It’d be nice to (eventually!) see a link laying out a privacy policy for the instance, something like: https://newsie.social/privacy-policy

I’d especially be interested to know how long you associate the IP addresses we visit from with our accounts, who can see that info (and our emails), what other PII you store, and how long deleted posts/accounts are stored for.

(Totally get and very much appreciate that smorks &co have a lot on their plates just getting this place off the ground, not trying to demand additional work, just a suggestion. Seems like it’d take some thinking to balance with eg. a good backup regimen.)

  • smorksMA
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    We have the option to give your our emails too, is that only visible to you?

    yes, that’s only visible to me. 99% sure that it doesn’t leave this instance.

    See? Right person for the job. Holler if you need anything, I get a general sense there’s a willingness to pitch in around here.

    agreed. everyone has been super supportive and helpful so far. i will let you know what i find, and will reach out if i need help with anything. thanks!

    • Em Adespoton
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      1 year ago

      Thanks @smorks; you’re doing an awesome job! One thing not covered yet is your backup policy; it’s possible that items would get backed up before they were deleted.

      Personally for my server box I have two local backups and one offsite rotating backup that rotates quarterly. Such a setup can definitely capture information that later changes such as deleted posts and IP addresses that are logged before they’re rewritten. Something to consider, especially as backups are important for disaster recovery, especially in the case of handling other people’s data.

      • smorksMA
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        thank you for the reminder. i’m currently doing weekly backups offsite, which includes the database and all pictrs data (image data). the off-site backups are all encrypted (i’m currently using restic for this), so again, i’m currently the only one with access to it.