Hubzilla Documentation:

Contents

Privacy Notice October 2018

What Information Do We Collect?

We collect information that you provide about yourself. We may also collect information about you that is provided by others.

We require an email address to identify users who create accounts to use our services.

This site uses cookies to identify and validate your access to the services.

We may set or log data stored in cookies or local storage objects to facilitate your use of the services, to provide personalized content, and to permit you to access the content which you have stored or may have been sent to you on the service. The specific cookies and storage objects used may change from time to time, but fall into the following general categories:

  • AUTHENTICATION - We use cookies and local storage objects to identify your browser session and associate it with the data you have stored or has been delivered to you through the service.
  • SITE SECURITY AND DATA INTEGRITY - We use cookies and local storage objects to validate the integrity of the data you submit and to reduce spam and prevent attacks against our services that would degrade performance or potentially result in a data breach.
  • PREFERENCES AND FEATURES - We use cookies and local storage to localize the language and and to know when you have interacted with the service so we may notify you of new data and updates since your last access.

The cookies and data stored in local storage is used only to provide services which you have explicitly requested or contracted for. This data is not shared except in the provision of those specific services.

Third parties and providers of content that may be embeded in web pages on our site accessed through our service may set their own cookies. To understand how they use cookies, please review their respective policies.

Processor / Controller Designation

For information which you provide about yourself so that we may provide our services to you, we are the data controller.

For information which you provide about third parties for storage or processing, you are the data controller and we are a processor.

For information which you supply about yourself to other users of our service, they are the data controller and we are a processor.

How your information will be used

Information that you provide about you yourself to us is used to provide storage, communications and other services to you.

The email address supplied at account creation will not be shared with any other website or service without your express permission. The email address which you supply for account creation is used to send you notifications about your account and perform administrative tasks such as resetting your password. You have the option to opt-out of all email notifications related to your use of our services through your settings.

Communication channels created on this website require a name and a photo or avatar. A default avatar will be chosen if you do not supply one. The name, avatar, and a link to the channel webpage will be shared with other servers and services in order to refer to this identity. The name does not need to be your real name and the photo or avatar does not need to resemble you.

All other information you supply to this website is optional.

As a social communication and cloud storage service, you will usually be using this website to share information with others. We provide a range of privacy options to allow you to restrict this sharing to only those you choose.

Processing of your information

Our processing of information that you supply as a data controller is limited to storing it for you to use and making it accessible to other persons or transferring it to other third parties in accordance with your instructions pursuant to the rules and processes codified within the code of the software identified on the Site Info page (https://zot.social/Siteinfo).

Our processing of information about you supplied by other data controllers is limited to storing it for their use, making it accessible to the persons they specify and processing it pursuant to their instructions.

We MAY keep logs of activity to help diagnose software issues and to maintain security of the system against intrusion. These logs are routinely deleted within 10 days or are retained in a securely encrypted environment.

If you have provided permission to do so, we may try to suggest frendships or connections based on analysing information about your connections which you have made public by your use of the service. You may restrict access to this information if this processing is undesired.

If supplied, we MAY use your gender to formulate text messages in your native language, for instance "Bob commented on HIS post."

In all other cases, you may apply access controls to implement your desired privacy policy. We will share the data you supply only with those whom you have elected to share it with or with another processor at your instruction.

We do not share your private information with other third parties except according to your instructions.

We do not analyse your behaviour or personal characteristics.

We MAY be asked or forced to divulge information provided by you in response to legitimate criminal investigation or other legal proceedings. Where possible we will notify you if this happens.

Access to your information

Pursuant to your instructions, we may share communications and information that you supply to the service for processing

  • with other websites pursuant to the instructions you provide and according to the rules and processes codified within the code of the software identified on the Site Info page (https://zot.social/Siteinfo), or
  • with other users on this site pursuant to the instructions you provide and according to the rules and processes codified within the code of the software identified on the Site Info page (https://zot.social/Siteinfo), or
  • to a third party service provider who may assist in providing the services or some portion of the services, or
  • to a new owner or operator in the event we elect to discontinue providing the services or control of the services or some part thereof is transfer to another entity due to bankruptcy or insolvency, or
  • as part of our efforts to promote the safety and security of our services and users such as by verifying your account or activity and/or investigating activity that is suspicious or may be in violation with our terms, policies or applicable laws.

You may be shown embedded videos and provided links to other websites as part of your day-to-day activities using this website. Websites not owned or operated by us that you link to or that may embed content such as (but not limited to) Facebook, Twitter, and Google have their own privacy and data security terms.

Continued storage of data which you have chosen to place on the service is provided under your implied consent through your continued use of the service. You may withdraw this consent at any time by deleting your account. On account deletion we will remove all data which belongs to you. The process of deletion may take up to 90 days. We will also make a good faith effort to delete it from any internetworked websites to which you have instructed us to provide a copy unless prohibited or understood by us to be prohibited by a legal requirement or process. Where possible, we will notify you if this happens.

Further access to your personal data and stored files is under your control.

All data and files stored for a communications channel in your account are available for you to download for either archival puposes or to transfer to another compatible website.

We MAY be asked or forced to divulge information or data stored in connection with your account in response to legitimate criminal investigation or other legal proceedings. You explicitly permit us to comply with such requests where, in our sole determination, we are required to do so. Where possible we will notify you if this happens.

Your rights

Under the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA) you have a number of rights with regard to personal data which you supply to us and for which we are the controller.

You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.

If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.

You have the right to lodge a complaint to the Information Commissioners’ Office if you believe that we have not complied with the requirements of the GDPR or DPA 18 with regard to your personal data.

Identity and contact details of controller and data protection officer

DM42.Net, LLC is the controller and processor of data for the purposes of the DPA 18 and GDPR. 3

If you have any concerns as to how your data is processed you can contact:

Matthew Dent, Executive Manager at datasecurity@dm42.net or you can write to these individuals using the address of

Data Privacy and Protection Department DM42.Net, LLC P.O. Box 413 Sterling, MI 48659

Your Responsibilities

Under the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA) you have a number of responsibilities with regard to personal data which you control and cause to be transferred to us for processing.

For data which you control and cause to be transferred to us for processing, you indicate and agree that you instruct us to process data according to the rules and processes codified within the code of the software identified on the Site Info page (https://zot.social/Siteinfo).

You further stipulate and acknowledge that your use of this service may include transferring personal data for which you are a controller to a third country or an international organization and you accept as yours the responsibilities outlined in Article 40 of the GDPR.

It is possible that your use of the service to effect transfers of personal data for which you are a controller may infringe upon the GDPR or other Union or Member State data protection provisions.

For data for which you are a controller and you cause to be placed on to the service for storage or processing, you agree to carry out the responsibilities of Article 30 of the GDPR as applicable.