Tardis:Privacy policy: Difference between revisions

From Tardis Wiki, the free Doctor Who reference
(removing irrelevant, there is no TOS)
m (spelling corrections)
Line 41: Line 41:
You may provide your email address later on in your [[Special:Preferences|Preferences]]. The email address may be used by Tardis Wiki to communicate with users on a wider scale (through an internal process).
You may provide your email address later on in your [[Special:Preferences|Preferences]]. The email address may be used by Tardis Wiki to communicate with users on a wider scale (through an internal process).


<div id=box>If you did not provide an email address, and have forgotten your password, you may still contact [[User talk:Tardis sysadmin|a system administrator]], or [[Tardis:Administrators|an active admin]], so that we can help you enter a new email address in your Preferences, provided that you have authenticated using Two Factor Authentication on the Wiki<!-- or by wiki-bot on the Discord server [not currently apicable]-->. You can remove your email address from your preferences at any time to prevent it from being used.</div>
<div id=box>If you did not provide an email address, and have forgotten your password, you may still contact [[User talk:Tardis sysadmin|a system administrator]], or [[Tardis:Administrators|an active admin]], so that we can help you enter a new email address in your Preferences, provided that you have authenticated using Two Factor Authentication on the Wiki<!-- or by wiki-bot on the Discord server [not currently applicable]-->. You can remove your email address from your preferences at any time to prevent it from being used.</div>


== User Internet Protections ==
== User Internet Protections ==
* Right to be safe within our platform: Code of Conduct policy enforcement;
* Right to be safe within our platform: Code of Conduct policy enforcement;
* Right to be Forgotten: removal of username from article history, forum posts, public logs; account removal;
* Right to be Forgotten: removal of username from article history, forum posts, public logs; account removal;
* Informed of any cookies or trackers that collect data: users will be alerted of unauthorised account intrusions;
* Informed of any cookies or trackers that collect data: users will be alerted of unauthorized account intrusions;
* Ensuring user data is correct and accurate;
* Ensuring user data is correct and accurate;
* Informed when change of ownership occurs;
* Informed when change of ownership occurs;
Line 72: Line 72:
# Tardis Wiki administrators, their legal counsel, or their designee, when necessary for investigation of complaints;
# Tardis Wiki administrators, their legal counsel, or their designee, when necessary for investigation of complaints;
# Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues;
# Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues;
# Where the user has been vandalising articles or persistently behaving in a disruptive way (including usage of [[T:SOCK|sockpuppets]]), data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet service providers (ISP);
# Where the user has been vandalizing articles or persistently behaving in a disruptive way (including usage of [[T:SOCK|sockpuppets]]), data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet service providers (ISP);
# Where it is reasonably necessary to protect the rights, property or safety of Tardis Wiki, its users or the public.
# Where it is reasonably necessary to protect the rights, property or safety of Tardis Wiki, its users or the public.


Line 78: Line 78:


=== Access to Database ===
=== Access to Database ===
If the specialised tools used in security countermeasures (for spam, vandals, or disruptive users) fail, then Tardis Wiki administrators will request the system administrators to locate additional information such as looking up the user's email and or IP. The system administrators will then run the appropriate checks on the emails or IPs located. Very rarely will this event need to be considered, as it is a last resort.
If the specialized tools used in security countermeasures (for spam, vandals, or disruptive users) fail, then Tardis Wiki administrators will request the system administrators to locate additional information such as looking up the user's email and or IP. The system administrators will then run the appropriate checks on the emails or IPs located. Very rarely will this event need to be considered, as it is a last resort.


== Removal of Personal Information ==
== Removal of Personal Information ==

Revision as of 02:29, 15 April 2024

WELCOME TO TARDIS WIKI! THIS IS OUR PRIVACY POLICY.

If you read content from Tardis Wiki, no more information is collected than is typically collected in server logs by web sites in general. If you contribute to Tardis Wiki, you are publishing every word you post publicly. If you write something, assume that it will be retained forever. This includes content pages, user pages, and talk pages. All information publicly posted or privately transmitted through the Services is the sole responsibility of the person from which such content originated. Tardis Wiki cannot guarantee the identity of any other users with whom you may interact in the course of using the Services.

By using this website, your IP address can be stored and processed for security reasons. Your Username, confirmed email, or IP address may be saved in the server log files, CMS log files, recorded in article history and stored in corresponding hosted wiki database, tracked in order to Roll back edits, used for Anti-Spam & Security purposes, sent to third party Anti-Spam & Security log files for processing, self hosted Analytics services [not currently applicable], third party Analytics services, third party Anti-Spam & Security services [not currently applicable].

Changes and Updates to this Privacy Policy

Tardis Wiki reserves the right to change, modify, add, or remove portions of this Privacy Policy at any time (for example to reflect updates to Tardis Wiki Services or to reflect changes in the law). Please check this Privacy Policy periodically for those changes. Your continued use of Tardis Wiki after the posting of changes constitutes your binding acceptance of such changes.

We will not materially change our policies and practices to make them less protective of personal information collected in the past under a prior version of the Privacy Policy without the consent of affected individuals.

Server Logs

The only information that our servers automatically log is your IP address, current time in unix, operating system, browser, and the pages visited along with any actions performed.

Actions (edit, delete, protect, block, upload) that registered users perform are publicly logged, appear in Special:RecentChanges & Special:Log, listed as a revision in the page's history and the user's contribution page (Special:MyContributions, or Special:Contributions/username).

System administrators will not access the system logs unless actual disruptive activity occurs.

Log data may be examined by system administrators in the course of solving technical problems and in tracking down malicious web spiders that overwhelm the site. IP addresses of users, derived either from those logs or from records in the database are sometimes used to correlate usernames and network addresses of edits in investigating abuse of the site, including the suspected use of malicious "sockpuppets" (duplicate accounts where one person logs into Tardis Wiki under different names), vandalism, harassment of other users, or disruption to the Site.

This system log data is treated as confidential and is not shared with other people. However, keep in mind that this information can be intercepted by services that come between the device you use to browse Tardis Wiki and our servers, such as a proxy server. To protect you from this, we use SSL encryption between your device and our servers to prevent someone from seeing the communication. We always encourage you to check that the connection is secure and that your browser does not alert you of any certificate error.

Collection of Personal Information

For more information on the choice to register, see Tardis:Why create an account?

The only personal information collected automatically by the software used by this Site are your IP address and email. There is very strict access to your IP and email; only system administrators — and sometimes bureaucrats — can gain access. This will only ever be used when absolutely necessary, for site security, in highly probable cases of ban evasion, or to put a stop to recurring vandalism.

If you are unwilling to have your IP tracked: consider either not editing and remaining a visitor, or simply continuing to maintain a registered account, which will hide your IP even from the above-mentioned users unless there is reason to check it.

On the other hand, note that if you do not register an account, there is no necessity to accept cookie requests from this Site.

If you learn that Tardis Wiki is collecting data beyond the scope of this privacy policy or in violation of the law, please discontinue using the Wiki and inform system administrators immediately. (Ping SOTO or Bongolium500 separately as well, to be safe, so we can make sure to get their attention.)

IP Address

Contributions/Edits by unregistered users, or editors who are not currently logged in, will reveal the IP address in the page history of the article they have edited, alongside other places on the Site, like watchlists and recent changes, and in any external feeds made of such pages.

This is used to differentiate one "IP user" from another, in order to provide attribution for unregistered edits, and to facilitate maintenance by admins and trusted users.

Email

During user registration, you will be asked to verify your email address. This is not currently required, but it is highly recommended so that you can regain access to your account should you forget your password. Tardis Wiki may make email confirmation required for all editors, at any point, for Anti-Spam and Security reasons.

You may provide your email address later on in your Preferences. The email address may be used by Tardis Wiki to communicate with users on a wider scale (through an internal process).

If you did not provide an email address, and have forgotten your password, you may still contact a system administrator, or an active admin, so that we can help you enter a new email address in your Preferences, provided that you have authenticated using Two Factor Authentication on the Wiki. You can remove your email address from your preferences at any time to prevent it from being used.

User Internet Protections

  • Right to be safe within our platform: Code of Conduct policy enforcement;
  • Right to be Forgotten: removal of username from article history, forum posts, public logs; account removal;
  • Informed of any cookies or trackers that collect data: users will be alerted of unauthorized account intrusions;
  • Ensuring user data is correct and accurate;
  • Informed when change of ownership occurs;
  • Informed of how user data is used and the scope: see E-Privacy, GDPR, CCPA compliance procedures listed below;
  • Informed when security breach occurs;
  • Informed when a warrant is issued - see our warrant canary.

Links to other websites

Tardis Wiki may contain links to external websites that are not owned or controlled by Tardis Wiki. Please be aware that Tardis Wiki is not responsible for the privacy practices of such other sites. We encourage you to be aware when you leave our Site and to read the privacy statements of each and every website that collects Personally Identifiable Information ("PII").

Data Security

Tardis Wiki uses a variety of managerial, technical, and physical measures to protect the integrity and security of your information. These measures may vary based on the sensitivity of your information. However, no security precautions or systems can be completely secure. We cannot ensure or warrant the security of any information you transmit to Tardis Wiki, and you do so at your own risk. We cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

Tardis Wiki will not sell or share private information, such as email addresses, with third parties, unless you agree to release this information, or it is required by law to release the information.

  • Data Access to user accounts is strictly controlled when using anti spam & vandalism tools.
  • Access to data storage is strictly controlled to only trusted System Administrators.

Access of Personal Information

The tools and tactics used by system administrators will be kept confidential for operational security purposes, these tools are designed to prevent data retention or to allow examination of results from past queries and all users who have access are strictly prohibited from logging personal information.

The information accessed will consist of IP address, Geo Location, and email to coordinate similarities to kick troublemakers off the Site. Repeat offenders will however be closely tracked to prevent damage on the Site. It is the policy of Tardis Wiki that Personally Identifiable Information ("PII") collected in the server logs, or through records in the database, may be released by the system administrators, in the following situations:

  1. In response to a valid subpoena or other compulsory request from law enforcement;
  2. With permission of the affected user
  3. Tardis Wiki administrators, their legal counsel, or their designee, when necessary for investigation of complaints;
  4. Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues;
  5. Where the user has been vandalizing articles or persistently behaving in a disruptive way (including usage of sockpuppets), data may be released to assist in the targeting of IP blocks, or to assist in the formulation of a complaint to relevant Internet service providers (ISP);
  6. Where it is reasonably necessary to protect the rights, property or safety of Tardis Wiki, its users or the public.

Tardis Wiki does not permit public distribution of such personal information under any circumstances, except as described above.

Access to Database

If the specialized tools used in security countermeasures (for spam, vandals, or disruptive users) fail, then Tardis Wiki administrators will request the system administrators to locate additional information such as looking up the user's email and or IP. The system administrators will then run the appropriate checks on the emails or IPs located. Very rarely will this event need to be considered, as it is a last resort.

Removal of Personal Information

Do not reveal personal or confidential information to other people. Be careful with the data you provide. Revealing your home address or phone number to a stranger can put your life at risk or expose you to being harassed. If you accidentally revealed personal information, immediately notify Tardis Wiki staff to remove it from records.

Please also be aware that, if you are under the age of 13, it is illegal to divulge such personal information, under the Children's Online Privacy Protection Act (COPPA). Outside the UK in the EU/European Economic Area, under the General Data Protection Regulation (GDPR), this age is 16.

Any content that is deemed unacceptable will be automatically suppressed on sight, during routine investigations, or the result of formal complaints.

EU Cookie Law's E-Privacy & General Data Protection Regulation (GDPR) & California Consumer Privacy Act (CCPA)

In regards to compliance with removal of personal data, the following is possible:

  • For changing of your username, submit a request to allow a Tardis Wiki bureaucrat to rename your account by following the instructions at Tardis:User rename policy.
  • For removal of username or IP address from your contributions, request usage of suppression by Tardis Wiki bureaucrats.
  • For removal of your email, go to Special:Preferences and clear your email manually.
  • For deletion or closure of your account, request account deactivation by notifying a Tardis Wiki bureaucrat on their user talk page.
  • Due to software limitations, Tardis Wiki staff are unable to provide you with a copy of your data to download, nor is it possible at this current time to allow to export it in a usable format.
    • If you have a need to remotely authenticate your account at an external wiki, please contact Tardis Wiki staff.

System administrators do not provide database or image dumps on request by individual users without a valid reason, such as for community approved bot work.

Browser Cookies

A cookie is a small text file that is stored on a user's computer for record-keeping purposes. We do use session ID cookies and persistent cookies. A session cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time.

Each time you log in, you may select the "Remember me" check box to set a persistent cookie. Visiting will set a temporary session cookie whenever you visit the Site. If you do not intend to ever log in, you may deny this session cookie, but you cannot log in without it. It will be deleted when you close your browser session. You may clear persistent cookies after use if you are using a public machine and do not wish to expose your username to future users of the machine.

Tardis Wiki may have installed client side gadgets that utilise cookies for user convenience; if you enable these under Special:Preferences, then you grant consent for the cookie on basis of functionality and necessary. We have various extensions installed that may use functionality and necessary cookies; continued browsing or usage of these features implies consent. No currently installed skin uses a cookie or tracker.

User Tracking

Tardis Wiki uses Google Analytics to track site traffic for performance (statistical) reasons.

Third Party Services

Third party services can also use Cookies to manage access to the website by their spam firewall, to secure and to protect this website from spam.

When you submit a user registration request or an edit POST request, your personal data will be stored in the wiki database such as your IP address, your email, the modified article text with edit summary, text of your forum response or talk page comment, and data of wiki farm form fields.

No Other Purposes

Tardis Wiki does not use cookies for any purposes other than those listed above. All Cookie usage on this Site is purely functional. Data stored as a result will not be accessed () by any individuals, except as explicitly outlined on this page (always assuming it is not intercepted without our knowledge; ).

Solicitation

Requesting personal identifying information from other users is forbidden.

Doxxing

It is strictly prohibited to publish private personal information of third parties without their consent. If someone you once trusted was entrusted with personal information and they decide to attempt to blackmail or leak it to cause harm, Tardis Wiki administrators will immediately strike out any such content. The violating party will be given a block period proportional to the harm; repeated violations will result in account termination for the offending party.

In any cases where this becomes a recurring problem, formal IP bans and tracking of username change requests will be initiated to allow for a quick resolution.

This includes sharing real time or delayed location information for the purpose of stalking or encourage endangerment rising to the level of compromising physical safety.

This will be treated as stalking and harassment, subject to server-level IP ban.

Security Notifications

You have the right to be notified of any security breach at Tardis Wiki which exposes your personal information. Tardis Wiki administrators will make public disclosures of security breaches that we uncover on the Site. If we determine that a breach of the Services has revealed Personally Identifiable Information of a large number of users, Tardis Wiki will announce the issue with a notice on this Wiki, and on all Satellite Wikis.

If it is likely that your information has been hacked, and you have provided Tardis Wiki with your email, Tardis Wiki will send email notifications regarding the breach to you.

Formal Definitions

  • personal: your real name, address, phone number, email address, password, identification number on government-issued ID, IP address, user-agent information, credit card number.
  • sensitive: date of birth, gender, sexual orientation, racial or ethnic origins, marital or familial status, medical conditions or disabilities, political affiliations, and religion.


This policy was last updated 15/04/2024