| Both sides previous revision Previous revision Next revision | Previous revision |
| about:privacy_policy [2022/12/04 18:12] – ↷ Page moved from community:draft:privacy_policy to about:privacy_policy dreadpir8robots | about:privacy_policy [2022/12/04 20:28] (current) – dreadpir8robots |
|---|
| ====== Privacy Policy ====== | ====== Privacy Policy ====== |
| This privacy policy is effective December 4, 2022. | The privacy policy is posted at https://infosec.exchange/terms and was developed with by [[:about:admin|@jerry]] with [[https://infosec.exchange/@jerry/109406112992857477|significant community feedback]]. |
| |
| ===== Overview ===== | The policy is effective December 4, 2022. |
| Infosec.Exchange iS a service running the [[https://docs.joinmastodon.org/|Mastodon]] software and is part of a federated network of servers called the fediverse. Infosec.Exchange is intended to facilitate a community around the information security discipline, as well as those who are interested in security. You can reach us by contacting support@infosec.exchange if you have any questions, need to submit a request, want to file a complaint, or otherwise have thoughts. We are also reachable on Infosec.Exchange using the username @support@infosec.exchange. | |
| |
| Please note that the following information only pertains to the Infosec.Exchange service. Access to the Infosec.Exchange service through 3rd party apps may have additional data privacy terms. Infosec.Exchange does not control or manage any 3rd party apps. Contact the manufacturer of such apps for additional information. | The changes which took place during its development are visible in the ''Old revisions'' history for this page. |
| | |
| ===== TL;DR ===== | |
| | |
| Infosec.Exchange is a social media service designed to let you communicate with others. It processes basic personal information required to deliver the service. Your interactions with the site are temporarily recorded in system logs. Infosec.Exchange requires a password and email address for the purpose of authenticating that you are the legitimate owner of your account. Infosec.Exchange uses authentication cookies that enable you to use the service. Infosec.Exchange will send emails upon registration and at other times as requested by you. The data you post or upload to Infosec.Exchange remains available in the service until you delete it. Personal information that you post will, by design, propagate out to other fediverse instances that Infosec.Exchange does not and cannot control. Due to the public nature of information posted to Infosec.Exchange, this service is not appropriate for processing highly sensitive personal information. This site uses reasonable security measures to protect data stored in the service. | |
| | |
| Infosec.Exchange does not sell or account data to 3rd parties. Due to the open nature of fediverse software, such as Mastodon used by Infosec.Exhcange, 3rd parties may be able to scrape or collect publicly available information from APIs. Additional information may be found [[https://docs.joinmastodon.org/|here]]. | |
| | |
| ===== Cookies ===== | |
| IE stores a session-based cookie ‘mastodonsession’ with an identifier in the browser of unregistered and registered site visitors until the browser is closed. This is done to ensure a secure (https) connection and allow general functionality on the site. | |
| | |
| For registered users, the cookie ‘sessionid’ stores your logged in status until you logout. This cookie is stored for a year. These cookies are strictly necessary for the site to function properly. | |
| | |
| IE will also process push notification, popups, and redirects based on your preferences (by clicking Allow/Accept). You can disable these by clicking on the padlock icon at the top of your browser and deselecting these features. | |
| | |
| IE processes the following types of personal data: | |
| | |
| * Registered user information: email address, userid, password, IP address, metadata, subscriptions, and server preferences. | |
| * Profile information: profile picture, bio, display name, profile metadata/hashtags (which may infer details about our users). | |
| * Follower and following information: For registered users on IE, this includes information about the user's followers and who the user is following. In some cases, this information may include the name, email/contact information (if optionally provided in the public profile description), instance ID, and other profile information as well as publicly-shared posts of follower/following users. | |
| * Content: Posts/toots, DMs, likes, & boosts that are accessible via ActivityPub. | |
| * Website Visitors: IP address, metadata. | |
| * Metadata: Information about the browser or system used to connect to IE, your machine's operating system, display resolution, web browser and browser version, date of access to the website, and details your logged-in sessions. If you email us, we may also see email header information. | |
| | |
| Note: Infosec.Exchange administrators do have the ability to access any content you publish through IE, including private or direct messages (DMs). DMs are recorded temporarily in our application logs and stored in our database until deleted by the user. We have access to the database and logs. DMs will only be read for the purpose of debugging technical issues with the site or in response to a complaint of a rule violation involving DMs or because of a valid court order. | |
| | |
| Just to be safe, avoid sharing sensitive information via DMs. Use Signal, email, or some other encrypted channel. | |
| | |
| ===== Purposes for processing data ===== | |
| | |
| The personal data described above is required to make the service work. | |
| | |
| Registered user information is necessary to provision and administer accounts. | |
| | |
| Profile information is provided by you and can be as much or as little as you desire. The same goes for follower/following information and content. If you include sensitive or special category data in your profile information, such as details about your race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or health information, or details about your sexual orientation or sex life, you are, legally-speaking, manifestly making this information public, which is a very lawyerly way of saying “it’s on you.” The service is designed to share that data freely. | |
| | |
| IP address and other machine identifiers are collected by default by Infosec.Exchange, for the purposes of allowing mods to block/disable access to instances, detecting and responding to security incidents, rendering the site properly on different devices, and to facilitate the connectivity that allows the site to operate across the internet. | |
| | |
| Because the Fediverse (including other instances of Mastodon, and related platforms) is, in effect, a network of independently operated databases sharing data with one another, personal data is stored in databases (both a Postgres database that we control on Hetzner, and other databases controlled by other instance admins). | |
| | |
| Some information (such as user access, registration, errors, etc.) are also stored in separate Linux system logs. These logs serve the purpose of maintenance and security of the server and are removed after 4 weeks. | |
| | |
| ===== Legal basis for processing data ===== | |
| | |
| We rely on consent obtained by the user's (third-party) ActivityPub service for processing follower information, posts, DMs, likes, & boosts. We also rely on your consent granted when you create an account, update your profile, post, contact us via the support@infosec.exchange email address or follow users on this instance. | |
| | |
| In the unlikely event that you do something that violates the [[rules: start|site rules]], we rely on legitimate interests for subsequent processing (i.e., account suspension, deletion, or if necessary, reporting to authorities). If we are served with a legal order requiring us to provide information relating to you in connection with suspected or alleged misuse of the service, we will validate the legitimacy of the order prior to complying with it. In most instances, we will comply with valid legal orders, and our lawful basis will be the necessity to comply with a legal obligation. In exceptional circumstances, we reserve the right to seek the aid of legal defense to challenge the order. | |
| | |
| Please don't let it come to that. | |
| | |
| We rely on contractual necessity and legitimate interests to host this instance and deal with emails. We have a standard hosting agreement in place with Hetzner for hosting in Germany and Finland. | |
| | |
| ===== Retaining your data ===== | |
| | |
| In the Preferences section of your account, you can set an automatic deletion period for your posts, likes, and boosts. This will delete posts from your home instance. However, if your posts have been copied, liked, or boosted by other users onto other instances, your deletion preferences may not always be honored by the administrators of other instances which may have received a copy oy of your posts or profile information. | |
| | |
| Similarly, if you have a DM conversation with a user on another instance, and you delete your DM records, this does not necessarily delete the record of the conversation held by the other user. | |
| | |
| Infosec.Exchange stored profile information, likes, boosts, posts, images, and DMs in a database and in backups. Infosec.Exchange does not disable or remove accounts after a period of inactivity, so if you create an account here, it will remain on in our database, along with the aforementioned data, until: | |
| * you choose to delete it; | |
| * we delete the account manually; | |
| * we delete the instance; | |
| * something really bad happens that causes data loss | |
| | |
| Log data produced by the Mastodon software and the Nginx web servers contain IP address information, timestamps, and other telemetry about your connection and session typically seen in Linux syslog, access.log, and error.log files. The Infosec.Exchange server automatically purges logs after 4 weeks to make optimal use of server space. Log information is not backed up. | |
| | |
| ===== Exercising your rights ===== | |
| | |
| All rights can be directly exercised through the IE service, including: | |
| * Correcting your profile information, posts, DMs and so on. You can also change your profile information directly at any time by going to Settings -> Profile and making changes there. | |
| * Requesting a copy of the data stored about you. In terms of the right of portability, you can download your data as .json and .csv files by going to Settings --> Import/Export --> Data Export and downloading your data. It's probably a good idea to do this periodically. Further information is available [[https://docs.joinmastodon.org/user/posting/#privacy|here]]. | |
| * Implementing limits of who can view certain aspects of your profile and post data. Further information is available [[https://docs.joinmastodon.org/user/moving/#delete|here]]. | |
| * Deleting your account and all information it contains. Further information is available [[https://docs.joinmastodon.org/user/moving/#delete|here]]. | |
| * In the event you have technical difficulties with the above self-directed facilities, you may contact us for assistance by sending an email to support@infosec.exchange. | |
| * Depending on where you reside, you may also have the right to lodge a complaint with a Supervisory Authority. | |
| | |
| ===== Data Protection Measures ===== | |
| | |
| Other than personal data intended for public consumption, such as profile information and posts, personal data processed by IE is accessible only to authorized administrators and moderators by means of logical access controls. In addition to limited access, the following additional security measures are in place: | |
| | |
| * strong, robust identity management & authentication, including 2FA for our hosted instance and email; | |
| * reasonable security hardening of Postgres database, Nginx web servers, and other Mastodon software components; | |
| * daily, redundant backups of instance data; | |
| * encryption in transit (TLS 1.1-1.3, via LetsEncrypt); | |
| * regular security patching | |
| * firewall software | |
| | |
| | |
| | |
| The infrastructure used to host Infosec.Exchange is located in Germany and in Finland at Hetzner facilities. Hetzner is responsible for physical security, power, cooling, hardware support, network and internet connectivity. The geographical location of these hosting services and data backups are subject to change. Notice of such changes will be posted to the @support@infosec.exchange account. The administrators and moderators of Infosec.Exchange are located throughout the world, including the USA, UK, and Australia. The geographical location of administrators and moderators are subject to change without notice, however, will not include countries embargoed by the US government. | |
| | |
| By posting, your profile information and your content is available globally, so please think twice before posting anything personal, and especially before posting the personal data of anyone else! | |