Privacy Policy (2021-12-01)

User privacy is one of the primary goals.
Detailed below is everything you need to know about how your data is handled.
Please see our infrastructure page to learn how we keep our services safe.

Control over your data

  • Requesting your data:
    • Web server logs will not be provided.
    • konvers.me chat logs of your user can be retrieved by joining the room with an XMPP client supporting (MUC-)MAM.
    • Donation history via Stripe can be provided upon request from a matching email address.
  • Correction of your data: We do not believe we have any data that can be corrected, but do reach out if necessary.
  • Deletion of your data:
    • Web server logs are kept for no longer than two weeks.
    • konvers.me access logs are deleted weekly.
    • konvers.me messages can be deleted upon special request.
  • Expressing concerns: We are always open to suggestions and collaboration on how we can further improve user privacy. Please e-mail us or open an issue on the project repository and lets get a discussion going!

E-Mail:

What data we (Divested Computing Group) collect

  • Website
    • What is received: Cookies (detailed below), Page Visited, Referring Page, User Agent, and IP Address
    • Cookies
      • PHPSESSID - Set by the server to maintain variables such as CSRF tokens
    • How often: On every page visit
    • Why it is received: Used to serve the web pages to users
    • When it will be deleted: Web server logs are kept for no longer than two weeks
    • What else will it be used for: Nothing else
    • How to anonymize: Visit the site using the Tor Browser
    • Example: [IP Address] - - [Timestamp] "GET /pages/privacy_policy HTTP/2.0" 200 3441 "-" "Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0"
  • Chat rooms (MUC) available on xmpp:konvers.me
    • What is received: JID, nickname, avatar, messages you send, your server IP address, your client IP address only if fetching an HTTP uploaded image
    • How often: When you join and are connected to a room
    • Why it is received: Used to provide the chat service to you
    • When it will be deleted: Messages are not deleted per default MAM policy, but are pruned after backups. Access logs are deleted weekly. IP addresses are not stored in the access logs.
    • What else will it be used for: Nothing else
    • How to anonymize: Use a throwaway JID and nickname. Route your XMPP client over Tor.

What data third parties collect

Third parties are used to support specific features and apps

  • Website Payments
    • Who: Stripe
    • What they receive: Name, Bank Card, E-Mail Address, User Agent, Browser Fingerprint, IP Address, Location from Geo-IP
    • What we receive: Name, Bank Name, E-Mail Address, User Agent, Location from Geo-IP
    • How often: When you donate
    • Why they receive: Used to process the payment
    • What else will we use it for: Nothing else
    • How to anonymize: Use a fake name, debit gift card, disposable e-mail address, and connect via a computer at your local library
    • How to disable: Requests to Stripe's servers will not occur until you attempt to donate
    • Privacy Policy: Stripe Privacy Policy