Tardis:Privacy policy: Difference between revisions

From Tardis Wiki, the free Doctor Who reference
m (update name)
Line 36: Line 36:
You may provide your email address in your Preferences. The email address may be used by Tardis Wiki to communicate with users on a wider scale.
You may provide your email address in your Preferences. The email address may be used by Tardis Wiki to communicate with users on a wider scale.


If you do not provide an email address, you will not be able to reset your password if you forget it. However, you may contact one of the server administrators to enter a new email address in your preferences provided that you have authenticated using Two Factor Authentication on the wiki or by wiki-bot on the Discord server. You can remove your email address from your preferences at any time to prevent it from being used.
If you do not provide an email address, you will not be able to reset your password if you forget it. However, you may contact one of the System Administrators to enter a new email address in your preferences provided that you have authenticated using Two Factor Authentication on the wiki or by wiki-bot on the Discord server. You can remove your email address from your preferences at any time to prevent it from being used.


==User Internet Protections==
==User Internet Protections==

Revision as of 00:47, 25 February 2024

WELCOME TO TARDIS WIKI! THIS IS OUR PRIVACY POLICY. OUR TERMS OF SERVICE INCLUDING ALL OF ITS DEFINITIONS ARE INCORPORATED BY REFERENCE INTO THIS PRIVACY POLICY.

If you read content from Tardis Wiki, no more information is collected than is typically collected in server logs by web sites in general. If you contribute to Tardis Wiki, you are publishing every word you post publicly. If you write something, assume that it will be retained forever. This includes content pages, user pages, and talk pages. all information publicly posted or privately transmitted through the Services is the sole responsibility of the person from which such content originated. Tardis Wiki cannot guarantee the identity of any other users with whom you may interact in the course of using the Services.

By using this website, your IP address can be stored and processed for security reasons. Your Username, confirmed email, or IP address may be saved in the server log files, CMS log files, recorded in article history and stored in corresponding hosted wiki database, tracked in order to Roll back edits, used for Anti-Spam & Security purposes, sent to third party Anti-Spam & Security log files for processing, self hosted Analytics services [not currently applicable], third party Analytics services, third party Anti-Spam & Security services [not currently applicable], third party ad services [not currently applicable]. A confirmed email is required in order to edit; this is enforced for Anti-Spam and Security purposes.

Changes and Updates to this Privacy Policy

Tardis Wiki reserves the right to change, modify, add, or remove portions of this Privacy Policy at any time (for example to reflect updates to Tardis Wiki Services or to reflect changes in the law). Please check this Privacy Policy periodically for those changes. Your continued use of Tardis Wiki after the posting of changes constitutes your binding acceptance of such changes.

We will not materially change our policies and practices to make them less protective of personal information collected in the past under a prior version of the Privacy Policy without the consent of affected individuals

Server Logs

The only information that our servers automatically log is your IP address, current time in unix, operating system, browser, and the pages visited along with any actions performed.

Actions (edit, delete, protect, block, upload) that registered users perform are publicly logged, appear in Special:RecentChanges & Special:log, listed as a revision in the page's history and the user's contribution page (Special:Contributions/user).

System Administrators will not access the system logs unless actual disruptive activity occurs.

Log data may be examined by System Administrators in the course of solving technical problems and in tracking down malicious web spiders that overwhelm the site. IP addresses of users, derived either from those logs or from records in the database are frequently used to correlate usernames and network addresses of edits in investigating abuse of the site, including the suspected use of malicious "sockpuppets" (duplicate accounts where one person logs into Tardis Wiki under different names), vandalism, harassment of other users, or disruption of the site.

This system log data is treated as confidential and is not shared with other people. However, keep in mind that this information can be intercepted by services that come between the device you use to browse Tardis Wiki and our servers, such as a proxy server. To protect you from this, we use SSL encryption between your device and our servers to prevent someone from seeing the communication. We always encourage you to check that the connection is secure and that your browser does not alert you of any certificate error.

Collection of Personal Information

The only personal information collected automatically by the software used by this Site are your IP address and email. There is strict access to your IP and email, only system administrators will have access. If you are unwilling to have your IP tracked; please do not edit, continue to maintain a registered account, or continue to visit this Site.

If you do not register an account, there is no necessity to accept cookie requests from this Site.

If you learn that Tardis wiki is collecting data beyond the scope of this privacy policy or in violation of the law, please discontinue using the wiki and inform system administrators immediately.

IP Address

Contributions/Edits by unregistered users or users who are not logged in will show the IP address in the page history of the article they edited, and also in other places on the Site, including watchlists and recent changes, and in any external feeds made of such pages.

Email

During user registration, emails will undergo a validation check. Email confirmation is required to edit for Anti-Spam and Security purposes.

You may provide your email address in your Preferences. The email address may be used by Tardis Wiki to communicate with users on a wider scale.

If you do not provide an email address, you will not be able to reset your password if you forget it. However, you may contact one of the System Administrators to enter a new email address in your preferences provided that you have authenticated using Two Factor Authentication on the wiki or by wiki-bot on the Discord server. You can remove your email address from your preferences at any time to prevent it from being used.

User Internet Protections

  • Right to be safe within our platform: Code of Conduct policy enforcement
  • Right to be Forgotten: removal of username from article history, forum posts, public logs; account removal
  • Informed of any cookies or trackers that collect data: users will be alerted of unauthorized account intrusions
  • Ensuring user data is correct and accurate
  • Informed when change of ownership occurs
  • Informed of how user data is used and the scope: see E-Privacy, GDPR, CCPA compliance procedures listed below
  • Informed when security breach occurs
  • Informed when a warrant is issued - see our warrant canary

Links to other websites

Tardis Wiki may contain links to other sites that are not owned or controlled by Tardis Wiki. Please be aware that Tardis Wiki is not responsible for the privacy practices of such other sites. We encourage you to be aware when you leave our Site and to read the privacy statements of each and every website that collects personally identifiable information.

Data Security

Tardis Wiki uses a variety of managerial, technical, and physical measures to protect the integrity and security of your information. These measures may vary based on the sensitivity of your information. However, no security precautions or systems can be completely secure. We cannot ensure or warrant the security of any information you transmit to Tardis Wiki, and you do so at your own risk. We cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

Tardis Wiki will not sell or share private information, such as email addresses, with third parties, unless you agree to release this information, or it is required by law to release the information.

  • Data Access to user accounts is strictly controlled when using anti spam & vandalism tools.
  • Access to data storage is strictly controlled to only trusted System Administrators.

Access of Personal Information

The tools and tactics used by system administrators will be kept confidential for operational security purposes, these tools are designed to prevent data retention or to allow examination of results from past queries and all users who have access are strictly prohibited from logging personal information.

The information accessed will consist of IP address, Geo Location, and email to coordinate similarities to kick troublemakers off the Site. Repeat offenders will however be closely tracked to prevent damage on the Site. It is the policy of Tardis Wiki that personally identifiable data collected in the server logs, or through records in the database, may be released by the system administrators, in the following situations:

  1. In response to a valid subpoena or other compulsory request from law enforcement
  2. With permission of the affected user
  3. Tardis Wiki administrators, their legal counsel, or their designee, when necessary for investigation of complaints
  4. Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues
  5. Where the user has been vandalizing articles or persistently behaving in a disruptive way (including usage of sockpuppets), data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet service providers (ISP)
  6. Where it is reasonably necessary to protect the rights, property or safety of Tardis Wiki, its users or the public.

Tardis Wiki does not permit public distribution of such personal information under any circumstances, except as described above.

Access to Database

If the specialized tools used in security countermeasures (for spam, vandals, or disruptive users) fail, then Tardis Wiki administrators will request the system administrators to locate additional information such as looking up the user's email and or IP. The system administrators will then run the appropriate checks on the emails or IPs located. Very rarely will this event need to be considered and is a last resort.

Removal of Personal Information

Do not reveal personal or confidential information to other people. Be careful with the data you provide. Revealing your home address or phone number to a stranger can put your life at risk or expose you to being harassed. The ability to set gender and real name have been disabled per pre-emptive measures to prevent the data from being stolen if the database is ever breached. User to user email service is disabled as pre-emptive security measure to prevent private email harassment. If you accidentally revealed personal information, immediately notify Tardis Wiki staff to remove it from records.

Any content that is deemed unacceptable will be automatically suppressed on sight, during routine investigations, or the result of formal complaints.

EU Cookie Law's E-Privacy & General Data Protection Regulation (GDPR) & California Consumer Privacy Act (CCPA)

In regards to compliance with removal of personal data, the following is possible:

  • For changing of your username, request a rename by Tardis Wiki administrators
  • For removal of username or IP address from your contributions, request usage of suppression by Tardis Wiki administrators
  • For removal of your email, go to Special:Preferences and clear your email - editing will be disabled as a consequence
  • For deletion or closure of your account, request account deactivation by notifying Tardis Wiki administrators
  • Due to software limitations, Tardis Wiki staff is unable to provide you with a copy of your data to download nor is it possible at this current time to allow exporting it in a usable format.
    • If you have a need to remotely authenticate your account at an external wiki, please contact Tardis wiki staff.

System Administrators do not provide database or image dumps on request by individual users without a valid reason such as for community approved bot work.

Browser Cookies

A cookie is a small text file that is stored on a user's computer for record-keeping purposes. We do use session ID cookies and persistent cookies. A session cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. When you login you may select the "Remember me" check box to set a persistent cookie. Visiting will set a temporary session cookie whenever you visit the Site. If you do not intend to ever log in, you may deny this session cookie, but you cannot log in without it. It will be deleted when you close your browser session. You may clear persistent cookies after use if you are using a public machine and do not wish to expose your username to future users of the machine.

Tardis Wiki may have installed client side gadgets that utilize cookies for user convenience, if you enable these under Special:preferences then you grant consent for the cookie on basis of functionality and necessary. We have various extensions installed that may use functionality and necessary cookies, continued browsing or usage of these implies consent. No currently installed skin uses a cookie or tracker.

User Tracking

Tardis Wiki uses Google Analytics to track traffic as part of performance (statistical) reasons.

Third Party Services

Third party services can use Cookies to manage access to the website by their spam firewall, to secure and to protect this website from spam.

When you submit a user registration request or an edit POST request, your personal data will be stored in the wiki database such as your IP address, your e-mail, the modified article text with edit summary, text of your forum response or blog comment, and data of wikifarm form fields.

Solicitation

Requesting personal identifying information from other users is forbidden.

Doxing

It is prohibited to publish private personal information of third parties without their consent. If someone you once trusted was entrusted with personal information and they decide to attempt to blackmail or leak it to cause harm, Tardis Wiki administrators will immediately strike out any such content. The violating party will be given a block period proportional to the harm, repeated violations will result in account termination of the offending party. Any cases where this becomes a recurring problem, formal IP bans and tracking of username change requests will be initiated to allow for quick resolution.

This includes sharing real time or delayed location information for the purpose of stalking or encourage endangerment rising to the level of compromising physical safety.

  • This will be treated as stalking and harassment subject to server level IP ban

Security Notifications

You have the right to be notified of any security breach at Tardis Wiki which exposes your personal information. Tardis Wiki administrators will make public disclosures of security breaches that we uncover on the Site. If we determine that a breach of the Services has revealed personally identifiable information of a large number of users, Tardis Wiki will announce the issue by a notice on all wikis. If it is likely that your information has been hacked, and you have provided Tardis Wiki with your email, Tardis Wiki will send email notifications regarding the breach to you.

Formal Definitions

  • personal: your real name, address, phone number, email address, password, identification number on government-issued ID, IP address, user-agent information, credit card number.
  • sensitive: date of birth, gender, sexual orientation, racial or ethnic origins, marital or familial status, medical conditions or disabilities, political affiliation, and religion.


This policy was last updated 25/02/2024