Moderators for a description of what website admins can access in the aim of ensuring the integrity of the platform and help protect the site from legal risks created by our members.
Do NOT share URL links to websites which harbor or facilitate illegal content or activity.
DMs on the Chat Room
Updated: Apr 29 2024
Direct Messages on the chat room are stored for user convenience. They are available so that you may be able to remember your recent conversation with somebody when you see them online again in the future.
Your Direct Message history on the chat room can be deleted at any time by clicking on the "Clear direct message history" button in the Chat Settings (on the Misc tab). Your chat DMs are also fully deleted if you change your username on the main website, or fully delete your {{PrettyTitle}} account, in order to protect your privacy in case your former username becomes registered to somebody else in the future. Old DMs are routinely erased after the message is 90 days old.
You are also able to delete, or "take back" specific messages you had sent to somebody before, even if they are not currently online. This will remove the message from the server database and won't show in the message history for your chat partner. If they were presently online at the time, and your message was visible on their page, the "take back" action will remove it from their page immediately.
When you erase your DM history, it will erase your history from your previous chat partners' side as well. The next time they open a chat with you, the history will be empty as though it is the very first time they are chatting with you.
DMs are NOT monitored by admins on the chat room: the software is not programmed to reveal them on the front-end web page to moderators. However, they CAN be accessed in case a conversation is reported for violating the site rules or discussing illegal content.
Messages in general on the chat server are NOT end-to-end encrypted -- they are protected only by standard website (https) encryption but the chat server sees them, momentarily as it may be, in plain text.
Messages sent to your chat partner may be cached on their web browser page until they close the window or refresh the chat. You may "take back" individual messages by clicking on the red icon which will remove it from everyone else's screen who saw that message. Closing the DM thread only removes the thread from your view, but does not remove the thread from your partner's view. This is communicated in a pop-up before you delete the DM thread.
Email Addresses
All members begin signup by verifying control of an e-mail inbox. On this website, your e-mail address is used for the following purposes:
- For logging in to your account (as an alternative to logging in using your username).
- To deliver e-mail notifications or to get in touch with you if necessary (see below).
We will NOT sell your e-mail address or send you any spam or junk mail and will NEVER do so in the future.
What kinds of e-mail messages we send
Currently the website only sends transactional e-mails (not marketing emails!) in response to important actions on the website, including (exhaustively):
- Upon first sign-up we send an e-mail to verify you control the email address you are signing up with. This message contains a link to click to verify you control that e-mail inbox and resume signing up an account on this website.
- If you have forgotten your password and request a password reset via e-mail, we will send you a message to your e-mail inbox with a link to click to set a new password for your account.
- If you change your e-mail address in your settings, a message will be sent to the new e-mail address to verify you control the new address.
- When your Certification Photo is either approved or rejected by a site administrator, you will receive a notification message to your e-mail inbox.
In the future, the website MAY gain a feature to deliver a "daily digest" e-mail if you have any pending friend requests or unread Direct Messages on this site. There will be controls on your Settings page to control such a feature.
Cookies
This website uses functional cookies only and does not run any advertisements or third-party trackers. The exhaustive list of website cookies and their use cases are as follows:
- A session ID cookie to remember your login status as you browse the website. This cookie holds a randomly generated unique value that corresponds to server-side storage about the details of your login status. The server-side details include, exhaustively: your login status (true/false), your user ID number, any temporary "flashed" success or error messages (which appear at the tops of pages in green or red banners on your next page load), and a "last seen" time stamp.
- A cookie to protect against a cross site request forgery (CSRF) type of cyber attack. This cookie holds a randomly generated unique value that helps protect you from a rogue third-party website attempting to perform actions on behalf of your account on this website.