--- /dev/null
+<!DOCTYPE html>
+<html>
+<head>
+<title>Blërg Data and Privacy Policies</title>
+<link rel="stylesheet" href="/css/doc.css">
+</head>
+<body>
+
+<a name="privacy_policy">
+<h1>Blërg Privacy Policy</h1>
+</a>
+
+<h2>Blërg Doesn't Want Much Data</h2>
+
+<p>Blërg collects only the data necessary to create an account (username
+and password), and any data submitted via posting. HTTP logs which
+contain your IP address, browser agent stringand any URLs visited as a
+consequence of using Blërg are kept for seven days then deleted.
+
+<h2>Blërg Doesn't Want To Use Your Data</h2>
+
+<p>User data is used only for the purposes of operating the site, i.e.
+to show your posts to the world. We don't share your data with anyone
+through any other channels.
+
+<a name="data_policy">
+<h1>Blërg Data Policy</h1>
+</a>
+
+<h2>Blërg Doesn't Forget</h2>
+
+<p>There is currently no way to delete data on Blërg, so any information
+you post may exist on Blërg forever. Be careful what you post.
+
+<h2>Blërg Isn't That Secure</h2>
+
+<p>Currently, all data transmitted to Blërg, including your username and
+password, are transmitted over unencrypted HTTP. It is entirely
+possible for someone to view your credentials in transit. We recommend
+that you don't use the same password on Blërg as you use elsewhere (but
+that's just good password policy).
+
+<p>Passwords are hashed server-side with <a
+href="https://www.tarsnap.com/scrypt.html">scrypt</a> with
+N=2<sup>14</sup>, r=8, p=1.
+
+</body>
+</html>
projects / blerg.git / blobdiff