User:Astirmays/Privacy policy

Vikidia's privacy policy

General information[edit | edit source]

If you read Vikidia's pages without editing them, the information stored on Vikidia's servers is similar to that normally stored on other websites. On the other hand, when you edit a page, MediaWiki software logs your IP address. If you are a registered user and have logged in, your nickname will be displayed in the site and your IP address will be hidden; if you are not registered and/or have not logged in, your IP will be shown in order to attribute your edits. If you don't want your IP address to appear in the page's history and in Vikidia's registers (which are both public), you have two alternatives:

• sign in or log in to Vikidia and choose a nickname;
• do not edit any page.

Purpose of data retention and usage[edit | edit source]

If you read Vikidia's pages without editing them no information will be retained apart from normal raw data necessary to site statistics and to the site's working. This information will not be made public. Only developers and system administrators can access raw data for technical maintenance and for tracking hackers.

If you edit Vikidia's pages you release that content under a licence that requires author attribution; thus the need for collecting personal data. As stated, edits by registered users will be attributed to their authors through their nickname, while edits by unregistered users will be attributed through their authors' IP address.

Selected and trusted (but still volunteer, not hired by the Vikidia association) registered users, with the only purpose of preserving Vikidia's well being and functionality against malicious, disruptive and/or illegal use, will have access to registered users' IP address and some other information. These users have all proven to be above legal age in their country of residence.

In order to ensure safe and legal usage of advanced data as defined below, users with access to them must send a valid ID to the Vikidia association to prove they are above legal age in their country of residence.

Commercial use of any personal data recovered through Vikidia (included but not limited to the CheckUser identification process) is explicitly prohibited.

Type of data retained, access to and usage of retained data[edit | edit source]

As explained above, non-editors will not share sensible data publicly and the only data they will share is collected and retained in a confidential way preserving privacy. Editors will share their IP address, and only unregistered users will share it publicly. Editors (both registered and unregistered) will share other personal information (from now on, “advanced data”), such as (but not limited to):

• operative system and its version (Windows XP, Mac OS, Linux Ubuntu, and the specific version code, e.g. 10.2.5)
• system language (e.g.: you computer's interface is set on French, English, Italian…)
• internet browser used to connect to Vikidia and its version
• the period your IP has been used to edit Vikidia

These data, however, will be hidden to the public and shown upon request to trusted users, in order to enforce community policies and to fight and prevent abuse of the site, for the comfort and security of readers and other editors. IP address and advanced data will be stored for a limited time and then automatically deleted from servers.

When registering an account, users can set a personal e-mail address in their preferences and their real name. This information is not necessary to complete the registration process or to be able to edit Vikidia. However, an e-mail address is necessary to recover your password in case you forget it. Your e-mail address will not be made public and moreover it can not be used to contact you through the wiki functionalities. On the other hand, you can't write an e-mail to another Vikidia user via the on-site interface (unless he displayed it publicly on this site); for urgent matters (e.g.: legal suits concerning your edits) the Vikidia association can use your e-mail address to contact you it, but that will happen for your own sake only. Your real name will be used to attribute your edits to you, but if you don't provide your real name attribution duties will be fulfilled using your nickname, thus not limiting your authorship on that edit; in case you provide your real name, it will be public.

System administrators and developers, both mandated by the Vikidia association and by TuxFamily that host the website have access to all the data listed above. Apart than for the declared purposes, these data can also be used for system maintenance (particularly but not exclusively, raw data collected from every visitor and stored with restricted access).

To make sure advanced data are in safe hands, access to them is only provided to adults: Vikidia association will ask users elected for having access to “CheckUser” tool to prove they have reached legal age in their country of residence by sending a copy of a valid ID (carte d'identité), passport, driving license of a country that recognizes it as an ID) to the provided e-mail address. This data will be used only to verify the user's age, no information about his/her identity shall be retained and the file itself will be erased as soon as the identification process is complete; the Vikidia association can keep records of the identification process, but no personal information (including photo, date of birth, real name, postal address, and any other data contained in the ID, unless it was in possess of the Association before receiving the ID) shall be contained in the record. The identification process will be carried out by a person of legal age, whose identity and contact information can be revealed by the Association upon motivated request made by any user who has/had to go through the identification process.

MediaWiki software does not collect location data. Some third party (external websites, mainly) can locate an IP address with varying accuracy depending on your Internet Service Provider. It is not in the interest of Vikidia to locate you physically, as this is of no help in preventing abuse of the site. The Vikidia association and its users cannot be held responsible for the outcome of these external services (unless they do maintain, support or sponsor them in a way different from simple linking on vikidia.org)

The following categories of users have access to the following types of data

• unregistered users: can access all public revisions of all articles (unless the article has been deleted by an administrator or the specific revision has been deleted/hidden to public), can access all public logs and page histories, can see other unregistered users' IP address.
• registered users with none of the flags listed below: same as unregistered
• administrators (also called “sysops”): same as unregistered users, but can also access deleted articles and revisions (unless a revision has been “oversighted”, a particular hiding procedure used in special cases and restricted to a particular group of users), can access CheckUser log. They cannot access advanced data;
• oversight: same as administrators, but can also access page revisions hidden through “oversight”;
• bureaucrats: same as administrators, but, depending on local policies and settings, can also access advanced data through “CheckUser” tool; please see Vikidia:Bureaucrats on your project to check whether bureaucrats do have access to “CheckUser” tool on your project; if they don't, a specific “CheckUser” flag should be activated;
• CheckUsers (here meaning the flag assigned to users, not the tool): same as administrators, but can also access advanced data through “CheckUser” tool;
• system administrators (not to be mistaken for administrators/sysops): same as CheckUsers
• developers: can assign themselves any right of those listed above (thus potentially gaining access to all the data types listed above), can access the server root, thus having access to user e-mail addresses and advanced data.

In general, giving access to data in a restricted way (including but not limited to: deleted articles, hidden or oversight revisions, “CheckUser” tool) is not considered “publishing” them. Therefore, in case public data (included but not exclusively: advanced data) is saved in a public page the correct way of protecting your privacy is hiding the revision or deleting the article, at the sole discretion of users entrusted with these tools and of the Vikidia association.

Responsibility[edit | edit source]

Every user is responsible before the law for his actions on Vikidia. The Vikidia association takes no responsibility over any abuse made by any volunteer user of his/her access to privileged information. The Vikidia association, as the owner of the servers that host Vikidia, is responsible for the technical retention and distribution of personal data (including advanced data), and will do everything in its power to restrict access to personal data only to trusted and authorized people, but can give no assurance whatsoever (and therefore can take no responsibility) that data will be safe from forceful intrusions, hacker attacks and any other unforeseen unauthorized access which goes beyond the Association's possibilities in terms of server protection.

CheckUser policy[edit | edit source]

This policy regards the use of “CheckUser” tool and consequently the access to advanced data as defined above. The tool could be available to users with “bureaucrat”, “CheckUser” or “system administrator” flag, depending on local policies and settings (which may also add even more groups to this list, please refer to local policies for more specific information; in any case, access to advanced data remains restricted to trusted and adult users, nominated as described below). For briefness's sake, we will refer to those users and to those flags as CheckUsers and “CheckUser” flag, thus including any user and flag with access to those tools, regardless of other rights he might be assigned. The tool will be referred to as “CheckUser” tool. When bureaucrat is used, it refers to users with “bureaucrat” permissions only, as the context doesn't pertain to the use of “CheckUser” tool but to other functions performed by bureaucrats, e.g. assigning flags to other users. If on a local project bureaucrats do not have access to “CheckUser” tool, this policy does not apply to them.

Access to “CheckUser” tool should be granted to trusted users by the local community through an election. In case there is actual need for CheckUsers and the community is very small and unable to elect a trusted user to such a role, users can be appointed to the role of CheckUser by the Vikidia association. In any case, if a project has CheckUsers, there must be at least two of them on that project, or none so that they can double-check each other and investigate any abuse notice. If a CheckUser resigns or is removed for any reason from his role, a new CheckUser must be elected or appointed. Once the community is ready to elect its own trusted users to the role of CheckUser, the Vikidia association shall not appoint any more CheckUsers unless in case of urgency and always with community consensus.

A CheckUser should be elected with roughly 75% favorable votes on the total. After being elected/appointed by the Association The user must send to the Vikidia association [provide dedicated e-mail address!!] a copy of a valid ID (carte d'identité, carta d'identità, passport, driving license of a country that recognizes it as a valid ID) that proves he is above legal age in his country of residence: citizens of all European countries (including the UK, but Gibraltar set legal age at 17) reach legal age at 18 years old, as do people in the vast majority of the US. The Vikidia association will verify that the user satisfies the requisite. The Vikidia association will then notify to a developer or a local bureaucrat (so that they proceed with assigning the flag). The Vikidia association will then erase the file representing the ID. The Vikidia association provides an e-mail address dedicated to identification procedures and has a person of legal age assigned to carrying out the identification process and responsible before the law for violations of European privacy law during the handling of the IDs CheckUsers will send. This personn is not responsible for CheckUsers' behavior, their use of “CheckUser” tool and their handling of personal data: he is only responsible for the CheckUsers' identification procedure, i.e. verifying the candidate is of legal age, and for erasing the copy of the ID sent by the candidate.

CheckUsers are responsible before the law for their own behavior and for violations of European privacy laws during the handling of personal data, which must be performed with the necessary care for people's privacy: CheckUsers must not unveil personal data to unauthorized users (that is: without access to “CheckUser” tool) unless this is strictly necessary (it rarely is: other users just need to know that “User 1” is probably the same person as “User 2”, they don't need to know that “User 1” shares IP address 129.0.0.1 with “User 2” or that they both use Mac OS 10.2 in French and Firefox 5.1.1). Sharing advanced data to unauthorized users if not strictly necessary is a violation of this policy and could lead to the removal of the “CheckUser” flag and other flags assigned on trust (e.g.: administrator, bureaucrat and so on), thus not limiting the possibility for the Association and/or for users whose privacy was violated to sue the ex-CheckUser in a court of law.

The Vikidia association is not responsible for CheckUsers' behavior, their use of “CheckUser” tool or their handling of personal data. If you believe a CheckUser violated your privacy, please contact him through Vikidia or open a public request for comments: in case you are wrong and the CheckUser used “CheckUser” tools rightfully other expert users will explain it to you before you file a legal suit and face legal expenses.

Developers have the power to assign themselves any right of those activated on the wiki and can access the server root. In case of urgency (serious threat to the sake of Vikidia, to the site's integrity, lack of elected CheckUsers and need for urgent checks), they can assign themselves “CheckUser” permissions, and shall remove themselves the rights as soon as the urge ceases. Developers shall, therefore, follow the same identification process as elected/appointed CheckUsers as soon as possible and in any case before they can assign themselves “CheckUser” permissions. Developers who don't provide proof for being of legal age shall be removed their access to servers and all developer rights (including that of assigning themselves any flag).

Any user who had or has to go through the identification process described above has the right to file in any moment a motivated request to the Vikidia association in order to obtain the real name and a contact (including, if requested, the country of residence and any other information necessary to file a legal suit) of the person charged with the identification process. The Vikidia association, unless the request is unmotivated or badly motivated (in which case a notice shall be sent within two – 2 – working days to the user who filed the request), must provide this information within three (3) working days from receiving the request.