💾 Archived View for jacksonchen666.com › privacy › index.gmi captured on 2024-07-08 at 23:16:39. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2024-05-26)

🚧 View Differences

-=-=-=-=-=-=-

Privacy on this website

Last updated: 2024-06-18

The blurb

I'm not sure if I should call this a "privacy policy", since the word "policy" is in there. However, this documents the current practices which are related to your privacy.

The tl;dr is:

• Your IP address is logged (up to 4 days)
• I am keeping any emails I receive and send forever
• I use some external services for my websites

Definitions

This list is not exhaustive, and primarily intended to alleviate confusion about some stuff.

• "Self-hosted" and "Self-hosted server" refers to "laptop-server"
• "Self-hosted servers" (plural) may refer to both "laptop-server" and "imac"

Notable other Third-parties' services in use

These are used in a wide range of things.

Let's encrypt - Certificates

deSEC - DNS Nameservers

SourceHut (especially sourcehut pages)

SourceHut Terms of Service

SourceHut Privacy Policy

The static websites

For these websites:

https://backup.jacksonchen666.com/

https://microblogging.jacksonchen666.com/

https://status.jacksonchen666.com/

They're hosted with sourcehut pages. SourceHut does log some information, and SourceHut's logging configuration is available at the following link:

SourceHut's logging configuration

Self-hosted HTTP stuff

Applies to all domains and subdomains under:

• jacksonchen666.com (except anything listed in the static websites section)
• jc666.xyz
• jc6.xyz
• x7ikq7gwf6vnbvrc7b36nkcxnw7eckwaricmjbdvrajoeql2ccjb5aad.onion
• jacksonchen666.i2p
• se74m63c22m37zteameiijr5ld3oqrke3pmrrx7xwmbli5thfy3a.b32.i2p
• The yggdrasil-network IPv6 address 224:2a:86e7:b0:8727:3e88:c92a:c219

Domains listed above will reach the self-hosted server.

Logging

Server logs for server applications (e.g. Mastodon) are default settings. No further information is provided here because I don't know any better.

Server logs configuration for the reverse proxy (i.e. nginx) is the following:

log_format vcombined '$host:$server_port $remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_length';

This allows us to see the following information:

• Your IP address
• What page/resource you have requested
• Time of your request
• Where you navigated from ("Referrer" information provided by browser)
• Your browser User Agent string

The above is just an overview. Below is the exact technical information

logged:

The information logged for HTTP requests are:

• Virtual host
• Client IP address
• Provided username for HTTP authentication
• Time of request
• The HTTP request type (e.g. GET, POST, etc.)
• The HTTP request path (e.g. /)
• The HTTP request HTTP version (e.g. HTTP/1.1)
• Status code returned to client
• Response body measured in bytes sent to client
• Referrer AKA where you navigated from (the referrer policy is set to same-origin on jacksonchen666.com)
• Provided User Agent
• Client request length (counts request line, header, and body)
• Rough time it took to process the request (in seconds)

(Modified) Example:

subdomain.jacksonchen666.com:443 192.0.2.231 - - [01/Jan/1970:00:00:00 +0000] "GET / HTTP/1.1" 404 2147483648 "-" "Not a bot, definately not." 500 0.000

The visitor's IP address is 192.0.2.231 in this example.

Data retention

The logs are stored up to 4 days. They are not included in backups.

Self-hosted Server is located in Hungary.

Data sharing

Logs may be shared with others for troubleshooting purposes. The other

people can be with people who are not involved in running these servers.

Any logs that is shared will be redacted of personally identifiable

information.

Self-hosted Gemini stuff

Information that is logged for every request is:

• Time of request
• The URL
• Server response status code
• Stuff after the status code (Gemini protocol specification §3.1 "META")

(Modified) Example:

[1970-01-01T00:00:00Z INFO  agate] [::ffff:192.168.1.74]:1965 - "gemini://jacksonchen666.com/" 20 "text/gemini;lang=en"

The IP address `192.168.1.74` is not the visitor's IP address.

Backups for self-hosted servers

We create multiple copies of our server and store it on-site and off-site to

prevent complete data loss. That's backups, by the way.

Backup retention

Backups are retained for 4 weeks at maximum. Any backups older than 4 weeks

will be deleted unless it is required (e.g. restoring an old backup).

Backed up information

Rule of thumb: We backup everything. Some things are excluded if deemed not

important/critical to operation.

The backups contain:

- All operating system components and programs

- All services components and programs

- User data generated by use of the services

- Everything else we forgot to specify

The backups do not contain:

- Reverse proxy logs (the thing that handles HTTP(S) requests, and logs it)

Tools and services

We use the following to create, manage, synchronize and store backups:

Borgbackup

bupstash

BorgBase (off-site backup, only using Europe regions)

Email

• Migadu handles the emails. (2023-03-31)
• Encrypted emails preferred (additional information on the contact page)
• Emails received will be removed from the mail servers and stored locally on my computers, retained permanently.

Migadu

Simplelogin

Miscellaneous Third-parties' services in use

• Includes the "Notable other Third-parties' services in use" section
• My ISP
• Fedora Linux (their repos and distro)
• Alpine Linux (their repos and distro)

- [lists sourcehut][lists.sr.ht] for email comments on blog posts

([ToS][sr.ht_TOS] & [privacy][sr.ht_privacy])

lists sourcehut for email comments on blog posts

SourceHut Terms of Service

SourceHut Privacy Policy

Opt-out

How? There isn't something you could opt out of here other than well... Not touching anything related here.

(Ideas are welcome)

The past

These things are included because they have some significance

Email

• Namecheap, a domain registrar, used to handle the emails. Not anymore. 2021-07-10/2021-09-06, end date might not be accurate.
• Gandi, a domain registrar, used to handle the emails. Not anymore. 2021-08-10/2023-04-02.
• Simplelogin's email aliasing used in contact page (from 2022-10-21 to 2023-04-18).
• DuckDuckGo's email aliasing service was used for the email contact (from 2021-08-10 to 2022-10-21)

Namecheap

Gandi

Nameservers and domain registrar also applies, but not the dates. Those dates are for the email service.

Submissions

On jacksonchen666.com, you were able to submit questions, ideas, and feedback, which are collectively called "Submissions".

We use `git`, a distributed version control tool. Due to the design of `git`, deleting past versions of this website cannot be truly achieved as everyone has a copy of the website including the history, therefore, the data for "Submissions" cannot be completely removed.

The function has been removed from the website, but as stated above, he data cannot be truly removed.

Contact info

We welcome questions and stuff about our privacy document. You can email us at here:

jackson@jacksonchen666.com