Legal privacy policy
Signed-off-by: Skylar "The Cobra" Widulski <cobra@vern.cc>
This commit is contained in:
parent
954e28325a
commit
4baafa1558
|
@ -10,7 +10,269 @@
|
|||
</head>
|
||||
<body>
|
||||
<!--#include file="nav.php" -->
|
||||
<p>Coming soon :P</p>
|
||||
<p>Copyright © Vern.cc 2022, licensed under CC-BY-SA 4.0 or later.</p>
|
||||
|
||||
<p>This privacy policy describes how vern ("vern.cc", "we", "us",
|
||||
"~vern") collects personal information and to what degree, it also
|
||||
describes what rights you have regarding your privacy on vern
|
||||
services.</p>
|
||||
|
||||
<p>~vern hosts a set of publicly accessible services available for
|
||||
everyone to use, examples include the Invidious front-end, these will
|
||||
be referred to as public services. These are in contrast to private or
|
||||
member-only services which require registration, approval from
|
||||
a vern administrator, or both, to use.</p>
|
||||
|
||||
<h1>What information do we collect on public services?</h1>
|
||||
|
||||
<p>Vern by default does not collect any personally-identifiable
|
||||
information on publicly accessible services, IP addresses may or may
|
||||
not appear on automatically-generated log files but these
|
||||
automatically-generated log files are deleted every 48 hours.</p>
|
||||
|
||||
<p>Your browser or system may or may not send additional information
|
||||
such as user-agents and these may or may not be present in
|
||||
automatically-generated log files.</p>
|
||||
|
||||
<p>The following information is collected in log files, this is not a
|
||||
complete or exhaustive list and additional information might be
|
||||
collected:</p>
|
||||
|
||||
<ol>
|
||||
<li>IP address</li>
|
||||
<p>To connect to any website, an IP address is sent by your system to
|
||||
establish a connection, sending your IP address is unavoidable though
|
||||
you can use proxies or virtual private networks to mask your true IP
|
||||
address.</p>
|
||||
|
||||
<li>User-agent</li>
|
||||
<p>Your browser might send this string which contains, among other
|
||||
things, your specific operating system, your specific browser and
|
||||
specific details such as the kernel version or layout engine used.</p>
|
||||
</ol>
|
||||
|
||||
<h1>What information do we collect on private or member-only services?
|
||||
</h1>
|
||||
|
||||
<p>Vern only collects information that you directly provide. Most
|
||||
services suggest you add information about yourself but this is not
|
||||
required, and you can mostly leave these out.</p>
|
||||
|
||||
<p>When you register with vern, the following personal information is
|
||||
recorded:</p>
|
||||
<ol>
|
||||
<li>Username</li>
|
||||
<p>Your username is used to allow you to login to vern services.</p>
|
||||
|
||||
<li>Password</li>
|
||||
<p>Your password is used to allow you to login to vern services.</p>
|
||||
|
||||
<li>Email</li>
|
||||
<p>Your email is used to contact you about whether or not your account
|
||||
has been approved and it is also used to register you for services
|
||||
that do not use usernames. Your email is not shared with any
|
||||
third-parties and we take security regarding user-data very seriously.
|
||||
</p>
|
||||
|
||||
<li>SSH keys</li>
|
||||
<p>In addition, your SSH public key is also stored to give you access
|
||||
to specific vern services such as the pubnix service and your SSH
|
||||
public key might contain extra information in and of itself.</p>
|
||||
</ol>
|
||||
|
||||
<p>The following information may or may not be recorded when you
|
||||
access privacy or member-only vern services, this is not an
|
||||
exhaustive list and is not intended to be interpreted as such:</p>
|
||||
|
||||
<li>Your full name</li>
|
||||
<p>Some services might ask you to provide a full name, this is not
|
||||
shared with third-parties.</p>
|
||||
|
||||
<li>Email addresses</li>
|
||||
<p>Some services might ask you to provide an email address, this email
|
||||
address might be shown publicly with an option to hide it but it is
|
||||
not shared with any third-parties.</p>
|
||||
|
||||
<li>Date of birth</li>
|
||||
<p>Some services might ask you to provide your date of birth, this in
|
||||
turn might be used to process whether or not you will be able to
|
||||
access adult content or it might be shown publicly with an option to
|
||||
hide it. Your date of birth is not shared with any third-parties.</p>
|
||||
|
||||
<li>Basic account info</li>
|
||||
<p>Some services might ask for a display name, biography, avatar,
|
||||
profile picture or profile header. These might be shown publicly with
|
||||
an option to hide some portions, this information is not shared with
|
||||
any third-parties<p>
|
||||
|
||||
<li>Messages, posts and chats. (Non-federated services)</li>
|
||||
<p>Some services allow you to communicate with other users, your chats
|
||||
are stored but not shared with any third-parties, these chats might
|
||||
also be public, it depends on the service.</p>
|
||||
|
||||
<li>Messages, posts and chats. (Federated services)</li>
|
||||
<p>Some services allow you to communicate with other users on
|
||||
different servers not controlled by vern, these servers may or may not
|
||||
record your chats and may or may not share them with third-parties.
|
||||
Regarding this, vern cannot guarantee that your messages will be
|
||||
deleted when requested simply because vern does not control the
|
||||
servers which your message will reach. Additionally, some of your
|
||||
messages might be "bridged" to other platforms in which case, it is
|
||||
even harder to get them removed, rectified or erased.</p>
|
||||
|
||||
<li>IPs and other metadata</li>
|
||||
<p>Your system, browser or application may or may not send information
|
||||
in the form of IP addresses and other forms such as user-agents, this
|
||||
information thus in turn might be recorded on automatically-generated
|
||||
log files, but as mentioned above, these log files are deleted every
|
||||
48 hours, in addition to being private and not shared to any
|
||||
third-parties.</p>
|
||||
|
||||
<h1>What do we use your personal information for?</h1>
|
||||
|
||||
<h2>Core service functionality</h2>
|
||||
|
||||
<p>Some services require personal information or the core
|
||||
functionality will not work, in some cases, you can substitute the
|
||||
personal information for pseudonymous or false information but this is
|
||||
very rarely the case. Most services on vern require some amount of
|
||||
personal information to provide core functionality.</p>
|
||||
|
||||
<h2>To aid in moderation, or to detect malicious activity</h2>
|
||||
|
||||
<p>Your personal information might be collected and processed to
|
||||
create automatically-generated log files which might then be used to
|
||||
detect malicious activity, or to aid in moderation of other users, or
|
||||
to detect bots that are improperly programmed.</p>
|
||||
|
||||
<p>Automatically-generated log files are deleted every 48 hours,
|
||||
though in some cases, the administrators can choose to keep some log
|
||||
files, such as in the case of an outage or attack on vern
|
||||
infrastructure.</p>
|
||||
|
||||
<h2>To be used in aggregated and anonymized statistics</h2>
|
||||
|
||||
<p>Some services might provide a set of anonymized statistics to the
|
||||
public in which case your information might be used but anonymized
|
||||
later.</p>
|
||||
|
||||
<h1>How do we protect your personal information?</h1>
|
||||
|
||||
<p>Vern employs a variety of security measures to protect personal
|
||||
information from being breached by crackers or malicious actors. These
|
||||
measures include hashing or encryption, containerization and other
|
||||
industry-standard measures.</p>
|
||||
|
||||
<h1>What is our data retention policy?</h1>
|
||||
|
||||
<p>Automatically-generated log files or server logs are deleted every
|
||||
48 hours but in some cases might be kept for longer to investigate
|
||||
malicious behavior as outlined above.</p>
|
||||
|
||||
<p>Information that you provide to vern might be stored indefinitely
|
||||
or as long as vern survives, unless you personally delete it yourself
|
||||
or request vern to delete it.</p>
|
||||
|
||||
<h1>Do we use cookies and other technologies?</h1>
|
||||
|
||||
<p>Yes. Some services on vern use cookies to store your preferences or
|
||||
to see if you are logged in, these cookies do not store any
|
||||
personally-identifiable information in most cases.</p>
|
||||
|
||||
<h1>Is information shared to other third-parties?</h1>
|
||||
|
||||
<p>Some vern services are federated, meaning that any messages, chats,
|
||||
account data and the like are shared with any similar servers,
|
||||
examples include the Matrix chatting service and Mastodon
|
||||
social-networking service, these services can share your messages,
|
||||
chats and other data to third-party servers which vern does not
|
||||
control. However, in most cases, this information is not personal.</p>
|
||||
|
||||
<p>Other vern services do not share your information with
|
||||
third-parties. It's important that we distinguish between personal
|
||||
information and regular information. No vern service will ever share
|
||||
your personal information with any third-parties.</p>
|
||||
|
||||
<p>We care about your privacy!</p>
|
||||
|
||||
<h1>What are my rights?</h1>
|
||||
|
||||
<h2>Your rights under the GDPR</h2>
|
||||
|
||||
<p>If your area has enacted the General Data Protection Regulation or
|
||||
similar law or regulation then you have the following rights:</p>
|
||||
|
||||
<ul>
|
||||
<li>The right of access</li>
|
||||
<p>The right of access ensures you are allowed to know what personal
|
||||
information vern has collected, stored or recorded about you.</p>
|
||||
|
||||
<li>The right to rectification</li>
|
||||
<p>The right to rectification means that you are allowed to change any
|
||||
personal information about you on vern services that you see as
|
||||
invalid, false or misleading</p>
|
||||
|
||||
<li>The right to erasure</li>
|
||||
<p>The right to erasure means that any personally-identifiable
|
||||
information that vern has collected, stored or recorded about you
|
||||
will be deleted in up to 96 hours after the initial request. Note that
|
||||
you will have to provide us with some personal information that we can
|
||||
go search for and delete.</p>
|
||||
</ul>
|
||||
|
||||
<p>There are other rights but these cannot be exercised or used on
|
||||
vern services for various reasons including that vern does not
|
||||
discriminate based on personal information or use automated
|
||||
processing.</p>
|
||||
|
||||
<p>To ex cerise your GDPR rights, send an email to legal@vern.cc</p>
|
||||
|
||||
<h2>Your rights under the CCPA</h2>
|
||||
|
||||
<p>You have the following rights as a Californian citizen under the
|
||||
California Consumer privacy act:</p>
|
||||
|
||||
<ul>
|
||||
<li>The Right to Know</li>
|
||||
<p>The right to know ensures you are allowed to know what personal
|
||||
information vern has collected, stored or recorded about you.</p>
|
||||
|
||||
<li>The Right to Delete</li>
|
||||
<p>The right to delete means that any personally-identifiable
|
||||
information that vern has collected, stored or recorded about you will
|
||||
be deleted in up to 96 hours after the initial request. Note that you
|
||||
will have to provide us with some personal information that we can go
|
||||
search for and delete.</p>
|
||||
</ul>
|
||||
|
||||
<p>There are other rights but these cannot be exercised or used on
|
||||
vern services for various reasons including that vern does not
|
||||
discriminate based on personal information or use automated
|
||||
processing.</p>
|
||||
|
||||
<p>To exercise your CCPA rights, send an email to legal@vern.cc</p>
|
||||
|
||||
<h2>Your rights everywhere else</h2>
|
||||
|
||||
<p>Vern believes that every individual deserves these three universal
|
||||
rights regarding data protection, we do not believe that certain areas
|
||||
deserve more priority or that certain areas get to have privacy rights
|
||||
and others do not.</p>
|
||||
|
||||
<p>Here are your rights regarding privacy on vern services:</p>
|
||||
|
||||
<ul>
|
||||
<li>The Right to be forgotten</li>
|
||||
<p>The right to be forgotten means that any personally-identifiable
|
||||
information that vern has collected, stored or recorded about you will
|
||||
be deleted in up to 96 hours after the initial request. Note that you
|
||||
will have to provide us with some personal information that we can go
|
||||
search for and delete.</p>
|
||||
</ul>
|
||||
|
||||
<p>To exercise these rights, send an email to deletion@vern.cc</p>
|
||||
|
||||
|
||||
<!--#include file="footer.html" -->
|
||||
</body>
|
||||
</html>
|
||||
|
|
Loading…
Reference in New Issue