NixNet/privacy-policy.md

35 lines
3.2 KiB
Markdown

---
layout: page
title: Privacy Policy
description: I encourage you to read the whole document. It's not particularly long or difficult to understand.
subtitle: What's being done with your data?
permalink: /privacy/
cover: /assets/posts/privacy.png
---
**Note:** new policies are being drafted that are specific to each service. The policy below generally applies to everything but check [the docs](https://docs.nixnet.services/Category:Privacy_policies) for individual policies. This change was made because I know some people only use this or that service and one general blanket policy doesn't quite cut it.
# Privacy Policy
This will hopefully be the briefest "legal" document you've ever read as well as the most readable. If you need additional information [let me know](/contact) and I'll add it.
## IP Address
Some applications (Gitea, Mumble, XMPP, and NixNet Mail) collect your IP when you register. At the moment, that information is kept indefinitely. However, I'm working on either completely disabling it or setting something up that will periodically delete stored IP addresses. When I do, this document will be updated accordingly.
If you don't want me to have that information to begin with, just use [Tor Browser](https://www.torproject.org/).
## Email Address
When you register for a service using an email address, that is obviously collected. You can control whether it's a real one or not. Even though I can see them for services like Gitea and Mastodon, I don't care and won't send you unsolicited mail.
**Note:** whatever address you use for git is visible in commits.
## Browser Fingerprint
Your web browser communicates uniquely identifying information to all websites it visits by allowing the site to know details about your operating system, browser information, plugins installed, fonts installed, screen resolution, and [much more](https://panopticlick.eff.org/). As far as I know, nothing collects or uses any of that information.
## Usage and storage of collected information
Whatever data is collected is stored on servers I have sole control over and it won't be shared with any third parties whatsoever.
# Exceptions
I do live in the US; I have two servers here, one in Finland, and another in Luxembourg. If, for whatever reason, I'm compelled by law enforcement to give up your email, IP address, or any other information, I will even though *I don't want to*. As such, I do whatever I can to make sure *I don't have that information*. If I don't have it, I can't share it.
# Recommendations
To mitigate invasions of privacy like this, use a throwaway email address for registration, such as one from [anonbox](https://anonbox.net/) if you want a temporary address or [cock.li](https://cock.li/) for something a bit more permanent. Also provide a [fake name](https://fakena.me/fake-name/) and use the service from behind [Tor](https://www.torproject.org/) or a VPN. Rather than a VPN, however, I *strongly* recommend using Tor across all devices. They have an [Android version](https://www.torproject.org/download/#android) now and there's another browser they recommend for iOS called [Onion Browser](https://apps.apple.com/us/app/onion-browser/id519296448). I don't use iOS so I can't say whether or not it's any good, just that the Tor Project recommends it.