X-Git-Url: http://git.bytex64.net/?a=blobdiff_plain;ds=sidebyside;f=www%2Fdoc%2Fprivacy_data.html;h=1b27d9e5199a8520bfbce8af427c19787c781c9c;hb=b45a695b93c2c356e1e68153268d2d1dd3fb7165;hp=df2f65a68c14105d77860b5f5289cbdd8f328c0e;hpb=9cdf4e17bc5abb6eef351c6b7298f91a181164f0;p=blerg.git diff --git a/www/doc/privacy_data.html b/www/doc/privacy_data.html index df2f65a..1b27d9e 100644 --- a/www/doc/privacy_data.html +++ b/www/doc/privacy_data.html @@ -13,9 +13,11 @@
Blërg collects only the data necessary to create an account (username -and password), and any data submitted via posting. HTTP logs which -contain your IP address, browser agent stringand any URLs visited as a -consequence of using Blërg are kept for seven days then deleted. +and password), any data submitted via posting, and associations between +accounts for the purpose of "subscribing" to another account. HTTP logs +which contain your IP address, browser agent string, and any URLs +visited as a consequence of using Blërg are kept for seven days then +deleted.
Currently, all data transmitted to Blërg, including your username and password, are transmitted over unencrypted HTTP. It is entirely -possible for someone to view your credentials in transit. We recommend -that you don't use the same password on Blërg as you use elsewhere (but -that's just good password policy). +possible for someone to view data you submit while it is in transit. We +recommend that you don't use the same password on Blërg as you use +elsewhere (but that's just good password policy).
Passwords are hashed server-side with scrypt with