Privacy Policy
What is Privacy Guides?
Privacy Guides is a community project operated by a number of active contributors. The public list of team members can be found on our forum. Privacy Guides is legally administered by MAGIC Grants, a 501(c)(3) public charity acting as our fiscal host.
As a project, we make available to the public:
- privacyguides.org, this website
- discuss.privacyguides.net, our community forum
- code.privacyguides.dev, public source code repositories
This privacy notice covers all Privacy Guides projects authorized and operated by the MAGIC Privacy Guides Fund executive committee.
Please note that when you make a donation to us on donate.magicgrants.org, MAGIC Grants has published a separate privacy policy covering that platform.
How does Privacy Guides collect data about me?
Privacy Guides collects data about you:
- When you visit our websites
- When you create and use an account on our websites
- When you post, send private messages, and otherwise participate in a community that Privacy Guides hosts
- When you sign up for a mailing list, email notifications, or announcements
- When you make a donation to us or become a member
- When you contribute to our website or other open-source projects
Privacy Guides does not buy or receive data about you from data brokers.
Does Privacy Guides sell my personal information?
No. Privacy Guides does not sell personal information. Additionally, Privacy Guides does not share personal information with third parties for the purpose of advertising.
What personal information does Privacy Guides collect, and why?
Privacy Guides collects information about visits to its websites
When you visit one of our websites, whether you have an account or not, we use server logs and other methods to collect data about what pages you visit and when.
We use this data to:
- Optimize our websites, so they are quick and easy to use.
- Diagnose and debug technical errors.
- Defend our websites from abuse and technical attacks.
- Compile statistics on page/topic popularity.
- Compile statistics on the type of browser and devices our visitors use.
We generally store the above information for just a few weeks. In special circumstances, such as during an ongoing technical attack or a subsequent investigation, we may preserve some log data longer for analysis.
Privacy Guides stores aggregated statistics for as long as we host our websites, but those statistics do not contain data identifiable to you personally.
Privacy Guides collects account data
Many features on our forum or other account-based services require an account. For example, you are required to have an account in order to post and reply to topics.
To sign up for an account, Privacy Guides requires your email address, a username, and a password.
We use this account data in order to identify you on the website, and to create pages specific to you, such as your profile page. We publish your account data to your public profile in accordance to your profile's configuration.
Privacy Guides uses your email address to:
- Notify you about posts and other activity on our website.
- Reset your password and help keep your account secure.
- Contact you in special circumstances related to your account.
- Contact you about legal requests, like DMCA takedown requests.
You may optionally provide additional details about your account, like your name, a short biography, your location, or your birthday, on the profile settings page for your account. Privacy Guides makes that information available to others who have access to the forum. You don’t have to provide this additional information, and you can erase it at any time.
Privacy Guides stores this account data as long as your account remains open.
Privacy Guides collects data about posts and other activity on our forum
Privacy Guides collects the content of your posts, plus data about bookmarks, likes, and links you follow in order to share that data with others, through the forum. We also publish this activity to the public.
Privacy Guides also collects data about private messages that you send through the forum. Privacy Guides makes private messages available to senders and their recipients, and also to forum moderators and administrators.
Privacy Guides stores your posts and other activity as long as your account remains open.
Privacy Guides collects data you give to sign up for mailing lists and announcements
When you fill out and submit a web form to sign up for mailing lists or announcements, Privacy Guides collects the information you put in the form, such as your e-mail address.
Privacy Guides stores this information until you unsubscribe from the mailing list.
Privacy Guides does not collect sensitive personal information
Privacy Guides does not intentionally collect sensitive personal information, such as government identification numbers, information on racial or ethnic origin, political opinions, genetic data, biometric data, health data, or any of the special categories of personal data specified by the GDPR.
Privacy Guides collects data about open source contributors
Contributors to Privacy Guides' website may be asked to provide identifying and contact information such as your name and email address.
Privacy Guides uses this information to maintain the integrity of our website, software, and license agreements, both our own licenses and the license between Privacy Guides and our contributors. Privacy Guides stores this information for as long as your contributions are incorporated into our open source software, including this website.
The Privacy Guides website stores local data
Our website uses Local Storage in your browser to store your color scheme preference. This data is only used by client-side JavaScript to change the color scheme of this website according to your preference.
Our website also uses Session Storage to cache the current version number of this website and the number of stars/forks of our GitHub repository. This data is fetched once per session from GitHub, and is only used by client-side JavaScript to display that information at the top of each page.
No locally stored data on this website is transmitted to Privacy Guides, and it can not be used to identify you.
The Privacy Guides forum uses cookies
Our forum is built on Discourse, which uses the following cookies:
| Name | Essential | Expires | Purpose |
|---|---|---|---|
| Yes | Session | remembers your e-mail as you create an account | |
| destination_url | Yes | Session | helps redirect you to your requested page after logging in |
| sso_destination_url | Yes | Session | helps redirect you to your request page after single sign on |
| sso_payload | Yes | Session | used during SSO authentication when two-factor authentication is enabled |
| authentication_data | Yes | Next Page View | temporarily stores user information during login flows |
| theme_ids | Yes | 1 year | remembers your theme personalization if you don’t tick “Make this my default theme on all my devices” |
| color_scheme_id | Yes | 1 year | remembers your color personalization if you don’t tick “Set default color scheme(s) on all my devices” |
| dark_scheme_id | Yes | 1 year | remembers your color personalization if you don’t tick “Set default color scheme(s) on all my devices” |
| cn | Yes | Session | temporarily stores notification read state |
| _bypass_cache | Yes | Session | allows the server-side cache to be bypassed during login flows |
| _t | Yes | 1440 Hours | remembers who you are when you log in |
| _forum_session | Yes | Session | associates an ID, and other security-related information, with your browsing session |
| dosp | Yes | Next Page View | enables client denial of service protection, a security protection |
| text_size | Yes | 1 year | remembers default text size when a user wants to change it on only one device |
| cookietest | Yes | Session | checks if cookies are enabled when authentication fails |
| __profilin | No | Session | used by software developers to bypass rack-mini-profiler |
Your web browser can show you the cookies you have for any website and help you manage them.
Does Privacy Guides use personal information for marketing purposes?
Privacy Guides may use personal data about our users in order to directly promote our own resources, such as for sharing new resources or when fundraising. We also use the information you give us when signing up for our mailing lists and announcements to send those messages.
You can always opt out of marketing communications from us, and you have the right to object to any processing of your information for marketing purposes.
Privacy Guides never provides or sells your data to third-parties for marketing purposes.
How can I make choices about data collection?
Your account on our websites has a settings page which provides you with options about how your data is used.
Most web browsers let you make choices about whether to accept cookies, for specific websites or more generally.
Privacy Guides does not respond to the (now deprecated) Do Not Track HTTP header.
Where does Privacy Guides store data about me?
Most data is hosted by Triplebit web services in the United States. Some publicly accessible data may be hosted by Content Delivery Networks with servers in other jurisdictions. For example, your profile picture may be hosted on multiple servers around the world.
Does Privacy Guides comply with the EU General Data Protection Regulation?
Privacy Guides respects rights under the European Union’s General Data Protection Regulation (GDPR). Information that GDPR requires Privacy Guides to give can be found throughout this privacy notice, including information on the rights of data subjects.
What are my rights under the GDPR?
The GDPR provides you with the following rights with respect to personal information about you that we collect or process:
- the right to access your personal data
- the right to rectification of inaccurate or incomplete personal data
- the right to erasure of your personal data
- the right to data portability
- the right to restrict the processing of your personal data
- the right to object to certain processing of your information, including automated decision-making and direct marketing
- the right to lodge a complaint with a supervisory authority
Information about how to exercise these rights is provided throughout this notice and linked above. We try to make exercising all of these rights easy to do on your own through your account settings, but for more complicated inquiries the best option will be to contact us.
Does Privacy Guides make international data transfers?
Currently:
- Privacy Guides processes personal data on servers outside the European Union.
- Privacy Guides uses subprocessors with personnel and computers outside the European Union.
- Privacy Guides has personnel in the United States, Australia, and other non-EU countries without EU adequacy decisions under GDPR. These people need access to forum personal data in order to keep forums running, address security concerns, respond to privacy-related requests from users, field technical support requests, and otherwise assist users.
- Privacy Guides is very likely subject to section 702 of the Foreign Intelligence Surveillance Act in the United States, a law that the European Court of Justice has found inadequately protects the rights and freedoms of data subjects.
- Privacy Guides has never received any order or request for personal data under FISA 702 or any similar national security or surveillance law of any other country. Privacy Guides is not subject to any court order or legal obligation that would prevent it from disclosing the existence or non-existence of such an order or request.
- Privacy Guides has a policy for how we will respond to those orders and requests, in case we ever receive one. Privacy Guides will suspend processing, notify any affected user, minimize disclosure, and resist disclosure of personal data, all as the law allows.
Because national security and surveillance laws may be in conflict with European data protection rules, Privacy Guides continually reassesses the practical reach of these laws to ensure our data transfers are adequately safeguarded.
Does Privacy Guides comply with the California Consumer Privacy Act and other US state comprehensive privacy laws?
Privacy Guides is not a "business" for the purposes of the California Consumer Privacy Act (CCPA) or a “controller” directly subject to other US state comprehensive privacy laws.
Privacy Guides never sells your personal information.
Where can I access data about me?
You can see your account data by visiting your profile page on any websites where we offer accounts. Your account profile will also list your posts and other activity on the website.
On the forum, your profile settings include a link to download all of your activity in standard Comma Separated Values format.
If you do not have an account with us but have a data access request, please contact us.
How can I change or erase data about me?
You can change your account data at any time by visiting the profile settings page for your account. You also have the option to delete your profile on the settings page of your account. Utilizing this option begins the process of erasing or anonymizing Privacy Guides' records of data you provided for your account. Forum administrators and moderators also have the option to erase and anonymize accounts.
You may also be able to edit, anonymize, or erase your posts. When you edit posts, Privacy Guides will keep all versions of your posts. These old versions of posts are not public, but may be accessed by forum moderators or administrators.
Does Privacy Guides make automated decisions based on my data?
The Privacy Guides forum classifies posts as spam automatically
We use data about your posts and other posts on many forums to make automated decisions about whether your posts to our websites are likely spam.
If you think a post has been wrongfully blocked or removed, please contact a forum moderator who can override this decision.
The Privacy Guides forum uses data about your posts and activity to set trust levels
We use data about your posts and activity on our forum to award you badges and calculate a trust level for your account. Your trust level may affect how you can participate in the forum, such as whether you can upload images, as well as give you access to moderation and management powers in the forum. Your trust level therefore reflects forum administrators’ confidence in you, and their willingness to delegate community management functions, like moderation.
If you think your trust level has been set incorrectly, contact an administrator of your forum. They can manually adjust the trust level of your account.
The Privacy Guides forum uses community flags to take automated actions
Your posts may be automatically hidden, or your ability to post may be automatically suspended, as a result of your posts being flagged by other users.
These decisions are later reviewed by moderators, who can override these decisions at their discretion.
Does Privacy Guides share data about me with others?
Privacy Guides shares account data with others as described in the section about account data.
Privacy Guides shares data about your posts and other activity as described in the section about forum data.
Subprocessors used by Privacy Guides
Privacy Guides uses the following subprocessors, and may share personal data with the service providers we use in order to host our website, deliver content, secure our services, store data, host and manage our open source website, and provide user support.
| Subprocessor | Service | Function | Processing | Links |
|---|---|---|---|---|
| Bunny.net (Slovenia) | Bunny CDN | Content Delivery Network services for distributing images and other static assets. | Slovenia, Global | Privacy Notice, GDPR Center |
| Cloudflare (USA) | Authoritative DNS | Authoritative DNS services for our domain names. | USA, Global | Privacy Notice, GDPR Center |
| Fediverse Communications LLC (USA) | PeerTube | For hosting public videos produced by Privacy Guides which are shared or embedded on this website. | USA | More information |
| GitHub (USA) | Git Repositories | For visitors to this website: sharing information with our visitors about the current release, repo star count, etc. | USA | Privacy Notice |
| GitHub (USA) | Git Repositories, Issues, Pull Requests | For contributors to this website: hosting our source code and communications platforms such as our issues tracker. | USA | Privacy Notice |
| GitHub (USA) | Sponsors | For collecting payments for gifts to Privacy Guides | USA | Privacy Notice |
| Stripe (USA) | Connect | For certain donations via GitHub Sponsors: payment processing for donations | USA | Privacy Notice, GDPR Center |
| Triplebit (USA) | Object Storage | For hosting static websites and static media content, and distributing static content | USA, Poland | Privacy Notice |
| Triplebit (USA) | Umami Statistics | For compiling aggregated statistics of our website visitor data based on server-side visitor info submissions | USA | Privacy Notice |
| Triplebit (USA) | Virtual Private Servers | For hosting our dynamic websites, storing and processing personal data. | USA | Privacy Notice |
How can I contact Privacy Guides about privacy?
You can send questions, requests, and complaints via email to us at team@privacyguides.org. You may also use Signal or another contact method detailed here to contact us more securely.
For complaints under GDPR more generally, you always have the option to lodge complaints with your local data protection supervisory authorities.
Where do I find out about changes?
This version of Privacy Guides' privacy notice took effect on March 4, 2025.
Privacy Guides will post the next version here: https://www.privacyguides.org/en/about/privacy-policy/.
In future versions, Privacy Guides may change how it announces changes. In the meantime, Privacy Guides may update its contact information without announcing a change. Please refer to https://www.privacyguides.org/en/about/privacy-policy/ for the latest contact information at any time.
A full revision history of this page can be found on GitHub.
In the event that a translated copy of this document conflicts with the English copy, the English copy of this document takes precedence.