website/web/templates/privacy.html
2023-07-27 20:19:37 -07:00

334 lines
16 KiB
HTML

{{define "title"}}Privacy Policy{{end}}
{{define "content"}}
<div class="block">
<section class="hero is-light is-bold">
<div class="hero-body">
<div class="container">
<h1 class="title">Privacy Policy</h1>
</div>
</div>
</section>
</div>
<div class="block p-4">
<div class="content">
<p>
This page describes the treatment of your data and privacy-related aspects of this website.
</p>
<p>
We reserve the right to update this page in the future. Here at {{PrettyTitle}} we are
committed to respecting user privacy and are morally opposed to all of the shady tracking
and selling of user data that goes on with other websites. We will not sell your information
(including your e-mail address) and any kind of analytics software that may be added in the
future will be "self-hosted" with your data never leaving our servers.
</p>
<p>
This page was last updated on <strong>July 27, 2023.</strong>
</p>
<p>
<em>
Any use of the word "we" on this page refers to the royal we; as this website is
actually run by just one very passionate software engineer.
</em>
</p>
<h1>Website Privacy Features</h1>
<p>
Members of this website have the following features available in their settings to control
their privacy from other members of the site:
</p>
<ul>
<li>
By default, your profile page on {{PrettyTitle}} may <strong>only</strong> be seen
by logged-in members of the website.
</li>
<li>
You may mark your entire profile as "Private" which limits some of the contact you
may receive:
<ul>
<li>
Only users you have approved as a friend can see your profile and your
photo gallery.
</li>
<li>
Your photos will <strong>never</strong> appear on the Site Gallery - not
even to your friends. They will only see your photos by visiting your
profile page directly.
</li>
</ul>
</li>
<li>
Optionally, you may mark your Public profile to allow a limited "logged out" view which
shows only your square profile picture and display name. This may be useful to link to
your profile from external sites (like Twitter) so the visitor isn't just redirected to a
"login required" page.
</li>
<li>
Profile photos have visibility settings including Public, Friends-only or Private:
<ul>
<li>
<strong>Public</strong> photos will appear on your profile page to any logged-in
member of the website, except for members who you have blocked.
</li>
<li>
<strong>Friends-only</strong> photos will only appear to members who you have
accepted a friend request from, or members who have accepted a friend request
that was sent by you ("friends").
</li>
<li>
<strong>Private</strong> photos are visible only to yourself and any members
for whom you have unlocked your private photos. You may also revoke access to
your private photos after you had granted a member access.
</li>
</ul>
</li>
<li>
<strong>Notice:</strong> the square default profile picture that appears on your page
will always be visible to all logged-in users. The full size version on your Gallery
page may be restricted to friends or private, but the square cropped version that appears
next to your username on many parts of the website is always seen by logged-in users.
</li>
</ul>
<h3>Site-Wide Photo Gallery</h3>
<p>
One of the features of the website is the "Site Gallery" which features <strong>public</strong>
photos of all members who have opted those photos to appear in the <strong>Gallery</strong>.
</p>
<p>
When you are uploading or editing a photo, there is a checkbox labeled "Gallery" where you
can opt your photo in (or out) of the Site Gallery. Only your <strong>public</strong> photos
will appear on the Site Gallery by default; your <strong>friends-only</strong> photos may
appear there for people you approved as a friend, or your private photos to people for whom
you have granted access. You are also able to <em>exclude</em> a photo from the Site Gallery
by unchecking the "Gallery" box on that photo -- then it will only be viewable on your own
profile page, given its other permissions (friends/private).
</p>
<h3>Deletion of User Data</h3>
<p>
When you delete your data (including photos) from this website, it will <strong>really</strong>
be deleted. This website is currently run as a "passion project" on the owner's own budget and
web hosting costs can get expensive when a website grows popular! So your deleted photos are
<em>actually</em> removed from the server hard drive. You can verify this for yourself by
right-clicking and "Open image in a new tab" in your browser, delete it, and refresh the other
tab and see that the image URL no longer exists!
</p>
<p>
Members are free to <a href="/account/delete">delete their accounts</a> and your data will be
<em>scrubbed</em> from the server: your photos deleted and all database records about your
account (including your profile data, direct messages, forum posts, comments, and so on) are
removed. This is for full compliance with privacy regulations such as GDPR and CCPA.
</p>
<h3 id="moderators">Moderators</h3>
<p>
To help enforce community standards, website administrators are able to access ANY user photo.
Specifically, this will include the following photos:
</p>
<ul>
<li>All photos uploaded to your Profile Page, including private and friends-only photos.</li>
<li>Any photo uploaded onto the Forums.</li>
</ul>
<p>
The contents of your Direct Messages are NOT regularly reviewed by site administrators. Your
privacy is respected in one-on-one chats with others. However, if a user reports your message
for violating the <a href="/tos">Terms of Use</a> the messages may be reviewed by an
administrator to verify the report and take action as needed.
</p>
<h1 id="direct-messages">Direct Messages</h1>
<p>
<span class="tag is-success">NEW: July 27 2023 - Clarification added</span>
</p>
<p>
Please behave honorably in your use of Direct Messages, whether on the main website or inside
the chat room. The global <a href="/tos">website rules</a> apply. {{PrettyTitle}} admins do NOT
regularly review the contents of your Direct Messages (your right to privacy is respected), however
if your conversation partner reports your message to the moderators we MAY look
at your message history to verify the report and take action if needed.
</p>
<p>
<strong>Especially important:</strong> do not break the law as it pertains to the United States
or California, where the web server resides, with your conduct in direct messages. Please do not
put the entire website at risk. Your photo WILL be included in the report to law enforcement if
it comes down to that.
</p>
<p>
We do not at this time, but reserve the right to implement in the future, software algorithms which MAY
automatically scan the contents of Direct Messages and collect URL links to websites shared or
flag messages based on keywords to detect egregious violations of the website's <a href="/tos">Terms of Service</a>.
For a good rule of thumb, behave as though this is already the case.
</p>
<h3>DMs on the Website</h3>
<p>
Direct Messages on the main website are stored, <strong>not encrypted</strong>, in the database and
it is within the technical capabilities of site admins to review them if needed. We have safeguards
in place to deter admins from snooping without being detected: it triggers an e-mail alert to other
admins and the access is logged. Do NOT expect any guarantee of security or privacy in your Direct Message
conversations.
</p>
<p>
Website DMs allow plain text messages only. Picture sharing is NOT supported in DMs for (what should be) very obvious
reasons. We do not want users to store images on our web server that would be out of view of site
admins' ability to moderate the website. See <a href="#moderators">Moderators</a> for a description of
what website admins can access in the aim of ensuring the integrity of the platform and help protect
the site from legal risks created by our members.
</p>
<p>
Do NOT share URL links to websites which harbor or facilitate illegal content or activity.
</p>
<h3>DMs on the Chat Room</h3>
<p>
Direct Messages on the chat room are NOT stored persistently on the server. They are sent directly
back out to the recipient(s) as they come in.
</p>
<p>
DMs are NOT monitored by admins on the chat room: the software is not programmed to reveal them on
the front-end web page to moderators. However, they MAY be logged as part of the chat server's operation,
especially if the server is running in debug mode which may sometimes happen while a new feature is being
developed or a bug is being researched and fixed. The log file is NOT regularly monitored except when
debugging an issue.
</p>
<p>
Messages in general on the chat server are NOT end-to-end encrypted -- they are protected only by
standard website (https) encryption but the chat server sees them, momentarily as it may be, in plain
text.
</p>
<p>
Photo attachments MAY be shared in Direct Messages on chat, and at this time are NOT stored persistently
on disk. However, we reserve the right in the future to HOLD images temporarily and scan their contents.
Behave as though this is already the case.
Do <strong>NOT</strong> share a photo on chat that would get you banned for sharing it on the main website!
</p>
<p>
Messages sent to your chat partner may be cached on their web browser page until they close the window
or refresh the chat. You may "take back" individual messages by clicking on the red
<i class="fa fa-rotate-left has-text-danger"></i> icon which will remove it from everyone else's screen
who saw that message. Deleting your DM thread only removes the thread from your view, but does not remove
the thread from your partner's view. This is communicated in a pop-up before you delete the DM thread.
</p>
<h1>Email Addresses</h1>
<p>
All members begin signup by verifying control of an e-mail inbox. On this website, your e-mail
address is used for the following purposes:
</p>
<ul>
<li>For logging in to your account (as an alternative to logging in using your username).</li>
<li>To deliver e-mail notifications or to get in touch with you if necessary (see below).</li>
</ul>
<p>
We will <strong>NOT</strong> sell your e-mail address or send you any spam or junk mail
and will <strong>NEVER</strong> do so in the future.
</p>
<h3>What kinds of e-mail messages we send</h3>
<p>
Currently the website only sends <strong>transactional</strong> e-mails (not marketing emails!)
in response to important actions on the website, including (exhaustively):
</p>
<ul>
<li>
Upon first sign-up we send an e-mail to verify you control the email address you are
signing up with. This message contains a link to click to verify you control that
e-mail inbox and resume signing up an account on this website.
</li>
<li>
If you have forgotten your password and request a password reset via e-mail, we will
send you a message to your e-mail inbox with a link to click to set a new password
for your account.
</li>
<li>
If you change your e-mail address in your settings, a message will be sent to the
new e-mail address to verify you control the new address.
</li>
<li>
When your Certification Photo is either approved or rejected by a site administrator,
you will receive a notification message to your e-mail inbox.
</li>
</ul>
<p>
In the future, the website MAY gain a feature to deliver a "daily digest" e-mail if you
have any pending friend requests or unread Direct Messages on this site. There will be
controls on your Settings page to control such a feature.
</p>
<h1>Cookies</h1>
<p>
This website uses <strong>functional cookies only</strong> and does not run any advertisements
or third-party trackers. The exhaustive list of website cookies and their use cases are as
follows:
</p>
<ul>
<li>
A <strong>session ID</strong> cookie to remember your login status as you browse the
website. This cookie holds a randomly generated unique value that corresponds to
server-side storage about the details of your login status. The server-side details
include, exhaustively: your login status (true/false), your user ID number, any temporary
"flashed" success or error messages (which appear at the tops of pages in green or red
banners on your next page load), and a "last seen" time stamp.
</li>
<li>
A cookie to protect against a <strong>cross site request forgery</strong>
(<a href="https://owasp.org/www-community/attacks/csrf" target="_blank">CSRF</a>) type
of cyber attack. This cookie holds a randomly generated unique value that helps protect
you from a rogue third-party website attempting to perform actions on behalf of your
account on this website.
</li>
</ul>
<h3>Analytics Software</h3>
<p>
In the future we MAY deploy self-hosted analytics software to help understand how the
website is being used and identify any pain points that users may be running into. This
would probably be <a href="https://matomo.org/" target="_blank">Matomo analytics</a>,
a free and open source program that would run on the same web servers as this website,
so that analytics data does NOT leave this site and go to a third party such as Google
or Facebook.
</p>
<p>
The author of this website is a privacy &amp; security nut and he respects <em>your</em>
privacy as well. Matomo Analytics is GDPR compliant, automatically respects your web
browser's "Do Not Track" header and can be opted out of.
</p>
</div>
</div>
{{end}}