<!DOCTYPE html>
<html>
<head>
<title>Blërg Data and Privacy Policies</title>
<link rel="stylesheet" href="/css/doc.css">
</head>
<body>

<a name="privacy_policy">
<h1>Blërg Privacy Policy</h1>
</a>

<h2>Blërg Doesn't Want Much Data</h2>

<p>Blërg collects only the data necessary to create an account (username
and password), any data submitted via posting, and associations between
accounts for the purpose of "subscribing" to another account.  HTTP logs
which contain your IP address, browser agent string, and any URLs
visited as a consequence of using Blërg are kept for seven days then
deleted.

<h2>Blërg Doesn't Want To Use Your Data</h2>

<p>User data is used only for the purposes of operating the site, i.e.
to show your posts to the world.  We don't share your data with anyone
through any other channels.

<a name="data_policy">
<h1>Blërg Data Policy</h1>
</a>

<h2>Blërg Doesn't Forget</h2>

<p>There is currently no way to delete data on Blërg, so any information
you post may exist on Blërg forever.  Be careful what you post.

<h2>Blërg Isn't That Secure</h2>

<p>Currently, all data transmitted to Blërg, including your username and
password, are transmitted over unencrypted HTTP.  It is entirely
possible for someone to view data you submit while it is in transit.  We
recommend that you don't use the same password on Blërg as you use
elsewhere (but that's just good password policy).

<p>Passwords are hashed server-side with <a
href="https://www.tarsnap.com/scrypt.html">scrypt</a> with
N=2<sup>14</sup>, r=8, p=1.

</body>
</html>