Privacy and Anonymity
- Members of Romance.ucam.org do not have access to each others' real names or email addresses. Except in the case of a complaint, we, the
administrators, do not know either. (Although, if you give out too much information, people might guess.)
- You can control exactly what information is visible to other members, depending on whether or not they are logged-in. You can also hide your profile from a specific friend or ex-.
- We believe very strongly in protecting your privacy, but we will not allow abuse of this site. When accounts are closed, we do not retain the personal details of ex-members, such as their
profile, photo, age, religion, or sexuality.
However we do keep just a very few details, in case of abuse: [more].
Here is exactly what we keep, and why:
• nickname: so that your nickname can't be immediately taken by someone else (and so you can retrieve it, if you subsequently re-join).
• id/email/joindate/deletiondate/joinfrom-ipaddr: so we could potentially trace the sender of pseudonymous hate-mail or online bullying etc (this has never happened yet).
• sex/blacklisted/blockcount/karma: occasionally people mis-use the site; 're-incarnation' doesn't reset bad 'karma' or undo a ban.
• testimonial/deletion reason: your feedback, if you give it to us.
• inviteids: if you used the invite system, but left before the invite was accepted; this would let us assist the invitee.
... and that's all.
- Please read the the terms and conditions of use, and the information below on personal and computer security.
- Cookies: we don't participate in any form of user-tracking (eg 3rd-party analytics, targeted-advertising, etc). While you are logged-in, we use a temporary session-cookie (PHPSESSID), which we discard after ∼ 24 minutes of inactivity.
A session-cookie is a long, random number like: PHPSESSID=pea45p10bjcb6p3221; they are harmless, essential, and exempt from the EU cookie regulations.
- We store only hashed, salted passwords, using pg_crypt().
- The site itself is indexed by various search engines, such as Google. These can read, index, and archive any webpages that a (non-logged-in) human can see; we specifically request that pages
containing profile data are not crawled, and so your profile cannot be found using a search engine. Messages (and non-public profiles) are only visible when logged in, so can never be indexed.
All major search engines are well-behaved, and respect meta tags. We use "NOINDEX NOFOLLOW" on the
personal pages (details.php, list.php, and search.php), to instruct Google, Yahoo, Archive.org etc not to crawl them. (Try it for yourself: do a
site: search for part of your profile, and you won't find it.)
-
We support public-key encryption of messages: if you use this, the message plain-text is never transmitted to our server.
Or, you can use GnuPrivacyGuard,or an off-the-record messaging protocol.
- We use only secure (encrypted) connections to the website using https:// and wss://.
Outbound emails are encrypted where possible.
We select ECDHE SSL-ciphers to ensure perfect forward secrecy in browsers that support it.
TLS encryption of email is supported by some mail-servers, but not all: test yours here.
Of the EFF's web-encryption best practices, we get 5/5 correct.
SSL Labs rate us an A+ for best SSL practice.
- We host all our content ourselves: we don't use 3rd-party content-delivery networks (eg Google for hosting web-fonts). Likewise, we don't use the pervasive "Facebook Social" API.
This avoids one more potential avenue for privacy-leakage; it also happens to improve reliability.
- We welcome feedback, suggestions, researchers and scrutiny. If you think there is anything we can do better, tell us. If you want to know any other details, please ask.
The EFF (Electronic Frontier Foundation) recently wrote an article: "The Heartbreaking Truth
About Online Dating Privacy". Of the 6 issues they raise, we get them all correct.
- Caveat: Logfiles and database backups exist: we promise to be good with these, but we'd like to point out that they do exist
(as is the case for practically every site on the Web). Also, though we hope to be worthy of your trust, you should know that
the system-administrator of any website's server, including ours, can in principle read the clear-text traffic that flows through it.
If anyone can suggest a technical workaround for any of these issues, please tell us: we think this problem is (logically) insoluble, but would be delighted to discover otherwise.
- In the light of the recent (June 2013) revelations about the vast extent of US/UK government snooping (NSA/Prism,
GHCQ/Mastering the Internet), we wish to express our horrified disgust:
Orwell's 1984 was intended as a warning, not an instruction manual! To oppose this, please consider joining the Electronic Frontier Foundation.
Although we do our absolute best to protect your privacy and your data, it is unlikely we can defend you against this, maybe not even with https; in particular, most email is being slurped up by the dragnet, and robots.txt and meta tags are
ignored. Our site is hosted in a datacenter in Stevenage in the UK (so it is not subject to US law which has even weaker safeguards than the UK), and our Ubuntu system is open-source, which provides strong protection against official malware.
We have never received any legal demands for data or censorship. If you have questions, comments, or suggestions for improvement, please tell us.
|