From 5194d1ffcad0151d2e4c578812b196c29a6e5bc9 Mon Sep 17 00:00:00 2001 From: Open Terms Archive Bot Date: Wed, 20 Mar 2024 18:30:00 +0000 Subject: [PATCH] First record of ToS;DR Privacy Policy This version was recorded after extracting from snapshot https://github.com/OpenTermsArchive/tosdr-snapshots/commit/ba0c9180e75dd6f623a1bbc732b1c46a5ed0b6c6 --- ToS;DR/Privacy Policy.md | 58 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 ToS;DR/Privacy Policy.md diff --git a/ToS;DR/Privacy Policy.md b/ToS;DR/Privacy Policy.md new file mode 100644 index 00000000000..86402c7d570 --- /dev/null +++ b/ToS;DR/Privacy Policy.md @@ -0,0 +1,58 @@ +tosdr.org Privacy Policy +======================== + +We only use cookies to store your language, theme preferences or sessions and not any tracking technology. + +We anonymize all IP addresses in our nginx logs, but store them for up to 1 day in our Redis Ratelimiting server. + +Your IP address will temporarily be visible in to Netcup who provide infrastructure. + +We employ anonymized IP logging, this means nginx collects web requests but anonymizes IPs in the process. + +(Private IP used in the example below) + + 192.115.194.0 - - [01/May/2021:08:21:12 +0200] "GET /api/1/all.json HTTP/2.0" 200 753375 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0" "-" + +CODE + +Your IP may be stored temporarily in our Redis Cache in order to enforce rate limits. + +The only time your IP Address is stored in logs without any path or user agent is to block malicious IPs using fail2ban: + + log_format fail2ban '$remote_addr [$time_local] $status'; + +CODE + +For our assets such as logos, branding images we use a selfhosted S3: Minio. + +Our forum software is self hosted using Discourse + +### Nginx IP logging configuration + + map $remote_addr $ip_anonym1 { + default 0.0.0; + "~(?P(\d+)\.(\d+)\.(\d+))\.\d+" $ip; + "~(?P[^:]+:[^:]+):" $ip; + } + + map $remote_addr $ip_anonym2 { + default .0; + "~(?P(\d+)\.(\d+)\.(\d+))\.\d+" .0; + "~(?P[^:]+:[^:]+):" ::; + } + + map $ip_anonym1$ip_anonym2 $ip_anonymized { + default 0.0.0.0; + "~(?P.*)" $ip; + } + + log_format anonymized '$ip_anonymized - $remote_user [$time_local] ' + '"$request" $status $body_bytes_sent ' + '"$http_referer" "$http_user_agent"'; + log_format fail2ban '$remote_addr [$time_local] $status'; + access_log /var/log/nginx/access.log anonymized; + access_log /var/log/nginx/access-f2b.log fail2ban; + +CODE + +× \ No newline at end of file