From 52e09e8b54918eeb045ad0c1faa72154073c4363 Mon Sep 17 00:00:00 2001 From: Chip Black Date: Thu, 30 May 2013 18:54:04 -0500 Subject: [PATCH] Clarify privacy/data policies --- www/doc/privacy_data.html | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/www/doc/privacy_data.html b/www/doc/privacy_data.html index df2f65a..1b27d9e 100644 --- a/www/doc/privacy_data.html +++ b/www/doc/privacy_data.html @@ -13,9 +13,11 @@

Blërg Doesn't Want Much Data

Blërg collects only the data necessary to create an account (username -and password), and any data submitted via posting. HTTP logs which -contain your IP address, browser agent stringand any URLs visited as a -consequence of using Blërg are kept for seven days then deleted. +and password), any data submitted via posting, and associations between +accounts for the purpose of "subscribing" to another account. HTTP logs +which contain your IP address, browser agent string, and any URLs +visited as a consequence of using Blërg are kept for seven days then +deleted.

Blërg Doesn't Want To Use Your Data

@@ -36,9 +38,9 @@ you post may exist on Blërg forever. Be careful what you post.

Currently, all data transmitted to Blërg, including your username and password, are transmitted over unencrypted HTTP. It is entirely -possible for someone to view your credentials in transit. We recommend -that you don't use the same password on Blërg as you use elsewhere (but -that's just good password policy). +possible for someone to view data you submit while it is in transit. We +recommend that you don't use the same password on Blërg as you use +elsewhere (but that's just good password policy).

Passwords are hashed server-side with scrypt with -- 2.25.1