vern
/
website
4
4
Fork 4
Code Issues Pull Requests Packages Projects Releases Wiki Activity

non-legalese privpol is literally wrong

This commit is contained in:
Arya Kiran 2022-12-10 21:50:53 +05:30
parent 1bfa4adb2c
commit 87f87b7999
2 changed files with 266 additions and 284 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

279
en/legal-privacy.html
View File

@ -1,279 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width">
<meta name="description" content="Legalese privacy policy for ~vern">
<meta name="keywords" content="~vern, vern, free software, privacy, tilde, tildeverse, privacy policy, policy, legal, legalese">
<link rel="stylesheet" href="//gcdn.vern.cc/vernsite/style.css">
<title>Privacy Policy | ~vern</title>
</head>
<body>
<!--#include file="nav.php" -->
<h1>Privacy Policy</h1>
<p>Copyright © Vern.cc 2022, licensed under CC-BY-SA 4.0 or later.</p>
<p>This privacy policy describes how vern ("vern.cc", "we", "us",
"~vern") collects personal information and to what degree, it also
describes what rights you have regarding your privacy on vern
services.</p>
<p>~vern hosts a set of publicly accessible services available for
everyone to use, examples include the Invidious front-end, these will
be referred to as public services. These are in contrast to private or
member-only services which require registration, approval from
a vern administrator, or both, to use.</p>
<h1>What information do we collect on public services?</h1>
<p>Vern by default does not collect any personally-identifiable
information on publicly accessible services, IP addresses may or may
not appear on automatically-generated log files but these
automatically-generated log files are deleted every 48 hours.</p>
<p>Your browser or system may or may not send additional information
such as user-agents and these may or may not be present in
automatically-generated log files.</p>
<p>The following information is collected in log files, this is not a
complete or exhaustive list and additional information might be
collected:</p>
<ol>
<li>IP address</li>
<p>To connect to any website, an IP address is sent by your system to
establish a connection, sending your IP address is unavoidable though
you can use proxies or virtual private networks to mask your true IP
address.</p>
<li>User-agent</li>
<p>Your browser might send this string which contains, among other
things, your specific operating system, your specific browser and
specific details such as the kernel version or layout engine used.</p>
</ol>
<h1>What information do we collect on private or member-only services?
</h1>
<p>Vern only collects information that you directly provide. Most
services suggest you add information about yourself but this is not
required, and you can mostly leave these out.</p>
<p>When you register with vern, the following personal information is
recorded:</p>
<ol>
<li>Username</li>
<p>Your username is used to allow you to login to vern services.</p>
<li>Password</li>
<p>Your password is used to allow you to login to vern services.</p>
<li>Email</li>
<p>Your email is used to contact you about whether or not your account
has been approved and it is also used to register you for services
that do not use usernames. Your email is not shared with any
third-parties and we take security regarding user-data very seriously.
</p>
<li>SSH keys</li>
<p>In addition, your SSH public key is also stored to give you access
to specific vern services such as the pubnix service and your SSH
public key might contain extra information in and of itself.</p>
</ol>
<p>The following information may or may not be recorded when you
access privacy or member-only vern services, this is not an
exhaustive list and is not intended to be interpreted as such:</p>
<li>Your full name</li>
<p>Some services might ask you to provide a full name, this is not
shared with third-parties.</p>
<li>Email addresses</li>
<p>Some services might ask you to provide an email address, this email
address might be shown publicly with an option to hide it but it is
not shared with any third-parties.</p>
<li>Date of birth</li>
<p>Some services might ask you to provide your date of birth, this in
turn might be used to process whether or not you will be able to
access adult content or it might be shown publicly with an option to
hide it. Your date of birth is not shared with any third-parties.</p>
<li>Basic account info</li>
<p>Some services might ask for a display name, biography, avatar,
profile picture or profile header. These might be shown publicly with
an option to hide some portions, this information is not shared with
any third-parties<p>
<li>Messages, posts and chats. (Non-federated services)</li>
<p>Some services allow you to communicate with other users, your chats
are stored but not shared with any third-parties, these chats might
also be public, it depends on the service.</p>
<li>Messages, posts and chats. (Federated services)</li>
<p>Some services allow you to communicate with other users on
different servers not controlled by vern, these servers may or may not
record your chats and may or may not share them with third-parties.
Regarding this, vern cannot guarantee that your messages will be
deleted when requested simply because vern does not control the
servers which your message will reach. Additionally, some of your
messages might be "bridged" to other platforms in which case, it is
even harder to get them removed, rectified or erased.</p>
<li>IPs and other metadata</li>
<p>Your system, browser or application may or may not send information
in the form of IP addresses and other forms such as user-agents, this
information thus in turn might be recorded on automatically-generated
log files, but as mentioned above, these log files are deleted every
48 hours, in addition to being private and not shared to any
third-parties.</p>
<h1>What do we use your personal information for?</h1>
<h2>Core service functionality</h2>
<p>Some services require personal information or the core
functionality will not work, in some cases, you can substitute the
personal information for pseudonymous or false information but this is
very rarely the case. Most services on vern require some amount of
personal information to provide core functionality.</p>
<h2>To aid in moderation, or to detect malicious activity</h2>
<p>Your personal information might be collected and processed to
create automatically-generated log files which might then be used to
detect malicious activity, or to aid in moderation of other users, or
to detect bots that are improperly programmed.</p>
<p>Automatically-generated log files are deleted every 48 hours,
though in some cases, the administrators can choose to keep some log
files, such as in the case of an outage or attack on vern
infrastructure.</p>
<h2>To be used in aggregated and anonymized statistics</h2>
<p>Some services might provide a set of anonymized statistics to the
public in which case your information might be used but anonymized
later.</p>
<h1>How do we protect your personal information?</h1>
<p>Vern employs a variety of security measures to protect personal
information from being breached by crackers or malicious actors. These
measures include hashing or encryption, containerization and other
industry-standard measures.</p>
<h1>What is our data retention policy?</h1>
<p>Automatically-generated log files or server logs are deleted every
48 hours but in some cases might be kept for longer to investigate
malicious behavior as outlined above.</p>
<p>Information that you provide to vern might be stored indefinitely
or as long as vern survives, unless you personally delete it yourself
or request vern to delete it.</p>
<h1>Do we use cookies and other technologies?</h1>
<p>Yes. Some services on vern use cookies to store your preferences or
to see if you are logged in, these cookies do not store any
personally-identifiable information in most cases.</p>
<h1>Is information shared to other third-parties?</h1>
<p>Some vern services are federated, meaning that any messages, chats,
account data and the like are shared with any similar servers,
examples include the Matrix chatting service and Mastodon
social-networking service, these services can share your messages,
chats and other data to third-party servers which vern does not
control. However, in most cases, this information is not personal.</p>
<p>Other vern services do not share your information with
third-parties. It's important that we distinguish between personal
information and regular information. No vern service will ever share
your personal information with any third-parties.</p>
<p>We care about your privacy!</p>
<h1>What are my rights?</h1>
<h2>Your rights under the GDPR</h2>
<p>If your area has enacted the General Data Protection Regulation or
similar law or regulation then you have the following rights:</p>
<ul>
<li>The right of access</li>
<p>The right of access ensures you are allowed to know what personal
information vern has collected, stored or recorded about you.</p>
<li>The right to rectification</li>
<p>The right to rectification means that you are allowed to change any
personal information about you on vern services that you see as
invalid, false or misleading</p>
<li>The right to erasure</li>
<p>The right to erasure means that any personally-identifiable
information that vern has collected, stored or recorded about you
will be deleted in up to 96 hours after the initial request. Note that
you will have to provide us with some personal information that we can
go search for and delete.</p>
</ul>
<p>There are other rights but these cannot be exercised or used on
vern services for various reasons including that vern does not
discriminate based on personal information or use automated
processing.</p>
<p>To exercise your GDPR rights, send an email to legal@vern.cc</p>
<h2>Your rights under the CCPA</h2>
<p>You have the following rights as a Californian citizen under the
California Consumer privacy act:</p>
<ul>
<li>The Right to Know</li>
<p>The right to know ensures you are allowed to know what personal
information vern has collected, stored or recorded about you.</p>
<li>The Right to Delete</li>
<p>The right to delete means that any personally-identifiable
information that vern has collected, stored or recorded about you will
be deleted in up to 96 hours after the initial request. Note that you
will have to provide us with some personal information that we can go
search for and delete.</p>
</ul>
<p>There are other rights but these cannot be exercised or used on
vern services for various reasons including that vern does not
discriminate based on personal information or use automated
processing.</p>
<p>To exercise your CCPA rights, send an email to legal@vern.cc</p>
<h2>Your rights everywhere else</h2>
<p>Vern believes that every individual deserves these three universal
rights regarding data protection, we do not believe that certain areas
deserve more priority or that certain areas get to have privacy rights
and others do not.</p>
<p>Here are your rights regarding privacy on vern services:</p>
<ul>
<li>The Right to be forgotten</li>
<p>The right to be forgotten means that any personally-identifiable
information that vern has collected, stored or recorded about you will
be deleted in up to 96 hours after the initial request. Note that you
will have to provide us with some personal information that we can go
search for and delete.</p>
</ul>
<p>To exercise these rights, send an email to deletion@vern.cc</p>
<!--#include file="footer.cgi" -->
</body>
</html>

271
en/privpol.html
View File

@ -3,16 +3,277 @@
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width">
<meta name="description" content="Privacy Policy of ~vern">
<meta name="keywords" content="~vern, vern, free software, privacy, tilde, tildeverse, privacy policy, policy">
<meta name="description" content="Legalese privacy policy for ~vern">
<meta name="keywords" content="~vern, vern, free software, privacy, tilde, tildeverse, privacy policy, policy, legal, legalese">
<link rel="stylesheet" href="//gcdn.vern.cc/vernsite/style.css">
<title>Privacy Policy | ~vern</title>
</head>
<body>
<!--#include file="nav.php" -->
<div class=h><h1 id=privacy>Privacy Statement</h1> <a aria-hidden=true href=#privacy>#privacy</a></div>
<p>The only circumstances in which we collect and store data from our users is when such information is directly provided to us, i.e. when one registers to any of our services. Any automatically generated information (log files) that contains personal user information such as IP addresses, locations, or full names is to be deleted from our servers in at most 48 hours. If you decide that you want any of your accounts with us to be closed, send an e-mail to: <code>deletion (AT SYMBOL) vern (PERIOD) cc</code>. Any associated personal information will be deleted from our servers in up to 96 hours.</p>
<p>A full legalese privacy policy can be found <a href="/legal-privacy">here</a>.</p>
<h1>Privacy Policy</h1>
<p>Copyright © Vern.cc 2022, licensed under CC-BY-SA 4.0 or later.</p>
<p>This privacy policy describes how vern ("vern.cc", "we", "us",
"~vern") collects personal information and to what degree, it also
describes what rights you have regarding your privacy on vern
services.</p>
<p>~vern hosts a set of publicly accessible services available for
everyone to use, examples include the Invidious front-end, these will
be referred to as public services. These are in contrast to private or
member-only services which require registration, approval from
a vern administrator, or both, to use.</p>
<h1>What information do we collect on public services?</h1>
<p>Vern by default does not collect any personally-identifiable
information on publicly accessible services, IP addresses may or may
not appear on automatically-generated log files but these
automatically-generated log files are deleted every 48 hours.</p>
<p>Your browser or system may or may not send additional information
such as user-agents and these may or may not be present in
automatically-generated log files.</p>
<p>The following information is collected in log files, this is not a
complete or exhaustive list and additional information might be
collected:</p>
<ol>
<li>IP address</li>
<p>To connect to any website, an IP address is sent by your system to
establish a connection, sending your IP address is unavoidable though
you can use proxies or virtual private networks to mask your true IP
address.</p>
<li>User-agent</li>
<p>Your browser might send this string which contains, among other
things, your specific operating system, your specific browser and
specific details such as the kernel version or layout engine used.</p>
</ol>
<h1>What information do we collect on private or member-only services?
</h1>
<p>Vern only collects information that you directly provide. Most
services suggest you add information about yourself but this is not
required, and you can mostly leave these out.</p>
<p>When you register with vern, the following personal information is
recorded:</p>
<ol>
<li>Username</li>
<p>Your username is used to allow you to login to vern services.</p>
<li>Password</li>
<p>Your password is used to allow you to login to vern services.</p>
<li>Email</li>
<p>Your email is used to contact you about whether or not your account
has been approved and it is also used to register you for services
that do not use usernames. Your email is not shared with any
third-parties and we take security regarding user-data very seriously.
</p>
<li>SSH keys</li>
<p>In addition, your SSH public key is also stored to give you access
to specific vern services such as the pubnix service and your SSH
public key might contain extra information in and of itself.</p>
</ol>
<p>The following information may or may not be recorded when you
access privacy or member-only vern services, this is not an
exhaustive list and is not intended to be interpreted as such:</p>
<li>Your full name</li>
<p>Some services might ask you to provide a full name, this is not
shared with third-parties.</p>
<li>Email addresses</li>
<p>Some services might ask you to provide an email address, this email
address might be shown publicly with an option to hide it but it is
not shared with any third-parties.</p>
<li>Date of birth</li>
<p>Some services might ask you to provide your date of birth, this in
turn might be used to process whether or not you will be able to
access adult content or it might be shown publicly with an option to
hide it. Your date of birth is not shared with any third-parties.</p>
<li>Basic account info</li>
<p>Some services might ask for a display name, biography, avatar,
profile picture or profile header. These might be shown publicly with
an option to hide some portions, this information is not shared with
any third-parties<p>
<li>Messages, posts and chats. (Non-federated services)</li>
<p>Some services allow you to communicate with other users, your chats
are stored but not shared with any third-parties, these chats might
also be public, it depends on the service.</p>
<li>Messages, posts and chats. (Federated services)</li>
<p>Some services allow you to communicate with other users on
different servers not controlled by vern, these servers may or may not
record your chats and may or may not share them with third-parties.
Regarding this, vern cannot guarantee that your messages will be
deleted when requested simply because vern does not control the
servers which your message will reach. Additionally, some of your
messages might be "bridged" to other platforms in which case, it is
even harder to get them removed, rectified or erased.</p>
<li>IPs and other metadata</li>
<p>Your system, browser or application may or may not send information
in the form of IP addresses and other forms such as user-agents, this
information thus in turn might be recorded on automatically-generated
log files, but as mentioned above, these log files are deleted every
48 hours, in addition to being private and not shared to any
third-parties.</p>
<h1>What do we use your personal information for?</h1>
<h2>Core service functionality</h2>
<p>Some services require personal information or the core
functionality will not work, in some cases, you can substitute the
personal information for pseudonymous or false information but this is
very rarely the case. Most services on vern require some amount of
personal information to provide core functionality.</p>
<h2>To aid in moderation, or to detect malicious activity</h2>
<p>Your personal information might be collected and processed to
create automatically-generated log files which might then be used to
detect malicious activity, or to aid in moderation of other users, or
to detect bots that are improperly programmed.</p>
<p>Automatically-generated log files are deleted every 48 hours,
though in some cases, the administrators can choose to keep some log
files, such as in the case of an outage or attack on vern
infrastructure.</p>
<h2>To be used in aggregated and anonymized statistics</h2>
<p>Some services might provide a set of anonymized statistics to the
public in which case your information might be used but anonymized
later.</p>
<h1>How do we protect your personal information?</h1>
<p>Vern employs a variety of security measures to protect personal
information from being breached by crackers or malicious actors. These
measures include hashing or encryption, containerization and other
industry-standard measures.</p>
<h1>What is our data retention policy?</h1>
<p>Automatically-generated log files or server logs are deleted every
48 hours but in some cases might be kept for longer to investigate
malicious behavior as outlined above.</p>
<p>Information that you provide to vern might be stored indefinitely
or as long as vern survives, unless you personally delete it yourself
or request vern to delete it.</p>
<h1>Do we use cookies and other technologies?</h1>
<p>Yes. Some services on vern use cookies to store your preferences or
to see if you are logged in, these cookies do not store any
personally-identifiable information in most cases.</p>
<h1>Is information shared to other third-parties?</h1>
<p>Some vern services are federated, meaning that any messages, chats,
account data and the like are shared with any similar servers,
examples include the Matrix chatting service and Mastodon
social-networking service, these services can share your messages,
chats and other data to third-party servers which vern does not
control. However, in most cases, this information is not personal.</p>
<p>Other vern services do not share your information with
third-parties. It's important that we distinguish between personal
information and regular information. No vern service will ever share
your personal information with any third-parties.</p>
<p>We care about your privacy!</p>
<h1>What are my rights?</h1>
<h2>Your rights under the GDPR</h2>
<p>If your area has enacted the General Data Protection Regulation or
similar law or regulation then you have the following rights:</p>
<ul>
<li>The right of access</li>
<p>The right of access ensures you are allowed to know what personal
information vern has collected, stored or recorded about you.</p>
<li>The right to rectification</li>
<p>The right to rectification means that you are allowed to change any
personal information about you on vern services that you see as
invalid, false or misleading</p>
<li>The right to erasure</li>
<p>The right to erasure means that any personally-identifiable
information that vern has collected, stored or recorded about you
will be deleted in up to 96 hours after the initial request. Note that
you will have to provide us with some personal information that we can
go search for and delete.</p>
</ul>
<p>There are other rights but these cannot be exercised or used on
vern services for various reasons including that vern does not
discriminate based on personal information or use automated
processing.</p>
<p>To exercise your GDPR rights, send an email to legal@vern.cc</p>
<h2>Your rights under the CCPA</h2>
<p>You have the following rights as a Californian citizen under the
California Consumer privacy act:</p>
<ul>
<li>The Right to Know</li>
<p>The right to know ensures you are allowed to know what personal
information vern has collected, stored or recorded about you.</p>
<li>The Right to Delete</li>
<p>The right to delete means that any personally-identifiable
information that vern has collected, stored or recorded about you will
be deleted in up to 96 hours after the initial request. Note that you
will have to provide us with some personal information that we can go
search for and delete.</p>
</ul>
<p>There are other rights but these cannot be exercised or used on
vern services for various reasons including that vern does not
discriminate based on personal information or use automated
processing.</p>
<p>To exercise your CCPA rights, send an email to legal@vern.cc</p>
<h2>Your rights everywhere else</h2>
<p>Vern believes that every individual deserves these three universal
rights regarding data protection, we do not believe that certain areas
deserve more priority or that certain areas get to have privacy rights
and others do not.</p>
<p>Here are your rights regarding privacy on vern services:</p>
<ul>
<li>The Right to be forgotten</li>
<p>The right to be forgotten means that any personally-identifiable
information that vern has collected, stored or recorded about you will
be deleted in up to 96 hours after the initial request. Note that you
will have to provide us with some personal information that we can go
search for and delete.</p>
</ul>
<p>To exercise these rights, send an email to deletion@vern.cc</p>
<!--#include file="footer.cgi" -->
</body>
</html>