gravel
/
sessioncommunities.online
mirror of https://codeberg.org/gravel/sessioncommunities.online
1
0
Fork 0
Code Issues 2 Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
dev
listing-provider
parallel-fetching
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '372384e098'
${ noResults }
sessioncommunities.online/sites/privacy.php

112 lines
5.5 KiB
PHTML
Raw Normal View History Unescape Escape

Add privacy and donation pages
2 years ago
<?php
/*
If you're hosting your own version of the site, please replace this file!
*/
$HIGHLIGHTED_FIELDS = ["ip", "datetime", "resource", "status", "bytes", "referer", "user-agent"];
?>
<!DOCTYPE html>
<html lang="en">
<head>
<?php include "+components/page-head.php" ?>
<link rel="canonical" href="https://sessioncommunities.online/privacy.html">
<title>Privacy — sessioncommunities.online</title>
<meta name="description" content="Read what data sessioncommunities.online collects">
<meta property="og:title" content="sessioncommunities.online — Privacy">
<style>
* { box-sizing: border-box; }
html { color: white; background-color: black; font-size: clamp(16px, 2vw, 24px); width: 100%; }
body { margin: 0; padding: 2rem; width: 100%; line-height: 1.5; }
Styling
2 years ago
a { color: hsl(210, 100%, 60%); }
Add privacy and donation pages
2 years ago
pre, .code { background-color: #222; font-size: 0.9rem; white-space: break-spaces; overflow: auto; }
pre { padding: 1em; }
.code { padding: 0.1em 0.25em; }
input { display: none; }
label, label a { text-decoration: underline dotted white 1px; text-underline-offset: 0.2em; }
<?php foreach ($HIGHLIGHTED_FIELDS as $field): ?>
#show-<?=$field?>:hover ~ :is(p, pre) :is(label[for="show-<?=$field?>"], label[for="show-<?=$field?>"] *),
<?php endforeach; ?>
:not(*) { color: red; }
</style>
</head>
<body>
<h1>Privacy</h1>
<marquee><h2>"We care about your privacy." — Abraham Lincoln</h2></marquee>
<p>We don't <strong>make an effort</strong> to collect any data from you.<p>
<p>What we <strong>do</strong> have is automatic server logs (<em>which most sites can't be bothered to de-identify anyway</em>).</p>
<p>Server logs look like this: (<em>Hover for details</em>)</p>
<?php foreach ($HIGHLIGHTED_FIELDS as $field): ?>
<input type="checkbox" id="show-<?=$field?>">
<?php endforeach; ?>
<pre><label for="show-ip" title="De-identified IP address">155.71.106.0</label> - - <label for="show-datetime" title="Time of visit">[27/Jan/2041:14:05:22 +0000]</label> <label for="show-resource" title="Requested resource and method">"GET / HTTP/2.0"</label> <label for="show-status" title="Status returned by the server">200</label> <label for="show-bytes" title="Size of server response">41322</label> <label for="show-referer" title="Site which referred the user to us">"https://duckduckgo.com/"</label> <label for="show-user-agent" title="User Agent Header">"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36"</label></pre>
<p>
In other words, they contain the visiting
<label for="show-ip"><a target="_blank" href="https://en.wikipedia.org/wiki/IP_address">IP address</a></label>
(we de-identify those by setting the last octet to zero),
<label for="show-datetime">time of visit</label>,
<label for="show-resource">resource requested</label> (<span class="code">/</span> stands for "main page"),
<label for="show-status"><a target="_blank" href="https://en.wikipedia.org/wiki/List_of_HTTP_status_codes">HTTP status code</a></label>,
<label for="show-bytes"># of bytes transferred to user</label>,
<label for="show-referer"><a target="_blank" href="https://en.wikipedia.org/wiki/HTTP_referer">Referer</a></label>
(usually the site you came from),
and <label for="show-user-agent">
<a target="_blank" target="_blank" href="https://en.wikipedia.org/wiki/User-Agent_header#Use_in_client_requests">User Agent</a>
</label> (how your browser presents itself).
</p>
<p>
We also collect and retain error logs for 3 days, including a full IP address.
These are generated when our server has a wonderful day and shoots itself in the foot, and are not used for analytics.
</p>
<h2>Who has access to your data</h2>
<p>
Only <a target="_blank" href="https://codeberg.org/gravel/gravel">@gravel</a>, <a target="_blank" href="https://github.com/mdPlusPlus/">@SomeGuy</a> and the server provider have access to the server logs.
</p>
<p>
Whenever we feel like it (<em>legal terminology</em>), we share aggregate visitor data over a non-identifying time period with interested parties. Examples of aggregate visitor data: Total site visits, distribution of operating systems and browsers used to access our site, distribution of referer sites, and common failed requests (such as for unsupported standards).
</p>
<h2>What requested resources tell us about you</h2>
<p>
Normally, using requests for Community icons and QR codes,
we could track each time a user opened a Community details modal for the first time (in a given cache period)
and deanonymize users joining Communities.
However, we blind ourselves to this information by requesting all Community icons and QR codes when the page loads.
These resources are then cached in your browser and don't trigger additional requests when you view a Community's details.
</p>
<p>
We refresh the cache periodically to ensure that this protection does not expire following the 1 hour cache period.
Unfortunately, this also means we get a ping for each hour you leave the site open.
</p>
<p>
<strong>If you've disabled JavaScript</strong>, protections against opening modals are not needed;
however, we log requests to QR codes when they are opened in a new tab.
</p>
<h2>Cookies</h2>
<p>We don't use 'em. <a href="./donate.html" style="text-decoration: inherit; color: inherit;">🍪</a></p>
<hr>
<h2>So, you scrolled all the way down here.</h2>
<p>The cookie emoji will take you to the donation page. Try it!</p>
</body>
</html>