Differences

This shows you the differences between two versions of the page.

--- policies:legal [2022/07/04 09:51] – [GDPR and similar rights] email amanda
+++ policies:legal [2022/08/23 16:09] (current) – [GDPR and similar rights] off site backups amanda
@@ Line 5: / Line 5: @@
 As with all new software under development, the service is not immune to bugs, errors, or other mistakes. Do not abuse these, instead please advise Amanda of your findings so these can be fixed or addressed.
-You agree to be respectful of the service, and of other users. Abuse of bugs, along with any bullying, discrimination, racial slurs, or anything else deemed generally offensive, especially if offence actually occurs, may result in immediate suspension of your account and loss of all possessions linked to it.
+You agree to be respectful of the service, and of other users. Abuse of bugs, along with any bullying, discrimination, racial slurs, or anything else deemed generally offensive, especially if offence actually occurs and is reported, may result in immediate suspension of your account and loss of all possessions linked to it.
+If you have an issue with another user, please Save Messages in the client, and initially email us with the time and date and a description of the incident.
+Note that, because of the age of the client software, communication between it and our servers is not encrypted by default. This means that it is technically possible for a determined actor to view or modify your in-world actions, including ESP and spoken messages.
+Selecting the "WS" version of the worldname field in the launcher routes everything via https and is thus encrypted via industry standard methods, at the expense of some slight latency.
+Stored ESP mail messages are encrypted on our servers and are inaccessible to anybody other than yourself, unlike on the original servers. Currently messages accompanying mailed objects are not encrypted, although this is on the list to be added.
+If the server is running in Debug Mode, anything happening in-world may be stored in log files, including the copies of any messages. A notice is shown at login if this is happening. Any in-world speach in public locales may be recorded at any time, however turfs are explicitly excluded from this, as are certain other regions with restricted access.
 ===== GDPR and similar rights =====
@@ Line 12: / Line 21: @@
 Your personal data is stored in one or more databases so as to ensure your ability to log into and enjoy the relevant services. Your actions may generate derived data such as in-world avatars, objects or messages, and traces may appear in log files.
-No data is stored outside of servers in our physical possession. No data is sold or transferred to any other organisation. The exception to this is where we email you, in which case your email address and the exchanged messages may be retained in our accounts at our email service providers.
+No data is stored outside of servers in our physical possession. No data is sold or transferred to any other organisation. The exception to this is where we email you, in which case your email address and the exchanged messages may be retained in our accounts at our email service providers, as well as at yours.
+Since August 2022, server backups are now additionally stored on an off-site third party cloud provider, however these are fully encrypted and the contents are therefore not accessible to that provider, nor to anybody without our decryption keys.
 We do not validate or use any personal identity information submitted by you beyond ensuring you have access to the email address you provide. This is soley to ensure we are able to contact you about your account.
+If you are at all worried, we suggest you create a new email account at a free email provider and use that to register, along with a name of your choice.
 We do not employ any tracking or advertising cookies on our websites, such as any that would necessitate advising you and obtaining your permission, so there is no need for a cookie control popup.