KDE UserBase Wiki:Privacy policy

From KDE Wiki Sandbox
Revision as of 16:59, 20 June 2011 by FuzzyBot (talk | contribs) (Updating to match new version of source page)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

The Scope of this Document

This document addresses the use and retention of personally identifiable information on the UserBase website.

On the Nature of the UserBase Wiki

Any registered user gains the right to edit content, discussion pages, and user pages, including those of other users. It is expected that those rights will not be abused, and any such abuse will lead to the perpetrator losing all edit rights.

UserBase is a public wiki. Any content submitted to UserBase is subject to the Creative Commons Share-Alike license, and the Gnu Free Document License. Links are provided on each page to the full text of the licenses. The authors of any edit, contribution, correction etc. are publicly identifiable and may be contacted by any other registered user.

User Accounts

UserBase may be read by any member of the public, without the creation of a registered account. Contribution in any form does, however, require the user to have a registered account. Registered users have a sidebar link to several Preferences pages. On the first page there is a field for entering an email address. This is optional, but it is recommended that you do enter one, as it may be impossible for us to help with a lost password if you do not. Your email address is not publicly viewable. Pages other than the first one are mainly for display preferences and should be browsed at your leisure.

In order to contact another user you should use the user's Talk page. This ensures that both of you are addressed only by your UserBase username.

From time to time users will be granted extra rights by associating them with a user group. As an example, a potential translator needs to request to be added to the Translator group. Without that he cannot access the translation system.

Collection and Retention of Personally Identifiable Information

The Purpose of Collecting Personally Identifiable Information

Personally Identifiable Information is collected for the security and smooth running of UserBase. Examples of the use of this information includes, but is not limited to

  • Public Accountability. When a user registers an account, no check is made regarding the identity of the user. In the case of a serious abuse occurring it is necessary that mechanisms exist for the investigation of the event.
  • To provide statistics. In order to ensure smooth running mechanisms exist for statistics to be gathered from the raw logs of accesses. Information from those logs is not made public.
  • To investigate technical problems. Raw logs may be examined by the system administrators when investigating any technical problem, including tracking down badly-behaved web-spiders.

Every effort is made protect personal information, but it is the user's responsibility to consider any possible consequence of information entered on the site. It should also be noted that before the introduction of the requirement to register in order to edit, any user editing without logging in was identified by his IP address, which is publicly viewable in the edit histories.

Retention of Personally Identifiable Information

IP and other technical information

In the course of any contribution the IP address of the editor is securely registered on the server. It is expired after a fixed period. There is no public access to that information.

Cookies

If your browser allows it cookies may be set either as session cookies or to maintain logged in status. Users are reminded that if they save a username and password in a browser, that information will be available for use for up to 30 days. Any contributor using a public machine is advised to clear all such cookies and browser caches.

Page History

All edits, contributions and translations are normally retained indefinitely and can be viewed in the Page History. Deleting a page hides it from view, but users in the higher levels of access groups will still be able to access the information. Permanent deletion will normally only occur when required by law.

User Contributions

UserBase offers RSS and Atom aggregation feeds. Aggregation is made according to the user's registration and login status. Other information regarding user contribution, such as the number of edits made, is publicly available in the User Contributions list on Special Pages.

When Reading UserBase

UserBase securely logs accesses in the same way as other websites. That information is not publicly available.

When Editing or Translating Pages

The IP address of a contributor is stored for a time on the server. While system administrators can view that information it is not publicly available.

Discussions

On UserBase Discussion pages

Discussions normally take place either on user talk pages (associated with a user's personal page) or on talk pages associated with a page. Only your username is publicly visible although the server logs will have a record of your entry. Such discussions are controlled by the same privacy rules as other pages.

By email

It is possible to email a user. If you do, your email address will be visible to him. The recipient's email address will not be shown to you. By its nature such an exchange will be outside of UserBase and will not be governed by the site's privacy policy.

On IRC

You may request help on IRC channels, specifically on irc.freenode.net#kde-www. Such conversations are outside of UserBase's control and are not covered by this privacy policy. Be aware that in some circumstances your IP address may be visible to other users.

Access to and Release of Personally Identifiable Information

UserBase is run by volunteers, a small number of which have privileged access rights. Should you need to contact one of those at any time you are advised to consult Special:ListGroupRights. Access to personally identifiable information is limited to users with a high level of access rights.

Policy for Release of Personally Identifiable Information

Data not publicly available may be released by those with high access rights in any of the following circumstances:

  • In response to a valid order from a legal entity
  • At the request of, or with the permission of the owner of the information
  • When necessary for the investigation of abuse complaints
  • Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues,
  • Where there has been persistent vandalism, abuse or disruptive behaviour, information may be released to a service provider or carrier with a view to requesting a targeted IP block or initiating other complaints procedures.
  • Where there is a threat to the rights, property or safety of UserBase, its users or the public.

Except as described here, it is the policy that personally identifiable information will not be released.

Third Party Access and the User's Rights

Should UserBase administrators receive a valid compulsory order from a law enforcement agency the administrators will attempt to reach the user in question by email to an address provided in the User Preferences page to notify him. This will normally happen within three business days of receipt of the order.

UserBase administrators would be compelled to comply with such an order, and cannot advise a user in such a case. However, the user would have the right to resist by filing a motion to quash the order. In that case legal advice should be sought. In this situation, UserBase administrators, on receipt of a court-filed motion to quash the order, would release no information until an order from the court to do so is received.

Users are not obliged to supply an email address. It should be noted that if no address is provided, it will not be possible to follow this procedure of notification.

Disclaimer

The administrators of UserBase respect your privacy, and every care is taken to protect it. However it is impossible to guarantee that user information will remain private. Access by unauthorized agencies may be possible despite all our efforts to protect your data. It is the responsibility of the user to consider the consequences of such unauthorized access.

In cases of conflicting information between a translated version of this page and the original version in the English language, the English version will take precedence over the translated version.